[SCM] Git repository for devscripts branch, master, updated. v2.12.2-40-g5fafd58
James McCoy
jamessan at debian.org
Sat Sep 1 14:59:00 UTC 2012
The following commit has been merged in the master branch:
commit 4d23a5e6c90f7a37b0972b30f5d31dce97a93eb0
Author: Jim Meyering <meyering at redhat.com>
Date: Mon Aug 13 15:44:49 2012 +0200
annotate-output: prevent symlink attack
* annotate-output: Fix to prevent symlink attack: don't delete
safely-created file and reuse its name. Instead, create temporary
directory and create FIFOs therein. Also, be sure to remove
temporaries upon catchable signal.
Signed-off-by: James McCoy <jamessan at debian.org>
diff --git a/scripts/annotate-output.sh b/scripts/annotate-output.sh
index be0df3d..a1e1a31 100755
--- a/scripts/annotate-output.sh
+++ b/scripts/annotate-output.sh
@@ -62,10 +62,14 @@ if [ $# -lt 1 ]; then
exit 1
fi
-OUT=`mktemp --tmpdir annotate.XXXXXX` || exit 1
-ERR=`mktemp --tmpdir annotate.XXXXXX` || exit 1
+cleanup() { __st=$?; rm -rf "$tmp"; exit $__st; }
+trap cleanup 0
+trap 'exit $?' 1 2 13 15
+
+tmp=$(mktemp -d --tmpdir annotate.XXXXXX) || exit 1
+OUT=$tmp/out
+ERR=$tmp/err
-rm -f $OUT $ERR
mkfifo $OUT $ERR || exit 1
addtime O < $OUT &
--
Git repository for devscripts
More information about the devscripts-devel
mailing list