Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.2
groff
groff-1.21-CVE-2009-5081.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File groff-1.21-CVE-2009-5081.patch of Package groff
Index: groff-1.22.3/contrib/pdfmark/pdfroff.man =================================================================== --- groff-1.22.3.orig/contrib/pdfmark/pdfroff.man +++ groff-1.22.3/contrib/pdfmark/pdfroff.man @@ -555,7 +555,7 @@ defaults to .B GROFF_TMPDIR Identifies the directory in which .B pdfroff -should create temporary files. +should create a subdirectory for its temporary files. . If .B \%GROFF_TMPDIR @@ -568,7 +568,8 @@ and .B TEMP are considered in turn, as possible temporary file repositories. If none of these are set, then temporary files are created -in the current directory. +in a subdirectory of +.BR /tmp . . .TP .B GROFF_GHOSTSCRIPT_INTERPRETER Index: groff-1.22.3/doc/fixinfo.sh =================================================================== --- groff-1.22.3.orig/doc/fixinfo.sh +++ groff-1.22.3/doc/fixinfo.sh @@ -22,7 +22,9 @@ # groff.texinfo macro code. Hopefully, a new texinfo version makes it # unnecessary. -t=${TMPDIR-.}/gro$$.tmp +t="`mktemp -t groff-fixinfo.XXXXXXXXXX`" || exit +trap 'rm -f -- "$t"' EXIT +trap 'trap - EXIT; rm -f -- "$t"; exit 1' HUP INT QUIT TERM cat $1 | sed ' 1 { Index: groff-1.22.3/doc/groff.info-2 =================================================================== --- groff-1.22.3.orig/doc/groff.info-2 +++ groff-1.22.3/doc/groff.info-2 @@ -1697,9 +1697,9 @@ not there, 'groff' would not know when t time into a document: .sy perl -e 'printf ".nr H %d\\n.nr M %d\\n.nr S %d\\n",\ - (localtime(time))[2,1,0]' > /tmp/x\n[$$] - .so /tmp/x\n[$$] - .sy rm /tmp/x\n[$$] + (localtime(time))[2,1,0]' > timefile\n[$$] + .so timefile\n[$$] + .sy rm timefile\n[$$] \nH:\nM:\nS Note that this works by having the 'perl' script (run by 'sy') Index: groff-1.22.3/doc/groff.texinfo =================================================================== --- groff-1.22.3.orig/doc/groff.texinfo +++ groff-1.22.3/doc/groff.texinfo @@ -13736,9 +13736,9 @@ into a document: @pindex perl @Example .sy perl -e 'printf ".nr H %d\\n.nr M %d\\n.nr S %d\\n",\ - (localtime(time))[2,1,0]' > /tmp/x\n[$$] -.so /tmp/x\n[$$] -.sy rm /tmp/x\n[$$] + (localtime(time))[2,1,0]' > timefile\n[$$] +.so timefile\n[$$] +.sy rm timefile\n[$$] \nH:\nM:\nS @endExample Index: groff-1.22.3/gendef.sh =================================================================== --- groff-1.22.3.orig/gendef.sh +++ groff-1.22.3/gendef.sh @@ -33,11 +33,9 @@ do #define $def" done -# Use $TMPDIR if defined. Default to cwd, for non-Unix systems -# which don't have /tmp on each drive (we are going to remove -# the file before we exit anyway). Put the PID in the basename, -# since the extension can only hold 3 characters on MS-DOS. -t=${TMPDIR-.}/gro$$.tmp +t="`mktemp -t groff-gendef.XXXXXXXXXX`" || exit +trap 'rm -f -- "$t"' EXIT +trap 'trap - EXIT; rm -f -- "$t"; exit 1' HUP INT QUIT TERM sed -e 's/=/ /' >$t <<EOF $defs @@ -45,8 +43,6 @@ EOF test -r $file && cmp -s $t $file || cp $t $file -rm -f $t - exit 0 # eof Index: groff-1.22.3/src/roff/groff/pipeline.c =================================================================== --- groff-1.22.3.orig/src/roff/groff/pipeline.c +++ groff-1.22.3/src/roff/groff/pipeline.c @@ -376,6 +376,7 @@ int run_pipeline(int ncommands, char *** /* Don't use `tmpnam' here: Microsoft's implementation yields unusable file names if current directory is on network share with read-only root. */ +#error AUDIT: This code is only compiled under DOS tmpfiles[0] = tempnam(tmpdir, NULL); tmpfiles[1] = tempnam(tmpdir, NULL); Index: groff-1.22.3/contrib/groffer/main_subs.pl =================================================================== --- groff-1.22.3.orig/contrib/groffer/main_subs.pl +++ groff-1.22.3/contrib/groffer/main_subs.pl @@ -1239,7 +1239,7 @@ sub main_temp { our $fh_stdin; our $tmp_cat; our $tmp_stdin; - my $template = 'groffer_' . "$$" . '_XXXX'; + my $template = 'groffer_' . "$$" . '_XXXXXXXXXX'; foreach ($ENV{'GROFF_TMPDIR'}, $ENV{'TMPDIR'}, $ENV{'TMP'}, $ENV{'TEMP'}, $ENV{'TEMPDIR'}, File::Spec->catfile($ENV{'HOME'}, 'tmp')) { if ($_ && -d $_ && -w $_) { @@ -1271,12 +1271,12 @@ sub main_temp { # further argument: SUFFIX => '.sh' if ($Debug{'KEEP'}) { - ($fh_cat, $tmp_cat) = tempfile(',cat_XXXX', DIR => $tmpdir); - ($fh_stdin, $tmp_stdin) = tempfile(',stdin_XXXX', DIR => $tmpdir); + ($fh_cat, $tmp_cat) = tempfile(',cat_XXXXXXXXXX', DIR => $tmpdir); + ($fh_stdin, $tmp_stdin) = tempfile(',stdin_XXXXXXXXXX', DIR => $tmpdir); } else { - ($fh_cat, $tmp_cat) = tempfile(',cat_XXXX', UNLINK => 1, + ($fh_cat, $tmp_cat) = tempfile(',cat_XXXXXXXXXX', UNLINK => 1, DIR => $tmpdir); - ($fh_stdin, $tmp_stdin) = tempfile(',stdin_XXXX', UNLINK => 1, + ($fh_stdin, $tmp_stdin) = tempfile(',stdin_XXXXXXXXXX', UNLINK => 1, DIR => $tmpdir); } } # main_temp() Index: groff-1.22.3/contrib/groffer/roff2.pl =================================================================== --- groff-1.22.3.orig/contrib/groffer/roff2.pl +++ groff-1.22.3/contrib/groffer/roff2.pl @@ -123,7 +123,7 @@ if ($Has_Groffer) { last; } } - my $template = $Name . '_XXXX'; + my $template = $Name . '_XXXXXXXXXX'; my ($fh, $stdin); if ($tempdir) { ($fh, $stdin) = tempfile($template, UNLINK => 1, DIR => $tempdir) ||
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor