From 25439f6a4e6b362a4685a23ddb7f485c7399eb6b Mon Sep 17 00:00:00 2001
From: Bruno Haible <bruno@clisp.org>
Date: Mon, 7 Feb 2005 11:42:26 +0000
Subject: Secure creation of temporary file.

---
 gettext-tools/lib/csharpcomp.sh.in | 45 ++++++++++++++++++++++++++++++++------
 1 file changed, 38 insertions(+), 7 deletions(-)

diff --git a/gettext-tools/lib/csharpcomp.sh.in b/gettext-tools/lib/csharpcomp.sh.in
index f225968..480500d 100644
--- a/gettext-tools/lib/csharpcomp.sh.in
+++ b/gettext-tools/lib/csharpcomp.sh.in
@@ -1,7 +1,7 @@
 #!/bin/sh
 # Compile a C# program.
 
-# Copyright (C) 2003-2004 Free Software Foundation, Inc.
+# Copyright (C) 2003-2005 Free Software Foundation, Inc.
 # Written by Bruno Haible <bruno@clisp.org>, 2003.
 #
 # This program is free software; you can redistribute it and/or modify
@@ -34,6 +34,37 @@
 #   -O                optimize
 #   -g                generate debugging information
 
+# func_tmpdir
+# creates a temporary directory.
+# Sets variable
+# - tmp             pathname of freshly created temporary directory
+func_tmpdir ()
+{
+  # Use the environment variable TMPDIR, falling back to /tmp. This allows
+  # users to specify a different temporary directory, for example, if their
+  # /tmp is filled up or too small.
+  : ${TMPDIR=/tmp}
+  {
+    # Use the mktemp program if available. If not available, hide the error
+    # message.
+    tmp=`(umask 077 && mktemp -d -q "$TMPDIR/gtXXXXXX") 2>/dev/null` &&
+    test -n "$tmp" && test -d "$tmp"
+  } ||
+  {
+    # Use a simple mkdir command. It is guaranteed to fail if the directory
+    # already exists.  $RANDOM is bash specific and expands to empty in shells
+    # other than bash, ksh and zsh.  Its use does not increase security;
+    # rather, it minimizes the probability of failure in a very cluttered /tmp
+    # directory.
+    tmp=$TMPDIR/gt$$-$RANDOM
+    (umask 077 && mkdir "$tmp")
+  } ||
+  {
+    echo "$0: cannot create a temporary directory in $TMPDIR" >&2
+    { (exit 1); exit 1; }
+  }
+}
+
 sed_quote_subst='s/\([|&;<>()$`"'"'"'*?[#~=% 	\\]\)/\\\1/g'
 options_cscc=
 options_mcs=
@@ -108,14 +139,14 @@ else
     sed_drop_success_line='${
 /^Compilation succeeded/d
 }'
-    tmpfile=`(mktemp "${TMPDIR-/tmp}/mcserrXXXXXXXX") 2>/dev/null || echo ${TMPDIR-/tmp}/mcserr$$`
-    trap 'rm -f "$tmpfile"' 1 2 3 15
+    func_tmpdir
+    trap 'rm -rf "$tmp"' 1 2 3 15
     test -z "$CSHARP_VERBOSE" || echo mcs $options_mcs $sources
-    mcs $options_mcs $sources > "$tmpfile"
+    mcs $options_mcs $sources > "$tmp"/mcs.err
     result=$?
-    sed -e "$sed_drop_success_line" < "$tmpfile" >&2
-    rm -f "$tmpfile"
-    exit $?
+    sed -e "$sed_drop_success_line" < "$tmp"/mcs.err >&2
+    rm -rf "$tmp"
+    exit $result
   else
     if test -n "@HAVE_CSC@"; then
       test -z "$CSHARP_VERBOSE" || echo csc $options_csc $sources
-- 
cgit v1.1