Fix mktemp() race conditions.

1997-11-25 21:33:33 +00:00 · 1997-11-25 21:33:33 +00:00 · 2a2c1228df
commit 2a2c1228df
parent 1fdc8c6ae3
5 changed files with 158 additions and 4 deletions
--- a/archivers/zip/patches/patch-aa
+++ b/archivers/zip/patches/patch-aa
@ -1,5 +1,5 @@
-*** zipnote.c.orig	Mon Nov 24 18:28:46 1997
--- zipnote.c	Mon Nov 24 18:29:53 1997
+*** zipnote.c.orig	Mon Apr  1 12:10:51 1996
+--- zipnote.c	Tue Nov 25 16:28:00 1997
 ***************
 *** 403,409 ****
  
@ -69,7 +69,7 @@
      z->com = strlen(z->comment);
      z = z->nxt;                         /* point to next entry */
 ***************
-*** 439,445 ****
+*** 439,452 ****
    if (a != NULL)                        /* change zip file comment */
    {
      zcomment = malloc(1);  *zcomment = 0;
@ -77,7 +77,14 @@
        if ((r = catalloc(&zcomment, a)) != ZE_OK)
          ziperr(r, "was building new comments");
      zcomlen = strlen(zcomment);
--- 439,445 ----
+    }
+  
+    /* Open output zip file for writing */
+!   if ((tempzf = y = fopen(tempzip = tempname(zipfile), FOPW)) == NULL)
+      ziperr(ZE_TEMP, tempzip);
+  
+    /* Open input zip file again, copy preamble if any */
+--- 439,455 ----
    if (a != NULL)                        /* change zip file comment */
    {
      zcomment = malloc(1);  *zcomment = 0;
@ -85,3 +92,13 @@
        if ((r = catalloc(&zcomment, a)) != ZE_OK)
          ziperr(r, "was building new comments");
      zcomlen = strlen(zcomment);
+    }
+  
+    /* Open output zip file for writing */
+!   tempzip = tempname(zipfile, y);
+!   tempzf = y;
+! 
+!   if ((tempzf == NULL) || (tempzip == NULL))
+      ziperr(ZE_TEMP, tempzip);
+  
+    /* Open input zip file again, copy preamble if any */
--- a/archivers/zip/patches/patch-ab
+++ b/archivers/zip/patches/patch-ab
@ -0,0 +1,62 @@
+*** fileio.c.orig	Mon Apr 15 17:28:31 1996
+--- fileio.c	Tue Nov 25 16:29:03 1997
+***************
+*** 596,606 ****
+  }
+  
+  
+! char *tempname(zip)
+  char *zip;              /* path name of zip file to generate temp name for */
+  
+  /* Return a temporary file name in its own malloc'ed space, using tempath. */
+  {
+  #ifdef CMS_MVS
+     return tmpnam(NULL);
+  #else /* !CMS_MVS */
+--- 596,609 ----
+  }
+  
+  
+! char *tempname(zip, fpfp)
+  char *zip;              /* path name of zip file to generate temp name for */
+ FILE *fpfp;
+  
+  /* Return a temporary file name in its own malloc'ed space, using tempath. */
+  {
+    int fdfd;
+ 
+  #ifdef CMS_MVS
+     return tmpnam(NULL);
+  #else /* !CMS_MVS */
+***************
+*** 646,652 ****
+    }
+  #else
+    strcat(t, "ziXXXXXX"); /* must use lowercase for Linux dos file system */
+!   return mktemp(t);
+  #endif
+  #endif /* ?CMS_MVS */
+  }
+--- 649,670 ----
+    }
+  #else
+    strcat(t, "ziXXXXXX"); /* must use lowercase for Linux dos file system */
+!   fdfd = mkstemp(t);
+!   if (fdfd == -1)
+!   {
+! 	free(t);
+! 	return NULL;
+!   }
+! 
+!   fpfp = fdopen(fdfd, "w+");
+!   if (fpfp == NULL)
+!   {
+! 	free(t);
+! 	close(fdfd);
+! 	return NULL;
+!   }
+! 
+!   return t;
+  #endif
+  #endif /* ?CMS_MVS */
+  }
--- a/archivers/zip/patches/patch-ac
+++ b/archivers/zip/patches/patch-ac
@ -0,0 +1,31 @@
+*** zip.c.orig	Tue Nov 25 16:22:01 1997
+--- zip.c	Tue Nov 25 16:23:08 1997
+***************
+*** 1519,1531 ****
+        return 0;
+  #endif
+      }
+!     if ((tempzip = tempname(zipfile)) == NULL) {
+        ziperr(ZE_MEM, "allocating temp filename");
+  #ifdef WIZZIPDLL
+        return 0;
+  #endif
+      }
+!     if ((tempzf = y = fopen(tempzip, FOPW)) == NULL) {
+        ziperr(ZE_TEMP, tempzip);
+  #ifdef WIZZIPDLL
+        return 0;
+--- 1519,1531 ----
+        return 0;
+  #endif
+      }
+!     if ((tempzip = tempname(zipfile, y)) == NULL) {
+        ziperr(ZE_MEM, "allocating temp filename");
+  #ifdef WIZZIPDLL
+        return 0;
+  #endif
+      }
+!     if ((tempzf = y) == NULL) {
+        ziperr(ZE_TEMP, tempzip);
+  #ifdef WIZZIPDLL
+        return 0;
--- a/archivers/zip/patches/patch-ad
+++ b/archivers/zip/patches/patch-ad
@ -0,0 +1,25 @@
+*** zipcloak.c.orig	Tue Nov 25 16:22:20 1997
+--- zipcloak.c	Tue Nov 25 16:24:56 1997
+***************
+*** 342,350 ****
+      attr = getfileattr(zipfile);
+  
+      /* Open output zip file for writing */
+!     if ((tempzf = outzip = fopen(tempzip = tempname(zipfile), FOPW)) == NULL) {
+          ziperr(ZE_TEMP, tempzip);
+-     }
+  
+      /* Get password */
+      if (getp("Enter password: ", passwd, PWLEN+1) == NULL)
+--- 342,352 ----
+      attr = getfileattr(zipfile);
+  
+      /* Open output zip file for writing */
+!     tempzip = tempname(zipfile, outzip);
+!     tempzf = outzip;
+! 
+!     if ((tempzip == NULL) || (outzip == NULL))
+          ziperr(ZE_TEMP, tempzip);
+  
+      /* Get password */
+      if (getp("Enter password: ", passwd, PWLEN+1) == NULL)
--- a/archivers/zip/patches/patch-ae
+++ b/archivers/zip/patches/patch-ae
@ -0,0 +1,19 @@
+*** zip.h.orig	Tue Nov 25 16:25:57 1997
+--- zip.h	Tue Nov 25 16:26:16 1997
+***************
+*** 275,281 ****
+  int replace OF((char *, char *));
+  int getfileattr OF((char *));
+  int setfileattr OF((char *, int));
+! char *tempname OF((char *));
+  int fcopy OF((FILE *, FILE *, ulg));
+  
+  #ifdef ZMEM
+--- 275,281 ----
+  int replace OF((char *, char *));
+  int getfileattr OF((char *));
+  int setfileattr OF((char *, int));
+! char *tempname OF((char *, FILE *));
+  int fcopy OF((FILE *, FILE *, ulg));
+  
+  #ifdef ZMEM