47 lines
1.7 KiB
Diff
47 lines
1.7 KiB
Diff
+uudeview (0.5.20-2.1) unstable; urgency=low
|
|
+
|
|
+ * Fix possible (but highly unlikely) race in temporary file generation
|
|
+ (CAN-2004-2265), by passing the "x" (O_EXCL) flag to fopen when opening
|
|
+ such files. (Closes: #320541)
|
|
+
|
|
+ -- Steinar H. Gunderson <sesse@debian.org> Wed, 14 Jun 2006 18:44:05 +0200
|
|
+
|
|
|
|
Index: uudeview-0.5.20/unix/uudeview.c
|
|
===================================================================
|
|
--- uudeview-0.5.20.orig/unix/uudeview.c
|
|
+++ uudeview-0.5.20/unix/uudeview.c
|
|
@@ -454,7 +454,7 @@ proc_stdin (void)
|
|
return 0;
|
|
}
|
|
|
|
- if ((target = fopen (stdfile, "wb")) == NULL) {
|
|
+ if ((target = fopen (stdfile, "wbx")) == NULL) {
|
|
fprintf (stderr, "proc_stdin: cannot open temp file %s for writing: %s\n",
|
|
stdfile, strerror (errno));
|
|
_FP_free (stdfile);
|
|
Index: uudeview-0.5.20/uulib/uunconc.c
|
|
===================================================================
|
|
--- uudeview-0.5.20.orig/uulib/uunconc.c
|
|
+++ uudeview-0.5.20/uulib/uunconc.c
|
|
@@ -1325,9 +1325,9 @@ UUDecode (uulist *data)
|
|
return UURET_NODATA;
|
|
|
|
if (data->uudet == PT_ENCODED)
|
|
- mode = "wt"; /* open text files in text mode */
|
|
+ mode = "wtx"; /* open text files in text mode */
|
|
else
|
|
- mode = "wb"; /* otherwise in binary */
|
|
+ mode = "wbx"; /* otherwise in binary */
|
|
|
|
if ((data->binfile = tempnam (NULL, "uu")) == NULL) {
|
|
UUMessage (uunconc_id, __LINE__, UUMSG_ERROR,
|
|
@@ -1502,7 +1502,7 @@ UUDecode (uulist *data)
|
|
progress.action = 0;
|
|
return UURET_NOMEM;
|
|
}
|
|
- if ((datain = fopen (data->binfile, "rb")) == NULL) {
|
|
+ if ((datain = fopen (data->binfile, "rbx")) == NULL) {
|
|
UUMessage (uunconc_id, __LINE__, UUMSG_ERROR,
|
|
uustring (S_NOT_OPEN_FILE),
|
|
data->binfile, strerror (uu_errno = errno));
|