Archives
Archives
| From: | "Robert Buchholz (rbu)" <rbu@g.o> |
|---|---|
| To: | gentoo-commits@l.g.o |
| Subject: | [gentoo-commits] gentoo-x86 commit in media-gfx/aview/files: aview-1.3.0_rc1-includes.patch aview-1.3.0_rc1-tmp_creation.patch |
| Date: | Sat, 13 Sep 2008 19:08:42 |
| Message-Id: | E1KeaU3-00058I-Go@stork.gentoo.org |
| 1 | rbu 08/09/13 19:08:39 |
| 2 | |
| 3 | Added: aview-1.3.0_rc1-includes.patch |
| 4 | aview-1.3.0_rc1-tmp_creation.patch |
| 5 | Log: |
| 6 | Fix insecure temporary file creation in asciiview (bug #235808) |
| 7 | (Portage version: 2.2_rc8/cvs/Linux 2.6.27-rc6 x86_64) |
| 8 | |
| 9 | Revision Changes Path |
| 10 | 1.1 media-gfx/aview/files/aview-1.3.0_rc1-includes.patch |
| 11 | |
| 12 | file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-gfx/aview/files/aview-1.3.0_rc1-includes.patch?rev=1.1&view=markup |
| 13 | plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-gfx/aview/files/aview-1.3.0_rc1-includes.patch?rev=1.1&content-type=text/plain |
| 14 | |
| 15 | Index: aview-1.3.0_rc1-includes.patch |
| 16 | =================================================================== |
| 17 | Index: aview-1.3.0/main.c |
| 18 | =================================================================== |
| 19 | --- aview-1.3.0.orig/main.c |
| 20 | +++ aview-1.3.0/main.c |
| 21 | @@ -1,4 +1,6 @@ |
| 22 | #include <aalib.h> |
| 23 | +#include <string.h> |
| 24 | +#include <stdlib.h> |
| 25 | #include "image.h" |
| 26 | #include "ui.h" |
| 27 | #include "config.h" |
| 28 | |
| 29 | |
| 30 | |
| 31 | 1.1 media-gfx/aview/files/aview-1.3.0_rc1-tmp_creation.patch |
| 32 | |
| 33 | file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-gfx/aview/files/aview-1.3.0_rc1-tmp_creation.patch?rev=1.1&view=markup |
| 34 | plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-gfx/aview/files/aview-1.3.0_rc1-tmp_creation.patch?rev=1.1&content-type=text/plain |
| 35 | |
| 36 | Index: aview-1.3.0_rc1-tmp_creation.patch |
| 37 | =================================================================== |
| 38 | Fix insecure temporary file creation, see: |
| 39 | https://bugs.gentoo.org/show_bug.cgi?id=235808 |
| 40 | |
| 41 | Index: aview-1.3.0/asciiview |
| 42 | =================================================================== |
| 43 | --- aview-1.3.0.orig/asciiview |
| 44 | +++ aview-1.3.0/asciiview |
| 45 | @@ -3,11 +3,11 @@ |
| 46 | clear() |
| 47 | { |
| 48 | kill $! 2>/dev/null |
| 49 | - rm -f /tmp/aview$$.pgm 2>/dev/null |
| 50 | + rm -rf $tmpdir 2>/dev/null |
| 51 | } |
| 52 | myconvert() |
| 53 | { |
| 54 | - if anytopnm "$1" >/tmp/aview$$.pgm 2>/dev/null ; then |
| 55 | + if anytopnm "$1" >"$2" 2>/dev/null ; then |
| 56 | exit |
| 57 | elif convert -colorspace gray "$1" pgm:- 2>/dev/null ; then |
| 58 | exit |
| 59 | @@ -56,8 +56,9 @@ while [ "$1" != "" ]; do |
| 60 | esac |
| 61 | done |
| 62 | trap clear 0 |
| 63 | -mkfifo /tmp/aview$$.pgm |
| 64 | -outfile=/tmp/aview$$.pgm |
| 65 | +tmpdir=`mktemp -t -d` |
| 66 | +outfile=$tmpdir/aview.pgm |
| 67 | +mkfifo $outfile |
| 68 | IFS=$(echo -e "\000") |
| 69 | echo $filenames | while read name; do |
| 70 | if test -r "$name" ; then |
| 71 | @@ -67,10 +68,10 @@ case "$name" in |
| 72 | aaflip $options "$name" |
| 73 | ;; |
| 74 | *) |
| 75 | - myconvert "$name" >/tmp/aview$$.pgm & |
| 76 | + myconvert "$name" "$outfile" >"$outfile" & |
| 77 | pid=$! |
| 78 | PATH="$PATH:." |
| 79 | - aview $options /tmp/aview$$.pgm |
| 80 | + aview $options $outfile |
| 81 | kill $pid 2>/dev/null |
| 82 | esac |
| 83 | else |