cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix insecure temp file creation as noted on BugTraq.

Browse Source 
From: SILC CVS via zoran ivanic <zoc at 5mm dot org>
This commit is contained in:
brad 2005-09-05 16:12:50 +00:00
parent c063a5bfac
commit 072619527f
2 changed files with 18 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
net/silc-server/Makefile
View File

@ -1,9 +1,9 @@
# $OpenBSD: Makefile,v 1.22 2005/08/17 16:02:08 brad Exp $ # $OpenBSD: Makefile,v 1.23 2005/09/05 16:12:50 brad Exp $
COMMENT= "Secure Internet Live Conferencing (SILC) server" COMMENT= "Secure Internet Live Conferencing (SILC) server"
DISTNAME= silc-server-1.0 DISTNAME= silc-server-1.0
PKGNAME= ${DISTNAME}p2 PKGNAME= ${DISTNAME}p3
CATEGORIES= net CATEGORIES= net
HOMEPAGE= http://www.silcnet.org/ HOMEPAGE= http://www.silcnet.org/

16
net/silc-server/patches/patch-apps_silcd_silcd_c Normal file
View File

@ -0,0 +1,16 @@
$OpenBSD: patch-apps_silcd_silcd_c,v 1.1 2005/09/05 16:12:50 brad Exp $
--- apps/silcd/silcd.c.orig Mon Sep 5 10:38:25 2005
+++ apps/silcd/silcd.c Mon Sep 5 11:07:06 2005
@@ -264,9 +264,9 @@ SILC_TASK_CALLBACK(dump_stats)
char filename[256];
memset(filename, 0, sizeof(filename));
- snprintf(filename, sizeof(filename) - 1, "/tmp/silcd.%d.stats", getpid());
- fdd = fopen(filename, "w+");
- if (!fdd)
+ snprintf(filename, sizeof(filename) - 1, "/tmp/silcd.%d.stats-XXXXXX", getpid());
+ fdd = mkstemp(filename);
+ if (fdd == -1)
return;
#define STAT_OUTPUT(fmt, stat) fprintf(fdd, fmt "\n", (int)stat);