Hi,
currently our (external) filter scripts are lacking resp. buggy in several ways:
- they don't respect the TMPDIR environment variable
- not safe from a security pov [1]
- buggy (st vs $st)
- unnecessary cat calls
- create files in $HOME (which unnecessarily get picked up by tracker)
The attached patch addresses these issues. I used mktemp to implement
the creation of safe tmpfiles. TTBOMK all modern linux/solaris
distributions ship tool.
I'm posting this patch for wider review. If you know of any platform
(we support) that doesn't ship mktemp, please let me know.
Cheers,
Michael
[1] http://www.linuxsecurity.com/content/view/115462/151/
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
Index: filters/application/msword_filter
===================================================================
--- filters/application/msword_filter (Revision 1038)
+++ filters/application/msword_filter (Arbeitskopie)
@@ -1,8 +1,18 @@
#!/bin/sh
-umask 077
-cp "$1" /tmp/tempfile.$$
-nice -n19 wvText /tmp/tempfile.$$ "$2"
-rm /tmp/tempfile.$$
-# remove temporary included image files left by wvText
-rm `pwd "$2"`/tempfile.$$*
+tmpdir=${TMPDIR-/tmp}
+tmpdir="$tmpdir"/tmpdir.$$
+
+(umask 077 && mkdir "$tmpdir") || exit 1
+
+tmpfile="$tmpdir"/tmpfile.$$
+
+cp "$1" "$tmpfile"
+
+# Change the working directory to $tmpdir which we can safely deleter later.
+# Some (buggy) versions of wvText extract the image files from the word
+# document and place them in the current working directory.
+cd "$tmpdir"
+nice -n19 wvText "$tmpfile" "$2"
+
+rm -rf "$tmpdir"
Index: filters/application/vnd.sun.xml.impress_filter
===================================================================
--- filters/application/vnd.sun.xml.impress_filter (Revision 1038)
+++ filters/application/vnd.sun.xml.impress_filter (Arbeitskopie)
@@ -1,3 +1,3 @@
#!/bin/sh
- nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
+nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
Index: filters/application/vnd.oasis.opendocument.presentation_filter
===================================================================
--- filters/application/vnd.oasis.opendocument.presentation_filter (Revision 1038)
+++ filters/application/vnd.oasis.opendocument.presentation_filter (Arbeitskopie)
@@ -1,3 +1,3 @@
#!/bin/sh
- nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
+nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
Index: filters/application/x-gnumeric_filter
===================================================================
--- filters/application/x-gnumeric_filter (Revision 1038)
+++ filters/application/x-gnumeric_filter (Arbeitskopie)
@@ -1,12 +1,10 @@
#!/bin/sh
-umask 077
+tmpfile=`mktemp` || exit 1
-st=/tmp/tempfile.$$
+nice -n19 ssindex -i "$1" > "$tmpfile"
-nice -n19 ssindex -i "$1" > st
-
-nice -n19 xsltproc - st > "$2" <<EOF
+nice -n19 xsltproc - "$tmpfile" > "$2" <<EOF
<?xml version="1.0"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform";
@@ -22,6 +20,4 @@
</xsl:stylesheet>
EOF
-rm st
-
-cat "$2"
+rm "$tmpfile"
Index: filters/application/vnd.stardivision.writer_filter
===================================================================
--- filters/application/vnd.stardivision.writer_filter (Revision 1038)
+++ filters/application/vnd.stardivision.writer_filter (Arbeitskopie)
@@ -1,3 +1,3 @@
#!/bin/sh
- nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
+nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
Index: filters/application/vnd.oasis.opendocument.spreadsheet-template_filter
===================================================================
--- filters/application/vnd.oasis.opendocument.spreadsheet-template_filter (Revision 1038)
+++ filters/application/vnd.oasis.opendocument.spreadsheet-template_filter (Arbeitskopie)
@@ -1,3 +1,3 @@
#!/bin/sh
- nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
+nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
Index: filters/application/vnd.sun.xml.impress.template_filter
===================================================================
--- filters/application/vnd.sun.xml.impress.template_filter (Revision 1038)
+++ filters/application/vnd.sun.xml.impress.template_filter (Arbeitskopie)
@@ -1,3 +1,3 @@
#!/bin/sh
- nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
+nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
Index: filters/application/vnd.oasis.opendocument.presentation-template_filter
===================================================================
--- filters/application/vnd.oasis.opendocument.presentation-template_filter (Revision 1038)
+++ filters/application/vnd.oasis.opendocument.presentation-template_filter (Arbeitskopie)
@@ -1,3 +1,3 @@
#!/bin/sh
- nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
+nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
Index: filters/application/vnd.oasis.opendocument.text_filter
===================================================================
--- filters/application/vnd.oasis.opendocument.text_filter (Revision 1038)
+++ filters/application/vnd.oasis.opendocument.text_filter (Arbeitskopie)
@@ -1,3 +1,3 @@
#!/bin/sh
- nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
+nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
Index: filters/application/vnd.sun.xml.draw_filter
===================================================================
--- filters/application/vnd.sun.xml.draw_filter (Revision 1038)
+++ filters/application/vnd.sun.xml.draw_filter (Arbeitskopie)
@@ -1,3 +1,3 @@
#!/bin/sh
- nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
+nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
Index: filters/application/vnd.sun.xml.calc_filter
===================================================================
--- filters/application/vnd.sun.xml.calc_filter (Revision 1038)
+++ filters/application/vnd.sun.xml.calc_filter (Arbeitskopie)
@@ -1,3 +1,3 @@
#!/bin/sh
- nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
+nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
Index: filters/application/csv_filter
===================================================================
--- filters/application/csv_filter (Revision 1038)
+++ filters/application/csv_filter (Arbeitskopie)
@@ -1,12 +1,10 @@
#!/bin/sh
-umask 077
+tmpfile=`mktemp` || exit 1
-st=/tmp/tempfile.$$
+nice -n19 ssindex -i "$1" > "$tmpfile"
-nice -n19 ssindex -i "$1" > st
-
-nice -n19 xsltproc - st > "$2" <<EOF
+nice -n19 xsltproc - "$tmpfile" > "$2" <<EOF
<?xml version="1.0"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform";
@@ -22,6 +20,4 @@
</xsl:stylesheet>
EOF
-rm st
-
-cat "$2"
+rm "$tmpfile"
Index: filters/application/x-abiword_filter
===================================================================
--- filters/application/x-abiword_filter (Revision 1038)
+++ filters/application/x-abiword_filter (Arbeitskopie)
@@ -15,4 +15,3 @@
</xsl:stylesheet>
EOF
-
Index: filters/application/vnd.ms-excel_filter
===================================================================
--- filters/application/vnd.ms-excel_filter (Revision 1038)
+++ filters/application/vnd.ms-excel_filter (Arbeitskopie)
@@ -1,12 +1,10 @@
#!/bin/sh
-umask 077
+tmpfile=`mktemp` || exit 1
-st=/tmp/tempfile.$$
+nice -n19 ssindex -i "$1" > "$tmpfile"
-nice -n19 ssindex -i "$1" > st
-
-nice -n19 xsltproc - st > "$2" <<EOF
+nice -n19 xsltproc - "$tmpfile" > "$2" <<EOF
<?xml version="1.0"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform";
@@ -22,6 +20,4 @@
</xsl:stylesheet>
EOF
-rm st
-
-cat "$2"
+rm "$tmpfile"
Index: filters/application/vnd.sun.xml.writer_filter
===================================================================
--- filters/application/vnd.sun.xml.writer_filter (Revision 1038)
+++ filters/application/vnd.sun.xml.writer_filter (Arbeitskopie)
@@ -1,3 +1,3 @@
#!/bin/sh
- nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
+nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
Index: filters/application/vnd.sun.xml.calc.template_filter
===================================================================
--- filters/application/vnd.sun.xml.calc.template_filter (Revision 1038)
+++ filters/application/vnd.sun.xml.calc.template_filter (Arbeitskopie)
@@ -1,3 +1,3 @@
#!/bin/sh
- nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
+nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
Index: filters/application/vnd.oasis.opendocument.spreadsheet_filter
===================================================================
--- filters/application/vnd.oasis.opendocument.spreadsheet_filter (Revision 1038)
+++ filters/application/vnd.oasis.opendocument.spreadsheet_filter (Arbeitskopie)
@@ -1,3 +1,3 @@
#!/bin/sh
- nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
+nice -n19 unzip -p "$1" content.xml | o3totxt > "$2"
Index: filters/application/tab-separated-values_filter
===================================================================
--- filters/application/tab-separated-values_filter (Revision 1038)
+++ filters/application/tab-separated-values_filter (Arbeitskopie)
@@ -1,12 +1,10 @@
#!/bin/sh
-umask 077
+tmpfile=`mktemp` || exit 1
-st=/tmp/tempfile.$$
+nice -n19 ssindex -i "$1" > "$tmpfile"
-nice -n19 ssindex -i "$1" > st
-
-nice -n19 xsltproc - st > "$2" <<EOF
+nice -n19 xsltproc - "$tmpfile" > "$2" <<EOF
<?xml version="1.0"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform";
@@ -22,6 +20,4 @@
</xsl:stylesheet>
EOF
-rm st
-
-cat "$2"
+rm "$tmpfile"
Index: filters/text/csv_filter
===================================================================
--- filters/text/csv_filter (Revision 1038)
+++ filters/text/csv_filter (Arbeitskopie)
@@ -1,12 +1,10 @@
#!/bin/sh
-umask 077
+tmpfile=`mktemp` || exit 1
-st=/tmp/tempfile.$$
+nice -n19 ssindex -i "$1" > "$tmpfile"
-nice -n19 ssindex -i "$1" > st
-
-nice -n19 xsltproc - st > "$2" <<EOF
+nice -n19 xsltproc - "$tmpfile" > "$2" <<EOF
<?xml version="1.0"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform";
@@ -22,6 +20,4 @@
</xsl:stylesheet>
EOF
-rm st
-
-cat "$2"
+rm "$tmpfile"
Index: filters/text/xml_filter
===================================================================
--- filters/text/xml_filter (Revision 1038)
+++ filters/text/xml_filter (Arbeitskopie)
@@ -15,4 +15,3 @@
</xsl:stylesheet>
EOF
-
Index: filters/text/x-comma-separated-values_filter
===================================================================
--- filters/text/x-comma-separated-values_filter (Revision 1038)
+++ filters/text/x-comma-separated-values_filter (Arbeitskopie)
@@ -1,12 +1,10 @@
#!/bin/sh
-umask 077
+tmpfile=`mktemp` || exit 1
-st=/tmp/tempfile.$$
+nice -n19 ssindex -i "$1" > "$tmpfile"
-nice -n19 ssindex -i "$1" > st
-
-nice -n19 xsltproc - st > "$2" <<EOF
+nice -n19 xsltproc - "$tmpfile" > "$2" <<EOF
<?xml version="1.0"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform";
@@ -22,6 +20,4 @@
</xsl:stylesheet>
EOF
-rm st
-
-cat "$2"
+rm "$tmpfile"
Index: filters/text/spreadsheet_filter
===================================================================
--- filters/text/spreadsheet_filter (Revision 1038)
+++ filters/text/spreadsheet_filter (Arbeitskopie)
@@ -1,12 +1,10 @@
#!/bin/sh
-umask 077
+tmpfile=`mktemp` || exit 1
-st=/tmp/tempfile.$$
+nice -n19 ssindex -i "$1" > "$tmpfile"
-nice -n19 ssindex -i "$1" > st
-
-nice -n19 xsltproc - st > "$2" <<EOF
+nice -n19 xsltproc - "$tmpfile" > "$2" <<EOF
<?xml version="1.0"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform";
@@ -22,6 +20,4 @@
</xsl:stylesheet>
EOF
-rm st
-
-cat "$2"
+rm "$tmpfile"
Index: filters/text/tab-separated-values_filter
===================================================================
--- filters/text/tab-separated-values_filter (Revision 1038)
+++ filters/text/tab-separated-values_filter (Arbeitskopie)
@@ -1,12 +1,10 @@
#!/bin/sh
-umask 077
+tmpfile=`mktemp` || exit 1
-st=/tmp/tempfile.$$
+nice -n19 ssindex -i "$1" > "$tmpfile"
-nice -n19 ssindex -i "$1" > st
-
-nice -n19 xsltproc - st > "$2" <<EOF
+nice -n19 xsltproc - "$tmpfile" > "$2" <<EOF
<?xml version="1.0"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform";
@@ -22,6 +20,4 @@
</xsl:stylesheet>
EOF
-rm st
-
-cat "$2"
+rm "$tmpfile"
_______________________________________________
tracker-list mailing list
[email protected]
http://mail.gnome.org/mailman/listinfo/tracker-list
