mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-12 03:00:28 +00:00
ceed13510d
allow local users to overwrite files via a symlink attack on temporary files. Security: CAN-2004-0967
41 lines
1.1 KiB
Plaintext
41 lines
1.1 KiB
Plaintext
--- lib/pj-gs.sh.orig Thu Mar 9 17:40:40 2000
|
|
+++ lib/pj-gs.sh Mon Nov 28 02:22:20 2005
|
|
@@ -241,6 +241,7 @@
|
|
then
|
|
/usr/lib/lprcat $Nofilter $Nolabel $file PCL1 $user $dev
|
|
else
|
|
+ TEMPFILE=`mktemp -t pjXXXXXX` || exit 1
|
|
type=`file $file | sed 's/^[^:]*..//'`
|
|
case "$type" in
|
|
postscript*)
|
|
@@ -251,22 +252,22 @@
|
|
#
|
|
# gs -q -sDEVICE=paintjet -r180 -sOutputFile=- -dDISKFONTS -dNOPAUSE - < $file 2>/tmp/sh$$
|
|
|
|
- gs -q -sDEVICE=paintjet -r180 -sOutputFile=/tmp/pj$$ -dDISKFONTS -dNOPAUSE - < $file 1>2
|
|
- cat /tmp/pj$$
|
|
- rm /tmp/pj$$
|
|
+ gs -q -sDEVICE=paintjet -r180 -sOutputFile=$TEMPFILE -dDISKFONTS -dNOPAUSE - < $file 1>2
|
|
+ cat $TEMPFILE
|
|
+ rm $TEMPFILE
|
|
needff=
|
|
;;
|
|
- *) cat "$file" 2>/tmp/sh$$
|
|
+ *) cat "$file" 2>$TEMPFILE
|
|
needff=1
|
|
;;
|
|
esac
|
|
|
|
- if [ -s /tmp/sh$$ ]
|
|
+ if [ -s $TEMPFILE ]
|
|
then
|
|
# cat /tmp/sh$$ # output any errors
|
|
- cat /tmp/sh$$ 1>2 # output any errors
|
|
+ cat $TEMPFILE 1>2 # output any errors
|
|
fi
|
|
- rm -f /tmp/sh$$
|
|
+ rm -f $TEMPFILE
|
|
if [ $needff ]; then echo "\014\r\c"; fi
|
|
fi
|
|
|