adding temp file security fix
This commit is contained in:
parent
492f30ecfc
commit
cf86bbb54a
47
cscope-15.5-tempsec.patch
Normal file
47
cscope-15.5-tempsec.patch
Normal file
@ -0,0 +1,47 @@
|
||||
--- cscope-15.5/src/main.c.orig 2004-11-30 10:47:56.000000000 -0500
|
||||
+++ cscope-15.5/src/main.c 2004-11-30 12:58:13.000000000 -0500
|
||||
@@ -102,6 +102,7 @@
|
||||
#endif
|
||||
char temp1[PATHLEN + 1]; /* temporary file name */
|
||||
char temp2[PATHLEN + 1]; /* temporary file name */
|
||||
+char tempdirpv[PATHLEN +1]; /* private temp directory */
|
||||
long totalterms; /* total inverted index terms */
|
||||
BOOL trun_syms; /* truncate symbols to 8 characters */
|
||||
char tempstring[8192]; /* use this as a buffer, instead of 'yytext',
|
||||
@@ -138,6 +139,7 @@
|
||||
pid_t pid;
|
||||
struct stat stat_buf;
|
||||
struct sigaction winch_action;
|
||||
+ mode_t orig_umask;
|
||||
|
||||
yyin = stdin;
|
||||
yyout = stdout;
|
||||
@@ -344,9 +346,18 @@
|
||||
}
|
||||
|
||||
/* create the temporary file names */
|
||||
+ orig_umask = umask(S_IRWXG|S_IRWXO);
|
||||
pid = getpid();
|
||||
- (void) sprintf(temp1, "%s/cscope%d.1", tmpdir, pid);
|
||||
- (void) sprintf(temp2, "%s/cscope%d.2", tmpdir, pid);
|
||||
+ (void) sprintf(tempdirpv, "%s/cscope.%d", tmpdir, pid);
|
||||
+ if(mkdir(tempdirpv,S_IRWXU))
|
||||
+ {
|
||||
+ fprintf(stderr, "cscope: Could not create private temp dir %s\n",tempdirpv);
|
||||
+ myexit(1);
|
||||
+ }
|
||||
+ umask(orig_umask);
|
||||
+
|
||||
+ (void) sprintf(temp1, "%s/cscope.1", tempdirpv, pid);
|
||||
+ (void) sprintf(temp2, "%s/cscope.2", tempdirpv, pid);
|
||||
|
||||
/* if running in the foreground */
|
||||
if (signal(SIGINT, SIG_IGN) != SIG_IGN) {
|
||||
@@ -848,6 +859,7 @@
|
||||
if (temp1[0] != '\0') {
|
||||
(void) unlink(temp1);
|
||||
(void) unlink(temp2);
|
||||
+ (void) rmdir(tempdirpv);
|
||||
}
|
||||
/* restore the terminal to its original mode */
|
||||
if (incurses == YES) {
|
@ -1,7 +1,7 @@
|
||||
Summary: C source code tree search and browse tool
|
||||
Name: cscope
|
||||
Version: 15.5
|
||||
Release: 8
|
||||
Release: 9
|
||||
Source0: http://unc.dl.sourceforge.net/sourceforge/cscope/cscope-15.5.tar.gz
|
||||
URL: http://cscope.sourceforge.net
|
||||
License: BSD
|
||||
@ -19,6 +19,7 @@ Patch2:cscope-15.5-ocs-dash_s_fix.patch
|
||||
Patch3:cscope-15.5-xcscope-man.patch
|
||||
Patch4:cscope-15.5-inverted.patch
|
||||
Patch5:cscope-15.5-resize.patch
|
||||
Patch6:cscope-15.5-tempsec.patch
|
||||
|
||||
%description
|
||||
cscope is a mature, ncurses based, C source code tree browsing tool. It
|
||||
@ -35,6 +36,7 @@ matches for use in file editing.
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%patch5 -p1
|
||||
%patch6 -p1
|
||||
|
||||
%build
|
||||
%configure
|
||||
@ -83,6 +85,9 @@ rm -f %{xemacs_lisp_path}/xcscope.el
|
||||
rm -f %{emacs_lisp_path}/xcscope.el
|
||||
|
||||
%changelog
|
||||
* Tue Nov 30 2004 Neil Horman <nhorman@redhat.com>
|
||||
- added tempsec patch to fix bz140764/140765
|
||||
|
||||
* Mon Nov 29 2004 Neil Horman <nhorman@redhat.com>
|
||||
- updated cscope resize patch to do less work in
|
||||
signal handler and synced version nr. on dist.
|
||||
|
Loading…
Reference in New Issue
Block a user