Use a more secure way to create temporary files and directories.

author: Bruno Haible <bruno@clisp.org> 2005-01-14 12:25:38 +0000
committer: Bruno Haible <bruno@clisp.org> 2009-06-23 12:12:04 +0200
commit: 6a7a9859901391991b81817eb643bab308e6503a (patch)
tree: d690ac1ceca72c303e314555305b777c814b1b30 /gettext-tools
parent: b75dbb75f5be7bb102ea019b1d45d096540a2fa9 (diff)
download: external_gettext-6a7a9859901391991b81817eb643bab308e6503a.zip
external_gettext-6a7a9859901391991b81817eb643bab308e6503a.tar.gz
external_gettext-6a7a9859901391991b81817eb643bab308e6503a.tar.bz2
4 files changed, 89 insertions, 10 deletions
diff --git a/gettext-tools/lib/ChangeLog b/gettext-tools/lib/ChangeLog
index c4802db..2534dfc 100644
--- a/gettext-tools/lib/ChangeLog
+++ b/gettext-tools/lib/ChangeLog
@@ -1,3 +1,8 @@
+2005-01-09  Bruno Haible  <bruno@clisp.org>
+
+	* csharpcomp.sh.in (func_tmpdir): New function.
+	(mcs invocation): Use it. Fix exit code.
+
 2005-01-07  Bruno Haible  <bruno@clisp.org>
 
 	* csharpcomp.c: Include safe-read.h.
diff --git a/gettext-tools/misc/ChangeLog b/gettext-tools/misc/ChangeLog
index c28159c..ec4bef2 100644
--- a/gettext-tools/misc/ChangeLog
+++ b/gettext-tools/misc/ChangeLog
@@ -1,3 +1,12 @@
+2005-01-09  Bruno Haible  <bruno@clisp.org>
+
+	* autopoint.in (func_tmpdir): New function.
+	(func_find_curr_installdir): Use it.
+	(mismatchfile): Create inside a temporary directory. Remove afterwards.
+	* gettextize.in (func_tmpdir): New function.
+	(func_find_curr_installdir): Use it.
+	Reported by Joey Hess <joeyh@debian.org>.
+
 2005-01-05  Bruno Haible  <bruno@clisp.org>
 
 	* autopoint.in: Update year in --version output.
diff --git a/gettext-tools/misc/autopoint.in b/gettext-tools/misc/autopoint.in
index 0e9a47c..7c4d40f 100644
--- a/gettext-tools/misc/autopoint.in
+++ b/gettext-tools/misc/autopoint.in
@@ -30,6 +30,37 @@ version=@VERSION@
 prefix="@prefix@"
 gettext_dir="@datadir@/gettext"
 
+# func_tmpdir
+# creates a temporary directory.
+# Sets variable
+# - tmp             pathname of freshly created temporary directory
+func_tmpdir ()
+{
+  # Use the environment variable TMPDIR, falling back to /tmp. This allows
+  # users to specify a different temporary directory, for example, if their
+  # /tmp is filled up or too small.
+  : ${TMPDIR=/tmp}
+  {
+    # Use the mktemp program if available. If not available, hide the error
+    # message.
+    tmp=`(umask 077 && mktemp -d -q "$TMPDIR/gtXXXXXX") 2>/dev/null` &&
+    test -n "$tmp" && test -d "$tmp"
+  } ||
+  {
+    # Use a simple mkdir command. It is guaranteed to fail if the directory
+    # already exists.  $RANDOM is bash specific and expands to empty in shells
+    # other than bash, ksh and zsh.  Its use does not increase security;
+    # rather, it minimizes the probability of failure in a very cluttered /tmp
+    # directory.
+    tmp=$TMPDIR/gt$$-$RANDOM
+    (umask 077 && mkdir "$tmp")
+  } ||
+  {
+    echo "$0: cannot create a temporary directory in $TMPDIR" >&2
+    { (exit 1); exit 1; }
+  }
+}
+
 # Support for relocatability.
 func_find_curr_installdir ()
 {
@@ -39,14 +70,15 @@ func_find_curr_installdir ()
     */* | *\\*) ;;
     *) # Need to look in the PATH.
       if test "${PATH_SEPARATOR+set}" != set; then
-        { echo "#! /bin/sh"; echo "exit 0"; } > /tmp/conf$$.sh
-        chmod +x /tmp/conf$$.sh
-        if (PATH="/nonexistent;/tmp"; conf$$.sh) >/dev/null 2>&1; then
+        func_tmpdir
+        { echo "#! /bin/sh"; echo "exit 0"; } > "$tmp"/conf.sh
+        chmod +x "$tmp"/conf.sh
+        if (PATH="/nonexistent;$tmp"; conf.sh) >/dev/null 2>&1; then
           PATH_SEPARATOR=';'
         else
           PATH_SEPARATOR=:
         fi
-        rm -f /tmp/conf$$.sh
+        rm -f "$tmp"
       fi
       save_IFS="$IFS"; IFS="$PATH_SEPARATOR"
       for dir in $PATH; do
@@ -384,8 +416,8 @@ func_destfile ()
 # original - too great risk of version mismatch.
 if test -z "$force"; then
   mismatch=
-  mismatchfile="${TMPDIR-/tmp}"/autopoint$$.diff
-  rm -f "$mismatchfile"
+  func_tmpdir
+  mismatchfile="$tmp"/autopoint.diff
   for file in `find "$work_dir/archive" -type f -print | sed -e "s,^$work_dir/archive/,," | LC_ALL=C sort`; do
     func_destfile "$file"
     if test -n "$destfile"; then
@@ -404,6 +436,7 @@ if test -z "$force"; then
     rm -rf "$cvs_dir" "$work_dir"
     func_fatal_error "Some files have been locally modified. Not overwriting them because --force has not been specified. For your convenience, you find the local modifications in the file '$mismatchfile'."
   fi
+  rm -rf "$tmp"
 fi
 
 # func_mkdir_for to
diff --git a/gettext-tools/misc/gettextize.in b/gettext-tools/misc/gettextize.in
index 09f890d..aefba88 100644
--- a/gettext-tools/misc/gettextize.in
+++ b/gettext-tools/misc/gettextize.in
@@ -30,6 +30,37 @@ version=@VERSION@
 prefix="@prefix@"
 gettext_dir="@datadir@/gettext"
 
+# func_tmpdir
+# creates a temporary directory.
+# Sets variable
+# - tmp             pathname of freshly created temporary directory
+func_tmpdir ()
+{
+  # Use the environment variable TMPDIR, falling back to /tmp. This allows
+  # users to specify a different temporary directory, for example, if their
+  # /tmp is filled up or too small.
+  : ${TMPDIR=/tmp}
+  {
+    # Use the mktemp program if available. If not available, hide the error
+    # message.
+    tmp=`(umask 077 && mktemp -d -q "$TMPDIR/gtXXXXXX") 2>/dev/null` &&
+    test -n "$tmp" && test -d "$tmp"
+  } ||
+  {
+    # Use a simple mkdir command. It is guaranteed to fail if the directory
+    # already exists.  $RANDOM is bash specific and expands to empty in shells
+    # other than bash, ksh and zsh.  Its use does not increase security;
+    # rather, it minimizes the probability of failure in a very cluttered /tmp
+    # directory.
+    tmp=$TMPDIR/gt$$-$RANDOM
+    (umask 077 && mkdir "$tmp")
+  } ||
+  {
+    echo "$0: cannot create a temporary directory in $TMPDIR" >&2
+    { (exit 1); exit 1; }
+  }
+}
+
 # Support for relocatability.
 func_find_curr_installdir ()
 {
@@ -39,14 +70,15 @@ func_find_curr_installdir ()
     */* | *\\*) ;;
     *) # Need to look in the PATH.
       if test "${PATH_SEPARATOR+set}" != set; then
-        { echo "#! /bin/sh"; echo "exit 0"; } > /tmp/conf$$.sh
-        chmod +x /tmp/conf$$.sh
-        if (PATH="/nonexistent;/tmp"; conf$$.sh) >/dev/null 2>&1; then
+        func_tmpdir
+        { echo "#! /bin/sh"; echo "exit 0"; } > "$tmp"/conf.sh
+        chmod +x "$tmp"/conf.sh
+        if (PATH="/nonexistent;$tmp"; conf.sh) >/dev/null 2>&1; then
           PATH_SEPARATOR=';'
         else
           PATH_SEPARATOR=:
         fi
-        rm -f /tmp/conf$$.sh
+        rm -f "$tmp"
       fi
       save_IFS="$IFS"; IFS="$PATH_SEPARATOR"
       for dir in $PATH; do
author	Bruno Haible <bruno@clisp.org>	2005-01-14 12:25:38 +0000
committer	Bruno Haible <bruno@clisp.org>	2009-06-23 12:12:04 +0200
commit	6a7a9859901391991b81817eb643bab308e6503a (patch)
tree	d690ac1ceca72c303e314555305b777c814b1b30 /gettext-tools
parent	b75dbb75f5be7bb102ea019b1d45d096540a2fa9 (diff)
download	external_gettext-6a7a9859901391991b81817eb643bab308e6503a.zip external_gettext-6a7a9859901391991b81817eb643bab308e6503a.tar.gz external_gettext-6a7a9859901391991b81817eb643bab308e6503a.tar.bz2