Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.1:Staging:C
sgmltool
sgml-tools-temp-vuln-1.0.9.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File sgml-tools-temp-vuln-1.0.9.diff of Package sgmltool
--- sgml-tools-1.0.9/lib/SGMLTools.bak Wed Apr 25 14:53:48 2001 +++ sgml-tools-1.0.9/lib/SGMLTools.pm Wed Apr 25 14:58:42 2001 @@ -212,6 +212,14 @@ return @files; } +# Pre-create temp files safely +sub create_temp { + my $fh = new FileHandle(shift,O_CREAT|O_EXCL|O_WRONLY,0600); + $fh or die "$0: failed to create temporary file: $!"; + $fh->close; +} + + =item SGMLTools::process_file With all the configuration done, this routine will take a single filename @@ -286,6 +294,7 @@ { $ifile = new FileHandle "$global->{NsgmlsPrePipe}|"; } + create_temp("$tmpbase.1"); $writensgmls = new FileHandle "$precmd|$main::progs->{NSGMLS} $global->{NsgmlsOpts} $ENV{SGMLDECL} >$tmpbase.1"; if ($global->{charset} eq "latin") @@ -386,7 +395,8 @@ # preASP ($inhandle, $outhandle); # my $inpreasp = new FileHandle "<$tmpbase.1"; - my $outpreasp = new FileHandle ">$tmpbase.2"; + my $outpreasp = new FileHandle "$tmpbase.2",O_WRONLY|O_CREAT|O_EXCL,0600; + if (defined $Formats{$global->{format}}{preASP}) { &{$Formats{$global->{format}}{preASP}}($inpreasp, $outpreasp) == 0 or @@ -428,6 +438,7 @@ my $mapping = "$main::LibDir/site/$dtd/$global->{format}/mapping"; -r $mapping or $mapping = "$main::LibDir/dist/$dtd/$global->{format}/mapping"; + create_temp("$tmpbase.3"); system ("$main::progs->{SGMLSASP} $style $mapping <$tmpbase.2| expand -$global->{tabsize} >$tmpbase.3");
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor