c2fb31ba79
lang/perl5 to perl-5.8.6nb4. Modify packages that referred to lang/perl58 to point to lang/perl5 instead.
28 lines
1 KiB
Text
28 lines
1 KiB
Text
$NetBSD: patch-bd,v 1.1 2005/06/24 06:43:47 jlam Exp $
|
|
|
|
--- lib/ExtUtils/instmodsh.orig 2004-01-05 17:34:59.000000000 -0500
|
|
+++ lib/ExtUtils/instmodsh
|
|
@@ -58,16 +58,13 @@ while (1)
|
|
$reply =~ /^t\s*/ and do
|
|
{
|
|
my $file = (split(' ', $reply))[1];
|
|
- my $tmp = "/tmp/inst.$$";
|
|
- if (my $fh = IO::File->new($tmp, "w"))
|
|
- {
|
|
- $fh->print(join("\n", $Inst->files($module)));
|
|
- $fh->close();
|
|
- system("tar cvf $file -I $tmp");
|
|
- unlink($tmp);
|
|
- last CASE;
|
|
- }
|
|
- else { print("Can't open $file: $!\n"); }
|
|
+ # Use File::Temp to create the tempfile and avoid possible symlink
|
|
+ # race attacks against a known filename in /tmp [CAN-2004-0976].
|
|
+ my ($fh, $tmp) = File::Temp::tempfile(UNLINK => 1);
|
|
+ $fh->print(join("\n", $Inst->files($module)));
|
|
+ $fh->close();
|
|
+ system("tar cvf $file -T $tmp");
|
|
+ unlink($tmp);
|
|
last CASE;
|
|
};
|
|
$reply eq 'v' and do
|