--- a2ps-4.13/lib/routines.c.security	Sat Oct 16 05:46:37 1999

+++ a2ps-4.13/lib/routines.c	Mon Feb 12 17:45:15 2001

@@ -242,3 +242,50 @@

   /* Don't complain if you can't unlink.  Who cares of a tmp file? */

   unlink (filename);

 }

+

+/*

+ * Securely generate a temp file, and make sure it gets

+ * deleted upon exit.

+ */

+static char **	tempfiles;

+static unsigned	ntempfiles;

+

+static void

+cleanup_tempfiles()

+{

+	while (ntempfiles--)

+		unlink(tempfiles[ntempfiles]);

+}

+

+char *

+safe_tempnam(const char *pfx)

+{

+	char	*dirname, *filename;

+	int	fd;

+

+	if (!(dirname = getenv("TMPDIR")))

+		dirname = "/tmp";

+

+	tempfiles = (char **) realloc(tempfiles,

+			(ntempfiles+1) * sizeof(char *));

+	if (tempfiles == NULL)

+		return NULL;

+

+	filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX"));

+	if (!filename)

+		return NULL;

+

+	sprintf(filename, "%s/%sXXXXXX", dirname, pfx);

+

+	if ((fd = mkstemp(filename)) < 0) {

+		free(filename);

+		return NULL;

+	}

+	close(fd);

+

+	if (ntempfiles == 0)

+		atexit(cleanup_tempfiles);

+	tempfiles[ntempfiles++] = filename;

+

+	return filename;

+}

--- a2ps-4.13/lib/routines.h.security	Mon Oct 18 21:24:41 1999

+++ a2ps-4.13/lib/routines.h	Mon Feb 12 17:39:30 2001

@@ -255,7 +255,8 @@

 /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */

 #define tempname_ensure(Str)				\

 do {							\

-  (Str) = (Str) ? (Str) : tempnam (NULL, "a2_");	\

+  (Str) = (Str) ? (Str) : safe_tempnam("a2_");	\

 } while (0)

+char * safe_tempnam(const char *);

 #endif