From a8f045be982c023698b4cd80e3fd19735b01383f Mon Sep 17 00:00:00 2001 From: kleink Date: Fri, 25 Jan 2002 18:57:58 +0000 Subject: Update to 1.6.1nb1: fix temporary file creation vulnerability; from Tim Waugh via Debian. --- print/enscript/Makefile | 3 ++- print/enscript/distinfo | 4 ++- print/enscript/patches/patch-aa | 45 ++++++++++++++++++++++++++++++++ print/enscript/patches/patch-ab | 57 +++++++++++++++++++++++++++++++++++++++++ 4 files changed, 107 insertions(+), 2 deletions(-) create mode 100644 print/enscript/patches/patch-aa create mode 100644 print/enscript/patches/patch-ab (limited to 'print/enscript') diff --git a/print/enscript/Makefile b/print/enscript/Makefile index 26c1422d35b..c9f6267da33 100644 --- a/print/enscript/Makefile +++ b/print/enscript/Makefile @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.19 2001/09/27 23:18:36 jlam Exp $ +# $NetBSD: Makefile,v 1.20 2002/01/25 18:57:58 kleink Exp $ # FreeBSD Id: Makefile,v 1.4 1997/11/27 08:10:30 tg Exp # DISTNAME= enscript-1.6.1 +PKGREVISION= 1 CATEGORIES= print MASTER_SITES= ${MASTER_SITE_GNU:=enscript/} diff --git a/print/enscript/distinfo b/print/enscript/distinfo index 1a50d28cb95..0976df97a9c 100644 --- a/print/enscript/distinfo +++ b/print/enscript/distinfo @@ -1,4 +1,6 @@ -$NetBSD: distinfo,v 1.2 2001/04/20 12:41:49 agc Exp $ +$NetBSD: distinfo,v 1.3 2002/01/25 18:57:59 kleink Exp $ SHA1 (enscript-1.6.1.tar.gz) = f99e21a8366baf331daaa6675d7c9d2dc026eb27 Size (enscript-1.6.1.tar.gz) = 645856 bytes +SHA1 (patch-aa) = 7cab0636de9b4551391a6c2753eaf0c8c2a01679 +SHA1 (patch-ab) = 1cb3f286421dc772475246617ec270d887971018 diff --git a/print/enscript/patches/patch-aa b/print/enscript/patches/patch-aa new file mode 100644 index 00000000000..5c91ded87fe --- /dev/null +++ b/print/enscript/patches/patch-aa @@ -0,0 +1,45 @@ +$NetBSD: patch-aa,v 1.1 2002/01/25 18:58:02 kleink Exp $ + +--- src/main.c.orig Thu Jun 25 10:26:00 1998 ++++ src/main.c Fri Jan 25 19:35:40 2002 +@@ -642,7 +642,6 @@ + * Print Table of Contents page. + */ + int toc = 0; +-char toc_fname[512]; + FILE *toc_fp; + char *toc_fmt_string; + +@@ -1429,19 +1428,10 @@ + /* Table of Contents. */ + if (toc) + { +- cp = tmpnam (toc_fname); +- if (cp == NULL) ++ toc_fp = tmpfile (); ++ if (toc_fp == NULL) + FATAL ((stderr, _("couldn't create toc file name: %s"), + strerror (errno))); +- +- toc_fp = fopen (toc_fname, "w+b"); +- if (toc_fp == NULL) +- FATAL ((stderr, _("couldn't create toc file \"%s\": %s"), +- toc_fname, strerror (errno))); +- +- if (remove (toc_fname) == 0) +- /* Remove successfull, no need to remove file at exit. */ +- toc_fname[0] = '\0'; + } + + +@@ -1519,10 +1509,6 @@ + + /* Clean up toc file. */ + fclose (toc_fp); +- +- /* Do we have to remove the toc file? */ +- if (toc_fname[0]) +- (void) remove (toc_fname); + } + + /* Give trailer a chance to dump itself. */ diff --git a/print/enscript/patches/patch-ab b/print/enscript/patches/patch-ab new file mode 100644 index 00000000000..12d40ccb4bd --- /dev/null +++ b/print/enscript/patches/patch-ab @@ -0,0 +1,57 @@ +$NetBSD: patch-ab,v 1.1 2002/01/25 18:58:02 kleink Exp $ + +--- src/psgen.c.orig Thu Jun 25 09:18:54 1998 ++++ src/psgen.c Fri Jan 25 19:39:07 2002 +@@ -2398,7 +2398,7 @@ + read_float (InputStream *is, int units, int horizontal) + { + char buf[256]; +- int i, ch; ++ int i, ch = 0; + double val; + + for (i = 0; (i < sizeof (buf) - 1 +@@ -2618,31 +2618,15 @@ + static void + divert () + { +- char *cp; +- + assert (divertfp == NULL); + + /* Open divert file. */ + +- cp = tempnam (NULL, "ens"); +- if (cp == NULL) +- FATAL ((stderr, _("couldn't create divert file name: %s"), +- strerror (errno))); +- +- strcpy (divertfname, cp); +- +- divertfp = fopen (divertfname, "w+b"); ++ divertfp = tmpfile (); + if (divertfp == NULL) + FATAL ((stderr, _("couldn't create divert file \"%s\": %s"), divertfname, + strerror (errno))); + +- if (remove (divertfname) == 0) +- /* Remove successfull, no need to remove file in undivert(). */ +- divertfname[0] = '\0'; +- +- /* Free the buffer allocated by tempnam(). */ +- free (cp); +- + cofp = divertfp; + } + +@@ -2696,10 +2680,6 @@ + + fclose (divertfp); + divertfp = NULL; +- +- /* Do we have to remove the divert file? */ +- if (divertfname[0]) +- (void) remove (divertfname); + + cofp = ofp; + } -- cgit v1.2.3