PATCH: Safe tempfile handling for send-pr v4

public inbox for gnats-devel@sourceware.org
 help / color / mirror / Atom feed

* PATCH: Safe tempfile handling for send-pr v4
@ 2001-05-13  9:57 Yngve Svendsen
  0 siblings, 0 replies; only message in thread
From: Yngve Svendsen @ 2001-05-13  9:57 UTC (permalink / raw)
  To: gnats-devel; +Cc: Milan Zamazal

The following set of patches for the current version 4 CVS changes send-pr 
to use the mktemp command when generating temporary files, averting 
possible symlink attacks and making race conditions less likely.

On systems that do not have mktemp, the behaviour is unchanged.

Yngve Svendsen
IS Engineer
Clustra AS, Trondheim, Norway
yngve.svendsen@clustra.com



configure.in: Check for the mktemp command and set HAVE_MKTEMP accordingly.
configure: Regenerated.
Makefile.in: Substitute xHAVE_MKTEMPx
send-pr.sh: Use mktemp to generate temp files safely on platforms
where it is available.


Index: configure.in
===================================================================
RCS file: /cvs/gnats/gnats/send-pr/configure.in,v
retrieving revision 1.3
diff -u -p -r1.3 configure.in
--- configure.in	2000/01/05 02:46:25	1.3
+++ configure.in	2001/05/13 15:02:34
@@ -17,6 +17,8 @@ AC_ECHON
  AC_LISPDIR
  AC_PASSWD

+AC_CHECK_PROG(HAVE_MKTEMP, mktemp, yes, no)
+
  SUBMITTER=unknown
  DEFAULT_ORGANIZATION=unknown



Index: configure
===================================================================
RCS file: /cvs/gnats/gnats/send-pr/configure,v
retrieving revision 1.4
diff -u -p -r1.4 configure
--- configure	2000/01/05 02:46:25	1.4
+++ configure	2001/05/13 15:05:00
@@ -676,11 +676,42 @@ fi
  test -n "$verbose" && echo "	setting PASSWD to ${PASSWD}"


+# Extract the first word of "mktemp", so it can be a program name with args.
+set dummy mktemp; ac_word=$2
+echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
+echo "configure:683: checking for $ac_word" >&5
+if eval "test \"`echo '$''{'ac_cv_prog_HAVE_MKTEMP'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  if test -n "$HAVE_MKTEMP"; then
+  ac_cv_prog_HAVE_MKTEMP="$HAVE_MKTEMP" # Let the user override the test.
+else
+  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
+  ac_dummy="$PATH"
+  for ac_dir in $ac_dummy; do
+    test -z "$ac_dir" && ac_dir=.
+    if test -f $ac_dir/$ac_word; then
+      ac_cv_prog_HAVE_MKTEMP="yes"
+      break
+    fi
+  done
+  IFS="$ac_save_ifs"
+  test -z "$ac_cv_prog_HAVE_MKTEMP" && ac_cv_prog_HAVE_MKTEMP="no"
+fi
+fi
+HAVE_MKTEMP="$ac_cv_prog_HAVE_MKTEMP"
+if test -n "$HAVE_MKTEMP"; then
+  echo "$ac_t""$HAVE_MKTEMP" 1>&6
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+
  SUBMITTER=unknown
  DEFAULT_ORGANIZATION=unknown

  echo $ac_n "checking for --with-submitter""... $ac_c" 1>&6
-echo "configure:684: checking for --with-submitter" >&5
+echo "configure:715: checking for --with-submitter" >&5
  if test -n "$with_submitter" ; then
      echo "$ac_t""$with_submitter" 1>&6
      SUBMITTER="$with_submitter"
@@ -689,7 +720,7 @@ else
  fi

  echo $ac_n "checking for --with-organization""... $ac_c" 1>&6
-echo "configure:693: checking for --with-organization" >&5
+echo "configure:724: checking for --with-organization" >&5
  if test -n "$with_organization" ; then
      echo "$ac_t""$with_organization" 1>&6
      DEFAULT_ORGANIZATION="$with_organization"
@@ -874,6 +905,7 @@ s%@SUBMITTER@%$SUBMITTER%g
  s%@ECHON@%$ECHON%g
  s%@LISPDIR@%$LISPDIR%g
  s%@PASSWD@%$PASSWD%g
+s%@HAVE_MKTEMP@%$HAVE_MKTEMP%g

  CEOF
  EOF


Index: Makefile.in
===================================================================
RCS file: /cvs/gnats/gnats/send-pr/Makefile.in,v
retrieving revision 1.6
diff -u -p -r1.6 Makefile.in
--- Makefile.in	2001/01/24 22:51:16	1.6
+++ Makefile.in	2001/05/13 15:01:56
@@ -40,6 +40,9 @@ DEFAULT_MAIL_AGENT = @DEFAULT_MAIL_AGENT
  # Command line to display the passwd database
  PASSWD = @PASSWD@

+# Do we have the mktemp command?
+HAVE_MKTEMP = @HAVE_MKTEMP@
+
  # What to install
  SEND_PR_INSTALL = install-norm
  SEND_PR_INSTALL_ARCH_DEP = install-norm-arch-dep
@@ -126,6 +129,7 @@ send-pr: send-pr.sh Makefile
  	    -e 's,xECHONx,$(ECHON),' \
  	    -e 's,xMAIL_AGENTx,$(DEFAULT_MAIL_AGENT),' \
  	    -e 's,xPASSWDx,$(PASSWD),' \
+	    -e 's,xHAVE_MKTEMPx,$(HAVE_MKTEMP),' \
  	    -e 's%xDEFAULT_ORGANIZATIONx%$(DEFAULT_ORGANIZATION)%' \
  	    -e 's,xDEFAULT_RELEASEx,$(DEFAULT_RELEASE),' \
              -e 's,xBINDIRx,$(bindir),g' \



Index: send-pr.sh
===================================================================
RCS file: /cvs/gnats/gnats/send-pr/send-pr.sh,v
retrieving revision 1.16
diff -u -p -r1.16 send-pr.sh
--- send-pr.sh	2001/04/08 18:28:25	1.16
+++ send-pr.sh	2001/05/13 16:34:21
@@ -43,6 +43,9 @@ DEFAULT_ORGANIZATION="xDEFAULT_ORGANIZAT
  # How to read the passwd database.
  PASSWD="xPASSWDx"

+# Do we have the mktemp command available?
+HAVE_MKTEMP="xHAVE_MKTEMPx"
+
  ECHON=xECHONx

  # By default send-pr connects directly to the database.  However, it
@@ -94,16 +97,36 @@ else
      TMPDIR="`echo $TMPDIR | sed -e 's,/$,,'`"
    fi
  fi
+
+# TEMP:   Temporary copy of the PR, to be edited by the user.
+# BAD:    The PR will end up here if the user aborts.
+# REF:    The 'reference' copy of the PR template, used to verify that the 
user
+#         actually did edit the template.
+# FIXFIL: A sed script used to remove comments from the template before 
processing.
+
+if [ $HAVE_MKTEMP = yes ]; then
+    TEMP=`mktemp $TMPDIR/pXXXXXX` || exit 1
+    BAD=`mktemp $TMPDIR/pbadXXXXXX` || exit 1
+    REF=`mktemp $TMPDIR/pfXXXXXX` || exit 1
+	FIXFIL=`mktemp $TMPDIR/fixXXXXXX` || exit 1
+else
+    TEMP=$TMPDIR/p$$
+    BAD=$TMPDIR/pbad$$
+    REF=$TMPDIR/pf$$
+	FIXFIL=$TMPDIR/fix$$
+    bad_temp=0
+    : > $TEMP0 || bad_temp=1
+    : > $TEMP || bad_temp=1
+    : > $BAD || bad_temp=1
+    : > $REF || bad_temp=1
+	: > $FIXFIL || bad_temp=1
+    if [ $bad_temp = 1 ]; then
+        rm -f $TEMP $BAD $REF $FIXFIL
+        exit 1;
+    fi
+fi
+REMOVE_TEMP="rm -f $TEMP $BAD $REF"

-# Temporary copy of the PR, to be edited by the user.
-TEMP=$TMPDIR/p$$
-# The PR will end up here if the user aborts.
-BAD=$TMPDIR/pbad$$
-# The 'reference' copy of the PR template, used to verify that the user
-# actually did edit the template.
-REF=$TMPDIR/pf$$
-# A sed script used to remove comments from the template before processing.
-FIXFIL=$TMPDIR/fix$$

  # find a user name
  if [ "$LOGNAME" = "" ]; then



Index: ChangeLog
===================================================================
RCS file: /cvs/gnats/gnats/send-pr/ChangeLog,v
retrieving revision 1.18
diff -u -p -r1.18 ChangeLog
--- ChangeLog	2001/04/15 18:04:05	1.18
+++ ChangeLog	2001/05/13 16:43:19
@@ -1,3 +1,12 @@
+2001-05-13  Yngve Svendsen  <yngve.svendsen@clustra.com>
+
+	* configure.in: Check for the mktemp command and set HAVE_MKTEMP
+	accordingly.
+	configure: Regenerated.
+	Makefile.in: Substitute xHAVE_MKTEMPx
+	send-pr.sh: Use mktemp to generate temp files safely on platforms
+	where it is available.
+
  2001-04-15  Milan Zamazal  <pdm@zamazal.org>

  	* send-pr-el.in (gnats::get-config): Buffer checking fixed (Debian

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2001-05-13  9:57 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2001-05-13  9:57 PATCH: Safe tempfile handling for send-pr v4 Yngve Svendsen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).