- psset.patch

[packages/a2ps.git] / a2ps-security.patch

--- a2ps-4.13/lib/routines.c~   1999-10-16 06:46:37.000000000 +0200
+++ a2ps-4.13/lib/routines.c    2003-08-21 09:58:57.361425544 +0200
@@ -242,3 +242,50 @@
   /* Don't complain if you can't unlink.  Who cares of a tmp file? */
   unlink (filename);
 }
+
+/*
+ * Securely generate a temp file, and make sure it gets
+ * deleted upon exit.
+ */
+static char ** tempfiles = NULL;
+static unsigned        ntempfiles = 0;
+
+static void
+cleanup_tempfiles()
+{
+       while (ntempfiles--)
+               unlink(tempfiles[ntempfiles]);
+}
+
+char *
+safe_tempnam(const char *pfx)
+{
+       char    *dirname, *filename;
+       int     fd;
+
+       if (!(dirname = getenv("TMPDIR")))
+               dirname = "/tmp";
+
+       tempfiles = (char **) realloc(tempfiles,
+                       (ntempfiles+1) * sizeof(char *));
+       if (tempfiles == NULL)
+               return NULL;
+
+       filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX"));
+       if (!filename)
+               return NULL;
+
+       sprintf(filename, "%s/%sXXXXXX", dirname, pfx);
+
+       if ((fd = mkstemp(filename)) < 0) {
+               free(filename);
+               return NULL;
+       }
+       close(fd);
+
+       if (ntempfiles == 0)
+               atexit(cleanup_tempfiles);
+       tempfiles[ntempfiles++] = filename;
+
+       return filename;
+}
--- a2ps-4.13/lib/routines.h~   1999-10-18 22:24:41.000000000 +0200
+++ a2ps-4.13/lib/routines.h    2003-08-21 09:55:11.500761584 +0200
@@ -255,7 +255,7 @@
 /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */
 #define tempname_ensure(Str)                           \
 do {                                                   \
-  (Str) = (Str) ? (Str) : tempnam (NULL, "a2_");       \
+  (Str) = (Str) ? (Str) : safe_tempnam("a2_");         \
 } while (0)
-
+char * safe_tempnam(const char *);
 #endif