summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorsobomax <sobomax@FreeBSD.org>2000-06-09 07:23:48 +0000
committersobomax <sobomax@FreeBSD.org>2000-06-09 07:23:48 +0000
commit5bdf8f2a811ccf30f3aaab9fe3cdc36febb73894 (patch)
tree3ce1b5b934cf9a689fb2774e0218f3e3da63abd0 /net
parent4090134dd8fd9161bd7870de48b4373ca2e133f3 (diff)
downloadFreeBSD-ports-5bdf8f2a811ccf30f3aaab9fe3cdc36febb73894.zip
FreeBSD-ports-5bdf8f2a811ccf30f3aaab9fe3cdc36febb73894.tar.gz
Use mkstemp() instead of insecure mktemp().
PR: 19047 Hall of Shame entry: Mikhail Teterin <mi@aldan.algebra.com> (for his !@#$%^ ego)
Diffstat (limited to 'net')
-rw-r--r--net/arpwatch-devel/files/patch-ad29
-rw-r--r--net/arpwatch-devel/files/patch-ae29
-rw-r--r--net/arpwatch/files/patch-ad29
-rw-r--r--net/arpwatch/files/patch-ae29
4 files changed, 116 insertions, 0 deletions
diff --git a/net/arpwatch-devel/files/patch-ad b/net/arpwatch-devel/files/patch-ad
new file mode 100644
index 0000000..02096d9
--- /dev/null
+++ b/net/arpwatch-devel/files/patch-ad
@@ -0,0 +1,29 @@
+--- report.c.orig Fri Jun 9 09:54:48 2000
++++ report.c Fri Jun 9 10:05:58 2000
+@@ -249,6 +249,9 @@
+ char *unknown = "<unknown>";
+ char buf[132];
+ static int init = 0;
++#ifdef HAVE_MKSTEMP
++ int fd;
++#endif
+
+ /* No report until we're initialized */
+ if (initializing)
+@@ -286,8 +289,16 @@
+ /* Child */
+ closelog();
+ (void)strcpy(tempfile, "/tmp/arpwatch.XXXXXX");
++#ifndef HAVE_MKSTEMP
+ (void)mktemp(tempfile);
+ if ((f = fopen(tempfile, "w+")) == NULL) {
++#else
++ if ((fd = mkstemp(tempfile)) == -1) {
++ syslog(LOG_ERR, "child mkstemp(%s): %m", tempfile);
++ exit(1);
++ }
++ if ((f = fdopen(fd, "w+")) == NULL) {
++#endif /* HAVE_MKSTEMP */
+ syslog(LOG_ERR, "child open(%s): %m", tempfile);
+ exit(1);
+ }
diff --git a/net/arpwatch-devel/files/patch-ae b/net/arpwatch-devel/files/patch-ae
new file mode 100644
index 0000000..64ebc59
--- /dev/null
+++ b/net/arpwatch-devel/files/patch-ae
@@ -0,0 +1,29 @@
+--- configure.orig Wed Jul 29 08:16:52 1998
++++ configure Fri Jun 9 10:12:32 2000
+@@ -646,7 +646,7 @@
+ :
+ fi
+
+- V_CCOPT="-O"
++# V_CCOPT="-O"
+ V_INCLS=""
+ if test "${srcdir}" != "." ; then
+ V_INCLS="-I\$\(srcdir\)"
+@@ -887,7 +887,7 @@
+
+ echo "$ac_t""$ac_cv_lbl_gcc_vers" 1>&6
+ if test $ac_cv_lbl_gcc_vers -gt 1 ; then
+- V_CCOPT="-O2"
++# V_CCOPT="-O2"
+ fi
+ fi
+ else
+@@ -1154,7 +1154,7 @@
+ fi
+
+
+-for ac_func in dn_skipname
++for ac_func in dn_skipname mkstemp
+ do
+ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+ echo "configure:1161: checking for $ac_func" >&5
diff --git a/net/arpwatch/files/patch-ad b/net/arpwatch/files/patch-ad
new file mode 100644
index 0000000..02096d9
--- /dev/null
+++ b/net/arpwatch/files/patch-ad
@@ -0,0 +1,29 @@
+--- report.c.orig Fri Jun 9 09:54:48 2000
++++ report.c Fri Jun 9 10:05:58 2000
+@@ -249,6 +249,9 @@
+ char *unknown = "<unknown>";
+ char buf[132];
+ static int init = 0;
++#ifdef HAVE_MKSTEMP
++ int fd;
++#endif
+
+ /* No report until we're initialized */
+ if (initializing)
+@@ -286,8 +289,16 @@
+ /* Child */
+ closelog();
+ (void)strcpy(tempfile, "/tmp/arpwatch.XXXXXX");
++#ifndef HAVE_MKSTEMP
+ (void)mktemp(tempfile);
+ if ((f = fopen(tempfile, "w+")) == NULL) {
++#else
++ if ((fd = mkstemp(tempfile)) == -1) {
++ syslog(LOG_ERR, "child mkstemp(%s): %m", tempfile);
++ exit(1);
++ }
++ if ((f = fdopen(fd, "w+")) == NULL) {
++#endif /* HAVE_MKSTEMP */
+ syslog(LOG_ERR, "child open(%s): %m", tempfile);
+ exit(1);
+ }
diff --git a/net/arpwatch/files/patch-ae b/net/arpwatch/files/patch-ae
new file mode 100644
index 0000000..64ebc59
--- /dev/null
+++ b/net/arpwatch/files/patch-ae
@@ -0,0 +1,29 @@
+--- configure.orig Wed Jul 29 08:16:52 1998
++++ configure Fri Jun 9 10:12:32 2000
+@@ -646,7 +646,7 @@
+ :
+ fi
+
+- V_CCOPT="-O"
++# V_CCOPT="-O"
+ V_INCLS=""
+ if test "${srcdir}" != "." ; then
+ V_INCLS="-I\$\(srcdir\)"
+@@ -887,7 +887,7 @@
+
+ echo "$ac_t""$ac_cv_lbl_gcc_vers" 1>&6
+ if test $ac_cv_lbl_gcc_vers -gt 1 ; then
+- V_CCOPT="-O2"
++# V_CCOPT="-O2"
+ fi
+ fi
+ else
+@@ -1154,7 +1154,7 @@
+ fi
+
+
+-for ac_func in dn_skipname
++for ac_func in dn_skipname mkstemp
+ do
+ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+ echo "configure:1161: checking for $ac_func" >&5
OpenPOWER on IntegriCloud