Denver: Please tell me if you consider this patch acceptable to fix
the insecure use of tmpnam, as I plan to apply it to the Debian
version of wdiff:
diff -ru wdiff-0.5.original/wdiff.c wdiff-0.5/wdiff.c
--- wdiff-0.5.original/wdiff.c 2008-06-17 11:30:26.000000000 +0000
+++ wdiff-0.5/wdiff.c 2008-06-17 11:31:21.159349530 +0000
@@ -560,6 +560,7 @@
split_file_into_words (SIDE *side)
{
struct stat stat_buffer; /* for checking if file is directory */
+ int fd; /* for file descriptors returned by mkstemp */
/* Open files. */
@@ -571,8 +572,9 @@
this temporary local file. Once done, prepare it for reading.
We do not need the file name itself anymore. */
- tmpnam (side->temp_name);
- side->file = fopen (side->temp_name, "w+");
+ strcpy(side->temp_name, "/tmp/wdiff.XXXXXX");
+ fd = mkstemp(side->temp_name);
+ side->file = fdopen(fd, "w+");
if (side->file == NULL)
error (EXIT_OTHER_REASON, errno, side->temp_name);
if (unlink (side->temp_name) != 0)
@@ -598,8 +600,9 @@
side->character = getc (side->file);
side->position = 0;
- tmpnam (side->temp_name);
- side->temp_file = fopen (side->temp_name, "w");
+ strcpy(side->temp_name, "/tmp/wdiff.XXXXXX");
+ fd = mkstemp(side->temp_name);
+ side->temp_file = fdopen(fd, "w");
if (side->temp_file == NULL)
error (EXIT_OTHER_REASON, errno, side->temp_name);
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
