PATCH: Safe tempfile handling for send-pr v4

help-gnats

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PATCH: Safe tempfile handling for send-pr v4

From:	Yngve Svendsen
Subject:	PATCH: Safe tempfile handling for send-pr v4
Date:	Sun, 13 May 2001 18:58:50 +0200

The following set of patches for the current version 4 CVS changes send-prto use the mktemp command when generating temporary files, avertingpossible symlink attacks and making race conditions less likely.


On systems that do not have mktemp, the behaviour is unchanged.

Yngve Svendsen
IS Engineer
Clustra AS, Trondheim, Norway
address@hidden



configure.in: Check for the mktemp command and set HAVE_MKTEMP accordingly.
configure: Regenerated.
Makefile.in: Substitute xHAVE_MKTEMPx
send-pr.sh: Use mktemp to generate temp files safely on platforms
where it is available.


Index: configure.in
===================================================================
RCS file: /cvs/gnats/gnats/send-pr/configure.in,v
retrieving revision 1.3
diff -u -p -r1.3 configure.in
--- configure.in        2000/01/05 02:46:25     1.3
+++ configure.in        2001/05/13 15:02:34
@@ -17,6 +17,8 @@ AC_ECHON
 AC_LISPDIR
 AC_PASSWD

+AC_CHECK_PROG(HAVE_MKTEMP, mktemp, yes, no)
+
 SUBMITTER=unknown
 DEFAULT_ORGANIZATION=unknown



Index: configure
===================================================================
RCS file: /cvs/gnats/gnats/send-pr/configure,v
retrieving revision 1.4
diff -u -p -r1.4 configure
--- configure   2000/01/05 02:46:25     1.4
+++ configure   2001/05/13 15:05:00
@@ -676,11 +676,42 @@ fi
 test -n "$verbose" && echo "    setting PASSWD to ${PASSWD}"


+# Extract the first word of "mktemp", so it can be a program name with args.
+set dummy mktemp; ac_word=$2
+echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
+echo "configure:683: checking for $ac_word" >&5
+if eval "test \"`echo '$''{'ac_cv_prog_HAVE_MKTEMP'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  if test -n "$HAVE_MKTEMP"; then
+  ac_cv_prog_HAVE_MKTEMP="$HAVE_MKTEMP" # Let the user override the test.
+else
+  IFS="${IFS=     }"; ac_save_ifs="$IFS"; IFS=":"
+  ac_dummy="$PATH"
+  for ac_dir in $ac_dummy; do
+    test -z "$ac_dir" && ac_dir=.
+    if test -f $ac_dir/$ac_word; then
+      ac_cv_prog_HAVE_MKTEMP="yes"
+      break
+    fi
+  done
+  IFS="$ac_save_ifs"
+  test -z "$ac_cv_prog_HAVE_MKTEMP" && ac_cv_prog_HAVE_MKTEMP="no"
+fi
+fi
+HAVE_MKTEMP="$ac_cv_prog_HAVE_MKTEMP"
+if test -n "$HAVE_MKTEMP"; then
+  echo "$ac_t""$HAVE_MKTEMP" 1>&6
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+
 SUBMITTER=unknown
 DEFAULT_ORGANIZATION=unknown

 echo $ac_n "checking for --with-submitter""... $ac_c" 1>&6
-echo "configure:684: checking for --with-submitter" >&5
+echo "configure:715: checking for --with-submitter" >&5
 if test -n "$with_submitter" ; then
     echo "$ac_t""$with_submitter" 1>&6
     SUBMITTER="$with_submitter"
@@ -689,7 +720,7 @@ else
 fi

 echo $ac_n "checking for --with-organization""... $ac_c" 1>&6
-echo "configure:693: checking for --with-organization" >&5
+echo "configure:724: checking for --with-organization" >&5
 if test -n "$with_organization" ; then
     echo "$ac_t""$with_organization" 1>&6
     DEFAULT_ORGANIZATION="$with_organization"
@@ -874,6 +905,7 @@ address@hidden@%$SUBMITTER%g
 address@hidden@%$ECHON%g
 address@hidden@%$LISPDIR%g
 address@hidden@%$PASSWD%g
address@hidden@%$HAVE_MKTEMP%g

 CEOF
 EOF


Index: Makefile.in
===================================================================
RCS file: /cvs/gnats/gnats/send-pr/Makefile.in,v
retrieving revision 1.6
diff -u -p -r1.6 Makefile.in
--- Makefile.in 2001/01/24 22:51:16     1.6
+++ Makefile.in 2001/05/13 15:01:56
@@ -40,6 +40,9 @@ DEFAULT_MAIL_AGENT = @DEFAULT_MAIL_AGENT
 # Command line to display the passwd database
 PASSWD = @PASSWD@

+# Do we have the mktemp command?
+HAVE_MKTEMP = @HAVE_MKTEMP@
+
 # What to install
 SEND_PR_INSTALL = install-norm
 SEND_PR_INSTALL_ARCH_DEP = install-norm-arch-dep
@@ -126,6 +129,7 @@ send-pr: send-pr.sh Makefile
            -e 's,xECHONx,$(ECHON),' \
            -e 's,xMAIL_AGENTx,$(DEFAULT_MAIL_AGENT),' \
            -e 's,xPASSWDx,$(PASSWD),' \
+           -e 's,xHAVE_MKTEMPx,$(HAVE_MKTEMP),' \
            -e 's%xDEFAULT_ORGANIZATIONx%$(DEFAULT_ORGANIZATION)%' \
            -e 's,xDEFAULT_RELEASEx,$(DEFAULT_RELEASE),' \
             -e 's,xBINDIRx,$(bindir),g' \



Index: send-pr.sh
===================================================================
RCS file: /cvs/gnats/gnats/send-pr/send-pr.sh,v
retrieving revision 1.16
diff -u -p -r1.16 send-pr.sh
--- send-pr.sh  2001/04/08 18:28:25     1.16
+++ send-pr.sh  2001/05/13 16:34:21
@@ -43,6 +43,9 @@ DEFAULT_ORGANIZATION="xDEFAULT_ORGANIZAT
 # How to read the passwd database.
 PASSWD="xPASSWDx"

+# Do we have the mktemp command available?
+HAVE_MKTEMP="xHAVE_MKTEMPx"
+
 ECHON=xECHONx

 # By default send-pr connects directly to the database.  However, it
@@ -94,16 +97,36 @@ else
     TMPDIR="`echo $TMPDIR | sed -e 's,/$,,'`"
   fi
 fi
+
+# TEMP:   Temporary copy of the PR, to be edited by the user.
+# BAD:    The PR will end up here if the user aborts.

+# REF: The 'reference' copy of the PR template, used to verify that theuser

+#         actually did edit the template.

+# FIXFIL: A sed script used to remove comments from the template beforeprocessing.

+
+if [ $HAVE_MKTEMP = yes ]; then
+    TEMP=`mktemp $TMPDIR/pXXXXXX` || exit 1
+    BAD=`mktemp $TMPDIR/pbadXXXXXX` || exit 1
+    REF=`mktemp $TMPDIR/pfXXXXXX` || exit 1
+       FIXFIL=`mktemp $TMPDIR/fixXXXXXX` || exit 1
+else
+    TEMP=$TMPDIR/p$$
+    BAD=$TMPDIR/pbad$$
+    REF=$TMPDIR/pf$$
+       FIXFIL=$TMPDIR/fix$$
+    bad_temp=0
+    : > $TEMP0 || bad_temp=1
+    : > $TEMP || bad_temp=1
+    : > $BAD || bad_temp=1
+    : > $REF || bad_temp=1
+       : > $FIXFIL || bad_temp=1
+    if [ $bad_temp = 1 ]; then
+        rm -f $TEMP $BAD $REF $FIXFIL
+        exit 1;
+    fi
+fi
+REMOVE_TEMP="rm -f $TEMP $BAD $REF"

-# Temporary copy of the PR, to be edited by the user.
-TEMP=$TMPDIR/p$$
-# The PR will end up here if the user aborts.
-BAD=$TMPDIR/pbad$$
-# The 'reference' copy of the PR template, used to verify that the user
-# actually did edit the template.
-REF=$TMPDIR/pf$$
-# A sed script used to remove comments from the template before processing.
-FIXFIL=$TMPDIR/fix$$

 # find a user name
 if [ "$LOGNAME" = "" ]; then



Index: ChangeLog
===================================================================
RCS file: /cvs/gnats/gnats/send-pr/ChangeLog,v
retrieving revision 1.18
diff -u -p -r1.18 ChangeLog
--- ChangeLog   2001/04/15 18:04:05     1.18
+++ ChangeLog   2001/05/13 16:43:19
@@ -1,3 +1,12 @@
+2001-05-13  Yngve Svendsen  <address@hidden>
+
+       * configure.in: Check for the mktemp command and set HAVE_MKTEMP
+       accordingly.
+       configure: Regenerated.
+       Makefile.in: Substitute xHAVE_MKTEMPx
+       send-pr.sh: Use mktemp to generate temp files safely on platforms
+       where it is available.
+
 2001-04-15  Milan Zamazal  <address@hidden>

        * send-pr-el.in (gnats::get-config): Buffer checking fixed (Debian

[Prev in Thread]

Current Thread

[Next in Thread]

PATCH: Safe tempfile handling for send-pr v4, Yngve Svendsen <=

Prev by Date: PATCH: Errors from tr when invoking send-pr v4 on Solaris
Next by Date: Should we add a -d option to send-pr?
Previous by thread: PATCH: Errors from tr when invoking send-pr v4 on Solaris
Next by thread: Should we add a -d option to send-pr?
Index(es):
- Date
- Thread