kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Replace all uses of mktemp() with mkstemp() and close PR 23640.

Browse source
This commit is contained in:
ben 2003-12-05 05:40:32 +00:00
parent 1b646f871d
commit f9af6913a6
8 changed files with 222 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
security/tripwire/Makefile
View file

@ -1,8 +1,8 @@
# $NetBSD: Makefile,v 1.16 2003/12/03 21:18:09 ben Exp $
# $NetBSD: Makefile,v 1.17 2003/12/05 05:40:32 ben Exp $
#
DISTNAME= tripwire-1.2
PKGREVISION= 1
PKGREVISION= 2
CATEGORIES= security
MASTER_SITES= ftp://coast.cs.purdue.edu/pub/tools/unix/ids/tripwire/

9
security/tripwire/distinfo
View file

@ -1,8 +1,13 @@
$NetBSD: distinfo,v 1.5 2003/12/03 21:18:09 ben Exp $
$NetBSD: distinfo,v 1.6 2003/12/05 05:40:32 ben Exp $
SHA1 (tripwire-1.2.tar.gz) = 6fc91e25b3e1af3881fd5b6acf240ab6c1133e38
Size (tripwire-1.2.tar.gz) = 299831 bytes
SHA1 (patch-aa) = 37e41b99fbd437cc62b1446545f963d03e91e819
SHA1 (patch-ab) = 186edaa504e6e1a7edadb2168982b9b8a2482bac
SHA1 (patch-ac) = 35b3fe52f497e6cbbf7edfeaee398f0d24aff219
SHA1 (patch-ad) = 92fe68b5cb929dfc16b767e28d72852428246a32
SHA1 (patch-ad) = 4b8ad8d0cd7c17a8f3a655c5a574856670533ea5
SHA1 (patch-ae) = 18fe18ded565476a80b9280054cdf7f90403588e
SHA1 (patch-af) = 968df5d2ea577a8fde9c5aafa43d9fb1e4efde54
SHA1 (patch-ag) = 3bfc6965782d727b6b5cf20da4dd44e45327925f
SHA1 (patch-ah) = 97eccc44190e165dbf174f04c3acab5f1b442bc7
SHA1 (patch-ai) = 51075e32a7523a8d1691aa41336fe46b671fa865

27
security/tripwire/patches/patch-ad
View file

@ -1,10 +1,8 @@
$NetBSD: patch-ad,v 1.1 2000/07/14 08:59:37 agc Exp $
$NetBSD: patch-ad,v 1.2 2003/12/05 05:40:32 ben Exp $
On NetBSD, st_size is a 64-bit quantity.
--- src/utils.c 1994/07/25 16:23:16 1.23
+++ src/utils.c 2000/07/14 08:53:49
@@ -697,8 +697,13 @@
--- src/utils.c.orig 1994-07-25 09:23:16.000000000 -0700
+++ src/utils.c
@@ -697,8 +697,13 @@ direntry_print (name, statbuf, mode)
print_perm((uint32)statbuf.st_mode);
@ -18,3 +16,20 @@ On NetBSD, st_size is a 64-bit quantity.
printf(" %s\n", name);
}
@@ -789,13 +794,10 @@ fd_tempfilename_generate()
int fd;
(void) strcpy(tmp, TEMPFILE_TEMPLATE);
- if ((char *) mktemp(tmp) == NULL) {
- perror("tempfilename_generate: mktemp()");
- exit(1);
- }
+ fd = mkstemp(tmp);
- if ((fd = open(tmp, O_RDWR | O_CREAT, 0600)) < 0) {
- perror("tempfilename_generate: open()");
+ if (fd == -1) {
+ perror("tempfilename_generate: mkstemp()");
exit(1);
}
/* unlink right away to make sure no one can tamper with our file */

41
security/tripwire/patches/patch-ae Normal file
View file

@ -0,0 +1,41 @@
$NetBSD: patch-ae,v 1.1 2003/12/05 05:40:32 ben Exp $
--- src/config.parse.c.orig 1994-07-20 18:03:26.000000000 -0700
+++ src/config.parse.c
@@ -55,7 +55,6 @@ static char rcsid[] = "$Id: config.parse
#endif
/* prototypes */
-char *mktemp();
static void configfile_descend();
#ifndef L_tmpnam
@@ -90,6 +89,7 @@ configfile_read(pp_list, pp_entry_list)
char number[128];
int entrynum = 0;
int err;
+ int fdout;
/* to make code semi-reentrant */
list_reset(&prune_list);
@@ -105,8 +105,9 @@ configfile_read(pp_list, pp_entry_list)
};
(void) strcpy(tmpfilename, TEMPFILE_TEMPLATE);
- if ((char *) mktemp(tmpfilename) == NULL) {
- perror("configfile_read: mktemp()");
+ fdout = mkstemp(tmpfilename);
+ if (fdout == -1) {
+ perror("configfile_read: mkstemp()");
exit(1);
}
@@ -149,7 +150,7 @@ configfile_read(pp_list, pp_entry_list)
err = umask(077); /* to protect the tempfile */
- if ((fpout = fopen(tmpfilename, "w+")) == NULL) {
+ if ((fpout = fdopen(fdout, "w+")) == NULL) {
sprintf(s, "tripwire: Couldn't open config file '%s'", configfile);
perror(s);
exit(1);

63
security/tripwire/patches/patch-af Normal file
View file

@ -0,0 +1,63 @@
$NetBSD: patch-af,v 1.1 2003/12/05 05:40:32 ben Exp $
--- src/dbase.build.c.orig 1994-07-25 08:24:09.000000000 -0700
+++ src/dbase.build.c
@@ -66,7 +66,6 @@ static char rcsid[] = "$Id: dbase.build.
int files_scanned_num = 0;
/* prototypes */
-char *mktemp();
static void database_record_write();
char backupfile[MAXPATHLEN+256];
@@ -92,6 +91,7 @@ database_build (pp_list, mode, pp_entry_
{
struct list_elem *p_fileentry;
struct list_elem *p_configentry;
+ int fdw;
FILE *fpw;
char database[MAXPATHLEN+256];
int entrynum,
@@ -130,11 +130,12 @@ database_build (pp_list, mode, pp_entry_
die_with_err("malloc() failed in database_build", (char *) NULL);
(void) strcpy(tmpfilename, TEMPFILE_TEMPLATE);
- if ((char *) mktemp(tmpfilename) == NULL)
- die_with_err("database_build: mktemp()", (char *) NULL);
+ fdw = mkstemp(tmpfilename);
+ if (fdw == -1)
+ die_with_err("database_build: mkstemp()", (char *) NULL);
+ unlink(tmpfilename);
- (void) strcpy(tempdatabase_file, tmpfilename);
- (void) strcpy(database, tempdatabase_file);
+ (void) strcpy(database, tmpfilename);
free(tmpfilename);
} /* end if temporary database */
else if (mode == DBASE_UPDATE) {
@@ -224,6 +225,11 @@ printf("database_build(): ---> olddataba
}
/* rebuild the database */
+ if (mode == DBASE_TEMPORARY) {
+ fpw = fdopen(fdw, "w+");
+ if (fpw == NULL)
+ die_with_err("call fdopen() failed.", NULL);
+ } else
if ((fpw = fopen(database, "w")) == NULL)
die_with_err("Hint: Maybe the database directory '%s' doesn't exist? fopen()", database);
@@ -367,10 +373,10 @@ printf("--(contents)-->%s\n", entry);
die_with_err("database_build: list_close() failed!\n", (char *) NULL);
}
- /* we don't want to allow anyone to spoof the temporary file in /tmp */
+ /* If the database was temporary, the file was unlink()ed, and is
+ "hidden" from other processes. */
if (mode == DBASE_TEMPORARY) {
- if ((fptempdbase = freopen(database, "r", fpw)) == NULL)
- die_with_err("temporary database file disappeared?!?", database);
+ fptempdbase = fpw;
rewind(fptempdbase);
} else {
fclose(fpw);

12
security/tripwire/patches/patch-ag Normal file
View file

@ -0,0 +1,12 @@
$NetBSD: patch-ag,v 1.1 2003/12/05 05:40:32 ben Exp $
--- src/main.c.orig 1994-08-26 01:23:03.000000000 -0700
+++ src/main.c
@@ -108,7 +108,6 @@ char *database_file = DATABASE_FILE;
char *database_path = DATABASE_PATH;
char *config_path = CONFIG_PATH;
-char tempdatabase_file[MAXPATHLEN+256];
FILE *fptempdbase;
char *defaultignore = DEFAULTIGNORE;

14
security/tripwire/patches/patch-ah Normal file
View file

@ -0,0 +1,14 @@
$NetBSD: patch-ah,v 1.1 2003/12/05 05:40:32 ben Exp $
--- src/preen.c.orig 1994-07-25 08:24:11.000000000 -0700
+++ src/preen.c
@@ -98,9 +98,6 @@ update_gather(interactive, ppp_updateent
if (!specified_configmode)
(void) fclose(fp_in);
- /* remove the temporary database file */
- (void) unlink(tempdatabase_file);
-
SPDEBUG(3) printf("*** leaving update_gather()\n");
list_reset(&configentry_list);

62
security/tripwire/patches/patch-ai Normal file
View file

@ -0,0 +1,62 @@
$NetBSD: patch-ai,v 1.1 2003/12/05 05:40:32 ben Exp $
--- src/siggen.c.orig 1994-07-25 08:24:12.000000000 -0700
+++ src/siggen.c
@@ -52,7 +52,6 @@ static char rcsid[] = "$Id: siggen.c,v 1
extern int optind;
int debuglevel = 0;
-char *mktemp();
int (*pf_signatures [NUM_SIGS]) () = {
SIG0FUNC,
@@ -164,6 +163,7 @@ main(argc, argv)
}
if (readstdin) {
+ int fdout;
FILE *fpout;
/* generate temporary file name */
if ((tmpfilename = (char *) malloc(L_tmpnam + MAXPATHLEN)) == NULL) {
@@ -172,32 +172,26 @@ main(argc, argv)
};
(void) strcpy(tmpfilename, "/tmp/twzXXXXXX");
- if ((char *) mktemp(tmpfilename) == NULL) {
- perror("siggen: mktemp()");
+ fdout = mkstemp(tmpfilename);
+ if (fdout == -1) {
+ perror("siggen: mkstemp()");
exit(1);
}
+ unlink(tmpfilename);
/* output */
- if (!(fpout = fopen(tmpfilename, "w"))) {
- char err[1024];
- sprintf(err, "main: fopen(%s)", tmpfilename);
- perror(err);
+ if (!(fpout = fdopen(fdout, "w"))) {
+ perror("siggen: fdopen()");
exit(1);
}
/* copy */
while ((c = getc(stdin)) != EOF)
putc(c, fpout);
- fclose(fpout);
- if ((fd = open(tmpfilename, O_RDONLY)) < 0) {
- perror("siggen: open");
- exit(1);
- }
- if (siggen(fd) < 0)
+ rewind(fpout);
+ if (siggen(fdout) < 0)
errors++;
- if (fd)
- close(fd);
- unlink(tmpfilename);
+ fclose(fpout);
}
if (errors)