92 lines
2.3 KiB
Text
92 lines
2.3 KiB
Text
$NetBSD: patch-mosmlyac_main_c,v 1.1 2011/11/08 12:41:30 dholland Exp $
|
|
|
|
Avoid insecure use of mktemp().
|
|
|
|
--- mosmlyac/main.c.orig 2000-04-28 09:38:45.000000000 +0000
|
|
+++ mosmlyac/main.c
|
|
@@ -1,6 +1,9 @@
|
|
#include <signal.h>
|
|
#ifdef ANSI
|
|
#include <string.h>
|
|
+#include <stdlib.h>
|
|
+#else
|
|
+extern char *getenv();
|
|
#endif
|
|
#include "defs.h"
|
|
|
|
@@ -33,6 +36,11 @@ char *text_file_name;
|
|
char *union_file_name;
|
|
char *verbose_file_name;
|
|
|
|
+static int action_fd = -1;
|
|
+static int entry_fd = -1;
|
|
+static int text_fd = -1;
|
|
+static int union_fd = -1;
|
|
+
|
|
FILE *action_file; /* a temp file, used to save actions associated */
|
|
/* with rules until the parser is written */
|
|
FILE *entry_file;
|
|
@@ -71,9 +79,6 @@ char *rassoc;
|
|
short **derives;
|
|
char *nullable;
|
|
|
|
-extern char *mktemp();
|
|
-extern char *getenv();
|
|
-
|
|
|
|
void done(int k)
|
|
{
|
|
@@ -276,12 +281,21 @@ void create_file_names(void)
|
|
union_file_name[len + 5] = 'u';
|
|
|
|
#ifndef NO_UNIX
|
|
- mktemp(action_file_name);
|
|
- mktemp(entry_file_name);
|
|
- mktemp(text_file_name);
|
|
- mktemp(union_file_name);
|
|
+ action_fd = mkstemp(action_file_name);
|
|
+ entry_fd = mkstemp(entry_file_name);
|
|
+ text_fd = mkstemp(text_file_name);
|
|
+ union_fd = mkstemp(union_file_name);
|
|
#endif
|
|
|
|
+ if (action_fd < 0)
|
|
+ open_error(action_file_name);
|
|
+ if (entry_fd < 0)
|
|
+ open_error(entry_file_name);
|
|
+ if (text_fd < 0)
|
|
+ open_error(text_file_name);
|
|
+ if (union_fd < 0)
|
|
+ open_error(union_file_name);
|
|
+
|
|
len = strlen(file_prefix);
|
|
|
|
output_file_name = MALLOC(len + 7);
|
|
@@ -321,15 +335,15 @@ void open_files(void)
|
|
open_error(input_file_name);
|
|
}
|
|
|
|
- action_file = fopen(action_file_name, "w");
|
|
+ action_file = fdopen(action_fd, "w");
|
|
if (action_file == 0)
|
|
open_error(action_file_name);
|
|
|
|
- entry_file = fopen(entry_file_name, "w");
|
|
+ entry_file = fdopen(entry_fd, "w");
|
|
if (entry_file == 0)
|
|
open_error(entry_file_name);
|
|
|
|
- text_file = fopen(text_file_name, "w");
|
|
+ text_file = fdopen(text_fd, "w");
|
|
if (text_file == 0)
|
|
open_error(text_file_name);
|
|
|
|
@@ -345,7 +359,7 @@ void open_files(void)
|
|
defines_file = fopen(defines_file_name, "w");
|
|
if (defines_file == 0)
|
|
open_error(defines_file_name);
|
|
- union_file = fopen(union_file_name, "w");
|
|
+ union_file = fdopen(union_fd, "w");
|
|
if (union_file == 0)
|
|
open_error(union_file_name);
|
|
}
|