diff options
| author | guido <guido@FreeBSD.org> | 1998-03-10 19:43:27 +0000 |
|---|---|---|
| committer | guido <guido@FreeBSD.org> | 1998-03-10 19:43:27 +0000 |
| commit | ff3d055846bfeb931dd1f95e6cb9d6846ed1dc20 (patch) | |
| tree | 5f5606bfda65c903c3035732ed92b241a742585b /gnu | |
| parent | 400707d96e5c70bee16528b39c8c50582bc33ee2 (diff) | |
| download | FreeBSD-src-ff3d055846bfeb931dd1f95e6cb9d6846ed1dc20.zip FreeBSD-src-ff3d055846bfeb931dd1f95e6cb9d6846ed1dc20.tar.gz | |
mktemp -> mkstemp as pointed out on bugtraq
Obtained from: Theo de Raadt
Diffstat (limited to 'gnu')
| -rw-r--r-- | gnu/usr.bin/perl/perl/perl.c | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/gnu/usr.bin/perl/perl/perl.c b/gnu/usr.bin/perl/perl/perl.c index d41280b..00cdb34 100644 --- a/gnu/usr.bin/perl/perl/perl.c +++ b/gnu/usr.bin/perl/perl/perl.c @@ -1,4 +1,4 @@ -char rcsid[] = "$RCSfile: perl.c,v $$Revision: 1.7 $$Date: 1996/06/30 09:47:56 $\nPatch level: ###\n"; +char rcsid[] = "$RCSfile: perl.c,v $$Revision: 1.8 $$Date: 1997/03/01 12:58:48 $\nPatch level: ###\n"; /* * Copyright (c) 1991, Larry Wall * @@ -6,6 +6,15 @@ char rcsid[] = "$RCSfile: perl.c,v $$Revision: 1.7 $$Date: 1996/06/30 09:47:56 $ * License or the Artistic License, as specified in the README file. * * $Log: perl.c,v $ + * Revision 1.8 1997/03/01 12:58:48 joerg + * Plug an old security hole: suidperl didn't honor MNT_NOSUID. + * + * Strong 2.2 and 2.1.x candidate. Someone should review the patch before, + * however. + * + * The maintainer of the Perl5 port should probably introduce a similar patch + * there. + * * Revision 1.7 1996/06/30 09:47:56 joerg * Back out Nate's changes from rev. 1.6; our Perl has not been * vulnerable since it used setreuid() as opposed to Posix saved IDs. @@ -207,13 +216,17 @@ setuid perl scripts securely.\n"); fatal("No -e allowed in setuid scripts"); #endif if (!e_fp) { + int fd; + e_tmpname = savestr(TMPPATH); - (void)mktemp(e_tmpname); - if (!*e_tmpname) - fatal("Can't mktemp()"); - e_fp = fopen(e_tmpname,"w"); - if (!e_fp) + fd = mkstemp(e_tmpname); + if (fd == -1) + fatal("Can't mkstemp()"); + e_fp = fdopen(fd,"w"); + if (!e_fp) { + close(fd); fatal("Cannot open temporary file"); + } } if (argv[1]) { fputs(argv[1],e_fp); |
