From c72849267d68b18455a39ae7c51fd36c83886f7f Mon Sep 17 00:00:00 2001 From: lukem Date: Mon, 18 Jun 2001 11:10:25 +0000 Subject: [PATCH] use mktemp(1) to safely create the temporary file. fixes [security/12915] from David Sainty. --- usr.bin/locate/locate/updatedb.sh | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/usr.bin/locate/locate/updatedb.sh b/usr.bin/locate/locate/updatedb.sh index 615f925743ee..d54a41fbd7c7 100644 --- a/usr.bin/locate/locate/updatedb.sh +++ b/usr.bin/locate/locate/updatedb.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# $NetBSD: updatedb.sh,v 1.4 2001/05/14 14:58:59 jdolecek Exp $ +# $NetBSD: updatedb.sh,v 1.5 2001/06/18 11:10:25 lukem Exp $ # # Copyright (c) 1989, 1993 # The Regents of the University of California. All rights reserved. @@ -42,13 +42,12 @@ SRCHPATHS="/" # directories to be put in the database LIBDIR="/usr/libexec" # for subprograms # for temp files -export TMPDIR="${TMPDIR:-/tmp}" FCODES="/var/db/locate.database" # the database PATH="/bin:/usr/bin" -FILELIST="$TMPDIR/locate.list.$$" -trap 'rm -f $FILELIST' 0 -trap 'rm -f $FILELIST; exit 1' 1 2 3 15 +FILELIST=`mktemp -t locate.list` || exit 1 +trap "rm -f $FILELIST" EXIT +trap "rm -f $FILELIST; exit 1" INT QUIT TERM # Make a file list and compute common bigrams. # Entries of each directory shall be sorted (find -s). @@ -57,7 +56,7 @@ trap 'rm -f $FILELIST; exit 1' 1 2 3 15 # find -s $SRCHPATHS -print \ find -s $SRCHPATHS \( ! -fstype local -o -fstype fdesc -o -fstype kernfs \) \ -a -prune -o -print \ - >$FILELIST + >> "$FILELIST" BIGRAMS="`$LIBDIR/locate.bigram <$FILELIST`" @@ -65,6 +64,6 @@ BIGRAMS="`$LIBDIR/locate.bigram <$FILELIST`" if [ -z "$BIGRAMS" ]; then echo 'locate: updatedb failed' >&2 else - $LIBDIR/locate.code "$BIGRAMS" <$FILELIST >$FCODES + $LIBDIR/locate.code $BIGRAMS <"$FILELIST" >$FCODES chmod 644 $FCODES fi