rpms / cups

Clone
Source Code
GIT

Blame cups-str3382.patch

2.0 c4 c5 c5-plus c6 c6-plus c7 c7-alt c8-beta enumdest f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f7 f8 f9 master
  1.   c9823cd7e531910331482a1f6a3f6d7f47ba1905
  2.   cups-str3382.patch
Blob History Raw
4743e1 
diff -up cups-1.5b1/cups/tempfile.c.str3382 cups-1.5b1/cups/tempfile.c
4743e1 
--- cups-1.5b1/cups/tempfile.c.str3382	2010-03-24 01:45:34.000000000 +0100
4743e1 
+++ cups-1.5b1/cups/tempfile.c	2011-05-24 16:04:47.000000000 +0200
4743e1 
@@ -33,6 +33,7 @@
Jiří Popelka e9876b 
 #  include <io.h>
Jiří Popelka e9876b 
 #else
Jiří Popelka e9876b 
 #  include <unistd.h>
Jiří Popelka e9876b 
+#  include <sys/types.h>
Jiří Popelka e9876b 
 #endif /* WIN32 || __EMX__ */
Jiří Popelka e9876b
Jiří Popelka e9876b
4743e1 
@@ -54,7 +55,7 @@ cupsTempFd(char *filename,		/* I - Point
Jiří Popelka e9876b 
   char		tmppath[1024];		/* Windows temporary directory */
Jiří Popelka e9876b 
   DWORD		curtime;		/* Current time */
Jiří Popelka e9876b 
 #else
Jiří Popelka e9876b 
-  struct timeval curtime;		/* Current time */
Jiří Popelka e9876b 
+  mode_t	old_umask;		/* Old umask before using mkstemp() */
Jiří Popelka e9876b 
 #endif /* WIN32 */
Jiří Popelka e9876b
Jiří Popelka e9876b
4743e1 
@@ -105,33 +106,25 @@ cupsTempFd(char *filename,		/* I - Point
Jiří Popelka e9876b
Jiří Popelka e9876b 
     snprintf(filename, len - 1, "%s/%05lx%08lx", tmpdir,
Jiří Popelka e9876b 
              GetCurrentProcessId(), curtime);
Jiří Popelka e9876b 
-#else
Jiří Popelka e9876b 
-   /*
Jiří Popelka e9876b 
-    * Get the current time of day...
Jiří Popelka e9876b 
-    */
Jiří Popelka e9876b 
-
Jiří Popelka e9876b 
-    gettimeofday(&curtime, NULL);
Jiří Popelka e9876b 
-
Jiří Popelka e9876b 
-   /*
Jiří Popelka e9876b 
-    * Format a string using the hex time values...
Jiří Popelka e9876b 
-    */
Jiří Popelka e9876b 
-
Jiří Popelka edc04b 
-    snprintf(filename, len - 1, "%s/%05x%08x", tmpdir, (unsigned)getpid(),
Jiří Popelka edc04b 
-             (unsigned)(curtime.tv_sec + curtime.tv_usec + tries));
Jiří Popelka e9876b 
-#endif /* WIN32 */
Jiří Popelka e9876b
Jiří Popelka e9876b 
    /*
Jiří Popelka e9876b 
     * Open the file in "exclusive" mode, making sure that we don't
Jiří Popelka e9876b 
     * stomp on an existing file or someone's symlink crack...
Jiří Popelka e9876b 
     */
Jiří Popelka e9876b
Jiří Popelka e9876b 
-#ifdef WIN32
Jiří Popelka e9876b 
     fd = open(filename, _O_CREAT | _O_RDWR | _O_TRUNC | _O_BINARY,
Jiří Popelka e9876b 
               _S_IREAD | _S_IWRITE);
Jiří Popelka e9876b 
-#elif defined(O_NOFOLLOW)
Jiří Popelka e9876b 
-    fd = open(filename, O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW, 0600);
Jiří Popelka e9876b 
 #else
Jiří Popelka e9876b 
-    fd = open(filename, O_RDWR | O_CREAT | O_EXCL, 0600);
Jiří Popelka e9876b 
+
Jiří Popelka e9876b 
+   /*
Jiří Popelka e9876b 
+    * Use the standard mkstemp() call to make a temporary filename
Jiří Popelka e9876b 
+    * securely.  -- andrew.wood@jdplc.com
Jiří Popelka e9876b 
+    */
Jiří Popelka e9876b 
+    snprintf(filename, len - 1, "%s/cupsXXXXXX", tmpdir);
Jiří Popelka e9876b 
+
Jiří Popelka e9876b 
+    old_umask = umask(0077);
Jiří Popelka e9876b 
+    fd = mkstemp(filename);
Jiří Popelka e9876b 
+    umask(old_umask);
Jiří Popelka e9876b 
 #endif /* WIN32 */
Jiří Popelka e9876b
Jiří Popelka e9876b 
     if (fd < 0 && errno != EEXIST)

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation