[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: bison (Re: Owl packages with dangerous "tmp" functions)

From: Hans Aberg
Subject: Re: bison (Re: Owl packages with dangerous "tmp" functions)
Date: Thu, 4 Jan 2001 11:01:11 +0100

At 12:36 +0300 1-01-04, Solar Designer wrote:
>I am now attaching the patch against bison-1.28.  The configure
>script in bison already has a check for mkstemp(3), which I'm using
>in the patch, so it should be sufficient to add #ifdef HAVE_MKSTEMP
>as appropriate to make this patch portable.  Of course, it would be
>better to also include a safe version of the code for systems which
>don't have mkstemp.  (Perhaps, tryopen() could be changed to support
>"x" for O_EXCL/fdopen such that this will allow for no worse a DoS.)

Try the bison (latest development) version available at
which has changed rather a lot since 1.28.

-- For example, there are no longer any use of temporary files.

  Hans Aberg

reply via email to

[Prev in Thread] Current Thread [Next in Thread]