- Fix insecure temporary files

PR: based on 130028 Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> Approved by: maintainer timeout
svn path=/head/; revision=225835
2009-01-12 12:32:51 +00:00 · 2009-01-12 12:32:51 +00:00 · 12049643e6 · 2021-03-31 03:12:20 +00:00
commit 12049643e6
parent cbfb20634d
4 changed files with 121 additions and 16 deletions
--- a/print/pdfjam/Makefile
+++ b/print/pdfjam/Makefile
@ -7,7 +7,7 @@

 PORTNAME=	pdfjam
 PORTVERSION=	1.20
-PORTREVISION=	3
+PORTREVISION=	4
 CATEGORIES=	print
 MASTER_SITES=	http://www2.warwick.ac.uk/fac/sci/statistics/staff/academic/firth/software/pdfjam/ \
 		http://www.it.ca/~paul/src/
@ -17,8 +17,7 @@ EXTRACT_SUFX=	.tgz
 MAINTAINER=	paul+ports@it.ca
 COMMENT=	Shell scripts to manipulate PDF files

-RUN_DEPENDS=	pdflatex:${PORTSDIR}/print/teTeX-base \
-		bash:${PORTSDIR}/shells/bash
+RUN_DEPENDS=	pdflatex:${PORTSDIR}/print/teTeX-base

 WRKSRC=		${WRKDIR}/${PORTNAME}

@ -31,7 +30,7 @@ NO_BUILD=	yes
 post-patch:
 	@${LN} -s scripts ${WRKSRC}/bin
 .for FILE in ${PLIST_FILES}
-	@${SED} -i '' "1s:^#! /bin/sh:#!${LOCALBASE}/bin/bash:;s:__LOCALBASE__:${LOCALBASE}:" ${WRKSRC}/${FILE}
+	@${REINPLACE_CMD} -e"s|__LOCALBASE__|${LOCALBASE}|g" ${WRKSRC}/${FILE}
 .endfor

 do-install:
--- a/print/pdfjam/files/patch-scripts-pdf90
+++ b/print/pdfjam/files/patch-scripts-pdf90
@ -1,11 +1,47 @@
--- scripts/pdf90.orig	Tue Jan 25 14:19:21 2005
-+++ scripts/pdf90	Wed Mar 16 09:16:35 2005
-@@ -23,7 +23,7 @@
+--- scripts/pdf90.orig        2005-01-25 22:19:21.000000000 +0300
+++ scripts/pdf90     2008-12-29 20:00:05.000000000 +0300
+@@ -23,12 +23,18 @@
 ##  
 ##  First say where your "pdflatex" program lives:
 ##
 -pdflatex=pdflatex
-+pdflatex=__LOCALBASE__/bin/pdflatex
+pdflatex="__LOCALBASE__"/bin/pdflatex
 #pdflatex="pdflatex.exe"    ## this for Windows computers
 ##
 ##  Next a permitted location for temporary files on your system:
+ ##
+-tempfileDir="/var/tmp" ## /var/tmp is standard on most unix systems
+## /var/tmp is standard on most unix systems
+tempfileDir=`mktemp -dq /var/tmp/pdf90.XXXXXXXX`
+if [ -z "$tempfileDir" ]; then
+	echo "pdf90: unable to create temporary directory"
+	exit 2
+fi
+trap "rm -rf -- \"$tempfileDir\"" 0 1 2 3 15
+ #tempfileDir="C:/tmp"  ## use something like this under Windows
+ ##
+ ##  Now specify the default settings for pdf90:
+@@ -43,12 +49,12 @@
+ for d in /etc /usr/share/etc /usr/local/share /usr/local/etc
+ do if test -f $d/pdfnup.conf; then
+    echo "Reading site configuration from $d/pdfnup.conf"
+-   source $d/pdfnup.conf
+   . $d/pdfnup.conf
+    fi 
+ done
+ if test -f ~/.pdfnup.conf; then 
+    echo "Reading user defaults from ~/.pdfnup.conf";
+-   source ~/.pdfnup.conf; 
+   . ~/.pdfnup.conf; 
+ fi
+ #######################################################################
+ ##
+@@ -71,7 +77,7 @@
+ ##
+ ##  Check that necessary LaTeX packages are installed
+ ##
+-PATH=`dirname "$pdflatex"`:$PATH
+PATH="$PATH":"__LOCALBASE__"/bin
+ export PATH
+ case `kpsewhich pdfpages.sty` in
+ 	"") echo "pdf90: pdfpages.sty not installed"; exit 1;;
--- a/print/pdfjam/files/patch-scripts-pdfjoin
+++ b/print/pdfjam/files/patch-scripts-pdfjoin
@ -1,11 +1,46 @@
--- scripts/pdfjoin.orig	Tue Jan 25 14:19:21 2005
-+++ scripts/pdfjoin	Wed Mar 16 09:16:42 2005
-@@ -23,7 +23,7 @@
+--- scripts/pdfjoin.orig	2005-01-25 22:19:21.000000000 +0300
+++ scripts/pdfjoin	2008-12-29 20:00:05.000000000 +0300
+@@ -23,12 +23,17 @@
 ##  
 ##  First say where your "pdflatex" program lives:
 ##
 -pdflatex=pdflatex
-+pdflatex=__LOCALBASE__/bin/pdflatex
+pdflatex="__LOCALBASE__"/bin/pdflatex
 #pdflatex="pdflatex.exe"    ## this for Windows computers
 ##
 ##  Next a permitted location for temporary files on your system:
+ ##
+-tempfileDir="/var/tmp" ## /var/tmp is standard on most unix systems
+## /var/tmp is standard on most unix systems
+tempfileDir=`mktemp -dq /var/tmp/pdfjoin.XXXXXXXX`
+if [ -z "$tempfileDir" ]; then
+	echo "pdfjoin: unable to create temporary directory"
+	exit 2
+fi
+ #tempfileDir="C:/tmp"  ## use something like this under Windows
+ ##
+ ##  Now specify the default settings for pdfjoin:
+@@ -50,12 +55,12 @@
+ for d in /etc /usr/share/etc /usr/local/share /usr/local/etc
+ do if test -f $d/pdfnup.conf; then
+    echo "Reading site configuration from $d/pdfnup.conf"
+-   source $d/pdfnup.conf
+   . $d/pdfnup.conf
+    fi 
+ done
+ if test -f ~/.pdfnup.conf; then 
+    echo "Reading user defaults from ~/.pdfnup.conf";
+-   source ~/.pdfnup.conf; 
+   . ~/.pdfnup.conf; 
+ fi
+ #######################################################################
+ ##
+@@ -99,7 +104,7 @@
+ ##
+ ##  Check that necessary LaTeX packages are installed
+ ##
+-PATH=`dirname "$pdflatex"`:$PATH
+PATH="$PATH":"__LOCALBASE__"/bin
+ export PATH
+ case `kpsewhich pdfpages.sty` in
+ 	"") echo "pdfjoin: pdfpages.sty not installed"; exit 1;;
--- a/print/pdfjam/files/patch-scripts-pdfnup
+++ b/print/pdfjam/files/patch-scripts-pdfnup
@ -1,11 +1,46 @@
--- scripts/pdfnup.orig	Tue Jan 25 14:19:21 2005
-+++ scripts/pdfnup	Wed Mar 16 09:17:40 2005
-@@ -23,7 +23,7 @@
+--- scripts/pdfnup.orig	2005-01-25 22:19:21.000000000 +0300
+++ scripts/pdfnup	2008-12-29 20:00:44.000000000 +0300
+@@ -23,12 +23,17 @@
 ##  
 ##  First say where your "pdflatex" program lives:
 ##
 -pdflatex=pdflatex
-+pdflatex=__LOCALBASE__/bin/pdflatex
+pdflatex="__LOCALBASE__"/bin/pdflatex
 #pdflatex="pdflatex.exe"    ## this for Windows computers
 ##
 ##  Next a permitted location for temporary files on your system:
+ ##
+-tempfileDir="/var/tmp" ## /var/tmp is standard on many unix systems
+## /var/tmp is standard on most unix systems
+tempfileDir=`mktemp -dq /var/tmp/pdfnup.XXXXXXXX`
+if [ -z "$tempfileDir" ]; then
+	echo "pdfnup: unable to create temporary directory"
+	exit 2
+fi
+ #tempfileDir="C:/tmp"  ## use something like this under Windows
+ ##
+ ##  Now specify the default settings for pdfnup:
+@@ -57,12 +62,12 @@
+ for d in /etc /usr/share/etc /usr/local/share /usr/local/etc
+ do if test -f $d/pdfnup.conf; then
+      echo "Reading site configuration from $d/pdfnup.conf"
+-     source $d/pdfnup.conf
+     . $d/pdfnup.conf
+    fi 
+ done
+ if test -f ~/.pdfnup.conf; then 
+    echo "Reading user defaults from ~/.pdfnup.conf";
+-   source ~/.pdfnup.conf; 
+   . ~/.pdfnup.conf; 
+ fi
+ #######################################################################
+ ##
+@@ -134,7 +139,7 @@
+ ##
+ ##  Check that necessary LaTeX packages are installed
+ ##
+-PATH=`dirname "$pdflatex"`:$PATH
+PATH="$PATH":"__LOCALBASE__"/bin
+ export PATH
+ case `kpsewhich pdfpages.sty` in
+ 	"") echo "pdfnup: pdfpages.sty not installed"; exit 1;;