diff options
author | kris <kris@FreeBSD.org> | 2001-05-06 03:03:45 +0000 |
---|---|---|
committer | kris <kris@FreeBSD.org> | 2001-05-06 03:03:45 +0000 |
commit | 08e03c867950bb514bac8b48cb92a19593e550ff (patch) | |
tree | ba16ae783c752f27ff9b16bc5793f1bedac840f1 /usr.sbin/ctm/ctm | |
parent | 43e5432dcb7ba27d1fd948003fd0048bca8ff12d (diff) | |
download | FreeBSD-src-08e03c867950bb514bac8b48cb92a19593e550ff.zip FreeBSD-src-08e03c867950bb514bac8b48cb92a19593e550ff.tar.gz |
* fix ctm(8) to use mkstemp() instead of tempnam() for tempfile
creation.
* Tag the internal err() function with __printflike to allow checking
for non-constant format string arguments (none exist)
* Use fmtcheck() to sanitize the tar command obtained via -t to make
sure it doesn't contain extraneous format operators.
Reviewed by: mikeh
MFC after: 1 week
Diffstat (limited to 'usr.sbin/ctm/ctm')
-rw-r--r-- | usr.sbin/ctm/ctm/ctm_pass2.c | 56 | ||||
-rw-r--r-- | usr.sbin/ctm/ctm/ctm_passb.c | 2 |
2 files changed, 54 insertions, 4 deletions
diff --git a/usr.sbin/ctm/ctm/ctm_pass2.c b/usr.sbin/ctm/ctm/ctm_pass2.c index be4dbf2..b3582fa 100644 --- a/usr.sbin/ctm/ctm/ctm_pass2.c +++ b/usr.sbin/ctm/ctm/ctm_pass2.c @@ -22,7 +22,7 @@ Pass2(FILE *fd) { u_char *p,*q,*md5=0; MD5_CTX ctx; - int i,j,sep,cnt; + int i,j,sep,cnt,fdesc; u_char *trash=0,*name=0; struct CTM_Syntax *sp; struct stat st; @@ -31,6 +31,7 @@ Pass2(FILE *fd) char md5_1[33]; struct CTM_Filter *filter; FILE *ed = NULL; + static char *template = NULL; if(Verbose>3) printf("Pass2 -- Checking if CTM-patch will apply\n"); @@ -187,8 +188,37 @@ Pass2(FILE *fd) GETDATA(trash,cnt); if (!match) break; + if (!template) { + if (asprintf(&template, "%s/CTMclientXXXXXX", + TmpDir) == -1) { + fprintf(stderr, " %s: malloc failed.\n", + sp->Key); + ret |= Exit_Mess; + return ret; + } + } if(!strcmp(sp->Key,"FN")) { - p = tempnam(TmpDir,"CTMclient"); + if ((p = strdup(template)) == NULL) { + fprintf(stderr, " %s: malloc failed.\n", + sp->Key); + ret |= Exit_Mess; + return ret; + } + if ((fdesc = mkstemp(p)) == -1) { + fprintf(stderr, " %s: mkstemp failed.\n", + sp->Key); + ret |= Exit_Mess; + Free(p); + return ret; + } + if (close(fdesc) == -1) { + fprintf(stderr, " %s: close failed.\n", + sp->Key); + ret |= Exit_Mess; + unlink(p); + Free(p); + return ret; + } j = ctm_edit(trash,cnt,name,p); if(j) { fprintf(stderr," %s: %s edit returned %d.\n", @@ -208,7 +238,27 @@ Pass2(FILE *fd) unlink(p); Free(p); } else if (!strcmp(sp->Key,"FE")) { - p = tempnam(TmpDir,"CTMclient"); + if ((p = strdup(template)) == NULL) { + fprintf(stderr, " %s: malloc failed.\n", + sp->Key); + ret |= Exit_Mess; + return ret; + } + if ((fdesc = mkstemp(p)) == -1) { + fprintf(stderr, " %s: mkstemp failed.\n", + sp->Key); + ret |= Exit_Mess; + Free(p); + return ret; + } + if (close(fdesc) == -1) { + fprintf(stderr, " %s: close failed.\n", + sp->Key); + ret |= Exit_Mess; + unlink(p); + Free(p); + return ret; + } ed = popen("ed","w"); if (!ed) { WRONG diff --git a/usr.sbin/ctm/ctm/ctm_passb.c b/usr.sbin/ctm/ctm/ctm_passb.c index ace2ce7..ee3a69c5f 100644 --- a/usr.sbin/ctm/ctm/ctm_passb.c +++ b/usr.sbin/ctm/ctm/ctm_passb.c @@ -36,7 +36,7 @@ PassB(FILE *fd) printf("PassB -- Backing up files which would be changed.\n"); MD5Init (&ctx); - sprintf(buf, TarCmd, BackupFile); + snprintf(buf, sizeof(buf), fmtcheck(TarCmd, TARCMD), BackupFile); b=popen(buf, "w"); if(!b) { warn("%s", buf); return Exit_Garbage; } |