* fix ctm(8) to use mkstemp() instead of tempnam() for tempfile

creation. * Tag the internal err() function with __printflike to allow checking for non-constant format string arguments (none exist) * Use fmtcheck() to sanitize the tar command obtained via -t to make sure it doesn't contain extraneous format operators. Reviewed by: mikeh MFC after: 1 week
author: kris <kris@FreeBSD.org> 2001-05-06 03:03:45 +0000
committer: kris <kris@FreeBSD.org> 2001-05-06 03:03:45 +0000
commit: 08e03c867950bb514bac8b48cb92a19593e550ff (patch)
tree: ba16ae783c752f27ff9b16bc5793f1bedac840f1 /usr.sbin/ctm
parent: 43e5432dcb7ba27d1fd948003fd0048bca8ff12d (diff)
download: FreeBSD-src-08e03c867950bb514bac8b48cb92a19593e550ff.zip
FreeBSD-src-08e03c867950bb514bac8b48cb92a19593e550ff.tar.gz
5 files changed, 64 insertions, 7 deletions
diff --git a/usr.sbin/ctm/ctm/ctm_pass2.c b/usr.sbin/ctm/ctm/ctm_pass2.c
index be4dbf2..b3582fa 100644
--- a/usr.sbin/ctm/ctm/ctm_pass2.c
+++ b/usr.sbin/ctm/ctm/ctm_pass2.c
@@ -22,7 +22,7 @@ Pass2(FILE *fd)
 {
     u_char *p,*q,*md5=0;
     MD5_CTX ctx;
-    int i,j,sep,cnt;
+    int i,j,sep,cnt,fdesc;
     u_char *trash=0,*name=0;
     struct CTM_Syntax *sp;
     struct stat st;
@@ -31,6 +31,7 @@ Pass2(FILE *fd)
     char md5_1[33];
     struct CTM_Filter *filter;
     FILE *ed = NULL;
+    static char *template = NULL;
 
     if(Verbose>3)
 	printf("Pass2 -- Checking if CTM-patch will apply\n");
@@ -187,8 +188,37 @@ Pass2(FILE *fd)
 		    GETDATA(trash,cnt);
 		    if (!match)
 			break;
+		    if (!template) {
+			if (asprintf(&template, "%s/CTMclientXXXXXX",
+				TmpDir) == -1) {
+			    fprintf(stderr, "  %s: malloc failed.\n",
+				sp->Key);
+			    ret |= Exit_Mess;
+			    return ret;
+		        }
+		    }
 		    if(!strcmp(sp->Key,"FN")) {
-			p = tempnam(TmpDir,"CTMclient");
+			if ((p = strdup(template)) == NULL) {
+			    fprintf(stderr, "  %s: malloc failed.\n",
+				sp->Key);
+			    ret |= Exit_Mess;
+			    return ret;
+			}
+			if ((fdesc = mkstemp(p)) == -1) {
+			    fprintf(stderr, "  %s: mkstemp failed.\n",
+				sp->Key);
+			    ret |= Exit_Mess;
+			    Free(p);
+			    return ret;
+			}
+			if (close(fdesc) == -1) {
+			    fprintf(stderr, "  %s: close failed.\n",
+				sp->Key);
+			    ret |= Exit_Mess;
+			    unlink(p);
+			    Free(p);
+			    return ret;
+			}
 			j = ctm_edit(trash,cnt,name,p);
 			if(j) {
 			    fprintf(stderr,"  %s: %s edit returned %d.\n",
@@ -208,7 +238,27 @@ Pass2(FILE *fd)
 		        unlink(p);
 			Free(p);
 		    } else if (!strcmp(sp->Key,"FE")) {
-			p = tempnam(TmpDir,"CTMclient");
+			if ((p = strdup(template)) == NULL) {
+			    fprintf(stderr, "  %s: malloc failed.\n",
+				sp->Key);
+			    ret |= Exit_Mess;
+			    return ret;
+			}
+			if ((fdesc = mkstemp(p)) == -1) {
+			    fprintf(stderr, "  %s: mkstemp failed.\n",
+				sp->Key);
+			    ret |= Exit_Mess;
+			    Free(p);
+			    return ret;
+			}
+			if (close(fdesc) == -1) {
+			    fprintf(stderr, "  %s: close failed.\n",
+				sp->Key);
+			    ret |= Exit_Mess;
+			    unlink(p);
+			    Free(p);
+			    return ret;
+			}
 			ed = popen("ed","w");
 			if (!ed) {
 			    WRONG
diff --git a/usr.sbin/ctm/ctm/ctm_passb.c b/usr.sbin/ctm/ctm/ctm_passb.c
index ace2ce7..ee3a69c5f 100644
--- a/usr.sbin/ctm/ctm/ctm_passb.c
+++ b/usr.sbin/ctm/ctm/ctm_passb.c
@@ -36,7 +36,7 @@ PassB(FILE *fd)
 	printf("PassB -- Backing up files which would be changed.\n");
 
     MD5Init (&ctx);
-    sprintf(buf, TarCmd, BackupFile);
+    snprintf(buf, sizeof(buf), fmtcheck(TarCmd, TARCMD), BackupFile);
     b=popen(buf, "w");
     if(!b) { warn("%s", buf); return Exit_Garbage; }
 
diff --git a/usr.sbin/ctm/ctm_rmail/ctm_rmail.c b/usr.sbin/ctm/ctm_rmail/ctm_rmail.c
index 194394d..464f733 100644
--- a/usr.sbin/ctm/ctm_rmail/ctm_rmail.c
+++ b/usr.sbin/ctm/ctm_rmail/ctm_rmail.c
@@ -509,7 +509,7 @@ combine(char *delta, int npieces, char *dname, char *pname, char *tname)
 	    err("cannot open '%s' for writing", tname);
 	    }
 	else
-	    err("*mktemp: '%s'", tname);
+	    err("*mkstemp: '%s'", tname);
 	return 0;
 	}
 
diff --git a/usr.sbin/ctm/ctm_rmail/error.c b/usr.sbin/ctm/ctm_rmail/error.c
index 724b117..56d3dc6 100644
--- a/usr.sbin/ctm/ctm_rmail/error.c
+++ b/usr.sbin/ctm/ctm_rmail/error.c
@@ -12,6 +12,11 @@
  * Maybe you should write some free software too.
  */
 
+#ifndef lint
+static const char rcsid[] =
+  "$FreeBSD$";
+#endif /* not lint */
+
 #include <stdio.h>
 #include <string.h>
 #include <stdarg.h>
@@ -58,7 +63,7 @@ err_prog_name(char *name)
  * decoded and appended.
  */
 void
-err(char *fmt, ...)
+err(const char *fmt, ...)
     {
     va_list ap;
     time_t now;
diff --git a/usr.sbin/ctm/ctm_rmail/error.h b/usr.sbin/ctm/ctm_rmail/error.h
index b8bc452..c631b67 100644
--- a/usr.sbin/ctm/ctm_rmail/error.h
+++ b/usr.sbin/ctm/ctm_rmail/error.h
@@ -1,3 +1,5 @@
+/* $FreeBSD$ */
+
 extern	void	err_set_log(char *log_file);
 extern	void	err_prog_name(char *name);
-extern	void	err(char *fmt, ...);
+extern	void	err(const char *fmt, ...) __printflike(1, 2);
author	kris <kris@FreeBSD.org>	2001-05-06 03:03:45 +0000
committer	kris <kris@FreeBSD.org>	2001-05-06 03:03:45 +0000
commit	08e03c867950bb514bac8b48cb92a19593e550ff (patch)
tree	ba16ae783c752f27ff9b16bc5793f1bedac840f1 /usr.sbin/ctm
parent	43e5432dcb7ba27d1fd948003fd0048bca8ff12d (diff)
download	FreeBSD-src-08e03c867950bb514bac8b48cb92a19593e550ff.zip FreeBSD-src-08e03c867950bb514bac8b48cb92a19593e550ff.tar.gz