[Pkg-mozext-commits] [mozilla-devscripts] 04/12: xpi-repack: Use the tempfile module to create a secure temporary directory.

Benjamin Drung bdrung at moszumanska.debian.org
Mon Mar 10 23:36:47 UTC 2014 

This is an automated email from the git hooks/post-receive script.

bdrung pushed a commit to branch master
in repository mozilla-devscripts.

commit 94e9f9b84e23a2f9af71dcf2df03d91a08d6206e
Author: Benjamin Drung <bdrung at debian.org>
Date:   Mon Mar 10 23:41:50 2014 +0100

    xpi-repack: Use the tempfile module to create a secure temporary directory.
    
    Thanks: Jakub Wilk <jwilk at debian.org>
    Closes: #740759
---
 xpi-repack | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/xpi-repack b/xpi-repack
index 2f7fea5..f18580f 100755
--- a/xpi-repack
+++ b/xpi-repack
@@ -18,6 +18,7 @@ import argparse
 import os
 import subprocess
 import sys
+import tempfile
 
 # error codes
 COMMAND_LINE_SYNTAX_ERROR = 1
@@ -35,12 +36,11 @@ def remove_recursive(path):
         os.rmdir(path)
 
 
-def repack_xpi(package, upstream_version, xpi_file, verbose):
+def repack_xpi(script_name, package, upstream_version, xpi_file, verbose):
     # extract xpi file
-    tmp_dir = "/tmp"
+    tmp_dir = tempfile.mkdtemp(prefix=script_name+".")
     extract_dir = package + "-" + upstream_version
     full_extract_dir = os.path.join(tmp_dir, extract_dir)
-    remove_recursive(full_extract_dir)
     subprocess.check_call(["xpi-unpack", xpi_file, full_extract_dir])
 
     # check, if source 3.0 (quilt) format is used
@@ -61,7 +61,7 @@ def repack_xpi(package, upstream_version, xpi_file, verbose):
     subprocess.check_call(cmd)
 
     # remove temporary directory
-    remove_recursive(full_extract_dir)
+    remove_recursive(tmp_dir)
 
 
 def get_source_package_name(script_name):
@@ -93,7 +93,8 @@ def main():
     if not args.package:
         args.package = get_source_package_name(script_name)
 
-    repack_xpi(args.package, args.version, args.xpi_file, args.verbose)
+    repack_xpi(script_name, args.package, args.version, args.xpi_file,
+               args.verbose)
 
 if __name__ == "__main__":
     main()

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-mozext/mozilla-devscripts.git

More information about the Pkg-mozext-commits mailing list