rcs/rcs-5.7-security.patch

65 lines
1.3 KiB
Diff

--- rcs-5.7/src/rcsfnms.c.security Fri Jun 16 08:19:24 1995
+++ rcs-5.7/src/rcsfnms.c Fri Jan 5 10:00:21 2001
@@ -258,19 +258,57 @@
};
#if has_mktemp
+static char tmppath[1024];
+
+ static void
+tmpcleanup()
+{
+ /* For now, assume that all temp files get
+ * removed before we are invoked */
+ rmdir(tmppath);
+}
+
static char const *tmp P((void));
static char const *
tmp()
/* Yield the name of the tmp directory. */
{
- static char const *s;
- if (!s
- && !(s = cgetenv("TMPDIR")) /* Unix tradition */
+ const char *s;
+
+ if (tmppath[0])
+ return tmppath;
+
+ if (!(s = cgetenv("TMPDIR")) /* Unix tradition */
&& !(s = cgetenv("TMP")) /* DOS tradition */
&& !(s = cgetenv("TEMP")) /* another DOS tradition */
)
s = TMPDIR;
- return s;
+
+ if (strlen(s) > sizeof(tmppath) - 11)
+ s = TMPDIR;
+
+#if defined(__GLIBC_PREREQ) && __GLIBC_PREREQ(2, 2)
+ snprintf(tmppath, sizeof(tmppath), "%s/rcsXXXXXX", s);
+ if (!mkdtemp(tmppath) || !tmppath[0])
+ goto failed;
+#else
+ while (1) {
+ snprintf(tmppath, sizeof(tmppath), "%s/rcsXXXXXX", s);
+ if (!mktemp(tmppath) || !tmppath[0])
+ goto failed;
+ if (mkdir(tmppath, 0700) >= 0)
+ break;
+ if (errno != EEXIST)
+ goto failed;
+ }
+#endif
+
+ atexit(tmpcleanup);
+ return tmppath;
+
+failed:
+ perror("Unable to create temp directory");
+ exit(123);
}
#endif