aboutsummaryrefslogtreecommitdiffstats
path: root/textproc/ispell/files/patch-sec1
diff options
context:
space:
mode:
authorkris <kris@FreeBSD.org>2001-05-29 14:30:45 +0800
committerkris <kris@FreeBSD.org>2001-05-29 14:30:45 +0800
commit5b02d708ab52def2e7c2c8b9308fbfb52c870a45 (patch)
tree66bdbdbe75d69dff492a9acfb3971de98ea9d7a5 /textproc/ispell/files/patch-sec1
parentdb33d312c0d7e3b451a5676825a6a5c8630a4f6e (diff)
downloadfreebsd-ports-graphics-5b02d708ab52def2e7c2c8b9308fbfb52c870a45.tar.gz
freebsd-ports-graphics-5b02d708ab52def2e7c2c8b9308fbfb52c870a45.tar.zst
freebsd-ports-graphics-5b02d708ab52def2e7c2c8b9308fbfb52c870a45.zip
Create tempfiles securely. Bump PORTREVISION.
Submitted by: Jarno Huuskonen <Jarno.Huuskonen@uku.fi>
Diffstat (limited to 'textproc/ispell/files/patch-sec1')
-rw-r--r--textproc/ispell/files/patch-sec140
1 files changed, 40 insertions, 0 deletions
diff --git a/textproc/ispell/files/patch-sec1 b/textproc/ispell/files/patch-sec1
new file mode 100644
index 00000000000..24632fe5221
--- /dev/null
+++ b/textproc/ispell/files/patch-sec1
@@ -0,0 +1,40 @@
+--- ispell.c-orig Thu May 24 14:52:00 2001
++++ ispell.c Thu May 24 15:00:06 2001
+@@ -802,6 +802,7 @@
+ {
+ struct stat statbuf;
+ char * cp;
++ int fd;
+
+ currentfile = filename;
+
+@@ -835,15 +836,20 @@
+
+ (void) fstat (fileno (infile), &statbuf);
+ (void) strcpy (tempfile, TEMPNAME);
+- if (mktemp (tempfile) == NULL || tempfile[0] == '\0'
+- || (outfile = fopen (tempfile, "w")) == NULL)
+- {
+- (void) fprintf (stderr, CANT_CREATE,
+- (tempfile == NULL || tempfile[0] == '\0')
+- ? "temporary file" : tempfile);
+- (void) sleep ((unsigned) 2);
+- return;
+- }
++
++ if ((fd = mkstemp(tempfile)) == -1) {
++ fprintf(stderr, "Error: Can't create (mkstemp) temporary file\n");
++ sleep(2);
++ return;
++ }
++ if ((outfile = fdopen(fd, "w")) == NULL) {
++ unlink(tempfile);
++ close(fd);
++ fprintf(stderr, "Error: Can't open (fdopen) temporary file\n");
++ sleep(2);
++ return;
++ }
++ /* Is this necessary ? */
+ (void) chmod (tempfile, statbuf.st_mode);
+
+ quit = 0;