[Groff-commit] groff/contrib/pdfmark ChangeLog pdfroff.man pdf...

groff-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Groff-commit] groff/contrib/pdfmark ChangeLog pdfroff.man pdf...

From:	Keith Marshall
Subject:	[Groff-commit] groff/contrib/pdfmark ChangeLog pdfroff.man pdf...
Date:	Thu, 02 Dec 2010 17:14:17 +0000

CVSROOT:        /sources/groff
Module name:    groff
Changes by:     Keith Marshall <keithmarshall>  10/12/02 17:14:17

Modified files:
        contrib/pdfmark: ChangeLog pdfroff.man pdfroff.sh 

Log message:
        Address potential temporary file security vulnerabilities.

CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/groff/contrib/pdfmark/ChangeLog?cvsroot=groff&r1=1.26&r2=1.27
http://cvs.savannah.gnu.org/viewcvs/groff/contrib/pdfmark/pdfroff.man?cvsroot=groff&r1=1.13&r2=1.14
http://cvs.savannah.gnu.org/viewcvs/groff/contrib/pdfmark/pdfroff.sh?cvsroot=groff&r1=1.16&r2=1.17

Patches:
Index: ChangeLog
===================================================================
RCS file: /sources/groff/groff/contrib/pdfmark/ChangeLog,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -b -r1.26 -r1.27
--- ChangeLog   16 Aug 2009 20:57:02 -0000      1.26
+++ ChangeLog   2 Dec 2010 17:14:16 -0000       1.27
@@ -1,3 +1,11 @@
+2010-12-02  Keith Marshall  <address@hidden>
+
+       Address potential temporary file security vulnerabilities.
+
+       * pdfroff.sh (GROFF_TMPDIR): Use mktemp(1) to assign it, if possible;
+       fall back to ${TMPDIR}, ${TMP} or ${TEMP} if unsuccessful.
+       * pdfroff.man: Document it.
+
 2009-08-16  Colin Watson  <address@hidden>
 
        Make pdfroff's GhostScript invocation safer.

Index: pdfroff.man
===================================================================
RCS file: /sources/groff/groff/contrib/pdfmark/pdfroff.man,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -b -r1.13 -r1.14
--- pdfroff.man 16 Aug 2009 20:57:02 -0000      1.13
+++ pdfroff.man 2 Dec 2010 17:14:16 -0000       1.14
@@ -645,10 +645,24 @@
 .P
 Temporary files, created by
 .BR pdfroff ,
-are placed in the directory specified by environment variables (see
-section
-.BR ENVIRONMENT ),
-and named according to the convention
+are placed in the file system hierarchy,
+in or below the directory specified by environment variables
+(see section
+.BR ENVIRONMENT ).
+If
+.BR mktemp (@MAN1EXT@)
+is available,
+it is invoked to create a private subdirectory of
+the nominated temporary files directory,
+(with subdirectory name derived from the template
+.BR pdfroff-XXXXXXXXXX );
+if this subdirectory is successfully created,
+the temporary files will be placed within it,
+otherwise they will be placed directly in the directory
+nominated in the environment.
+.P
+All temporary files themselves
+are named according to the convention
 .BI pdf $$ .*\c
 \&, where
 .I $$

Index: pdfroff.sh
===================================================================
RCS file: /sources/groff/groff/contrib/pdfmark/pdfroff.sh,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -b -r1.16 -r1.17
--- pdfroff.sh  16 Aug 2009 20:57:02 -0000      1.16
+++ pdfroff.sh  2 Dec 2010 17:14:16 -0000       1.17
@@ -135,9 +135,40 @@
       echo $2`
   fi
 #
-# Set up temporary/intermediate file locations.
+# Set up temporary/intermediate file locations, with traps to
+# clean them up on exit.  Note that, for greater portability, we
+# prefer to refer to events by number, rather than by symbolic
+# names; thus, the EXIT event is trapped as event zero.
+#
+  export TMPDIR GROFF_TMPDIR
+  TMPDIR=${GROFF_TMPDIR=${TMPDIR-${TMP-${TEMP-"."}}}}
+  if GROFF_TMPDIR=`exec 2>${NULLDEV}; mktemp -dt pdfroff-XXXXXXXXXX`
+  then
+  #
+  # We successfully created a private temporary directory,
+  # so to clean up, we may simply purge it.
+  #
+    trap "rm -rf ${GROFF_TMPDIR}" 0
+  #
+  else
+  #
+  # Creation of a private temporary directory was unsuccessful;
+  # fall back to user nominated directory, (using current directory
+  # as default), and schedule removal of only the temporary files.
+  #
+    GROFF_TMPDIR=${TMPDIR}
+    trap "rm -f ${GROFF_TMPDIR}/pdf$$.*" 0
+  fi
+  #
+  # In the case of abnormal termination events, we force an exit
+  # (with status code '1'), leaving the normal exit trap to clean
+  # up the temporary files, as above.  Note that we again prefer
+  # to refer to events by number, rather than by symbolic names;
+  # here we trap SIGHUP, SIGINT, SIGQUIT, SIGPIPE and SIGTERM.
+  #
+  trap "exit 1" 1 2 3 13 15
 #
-  WRKFILE=${GROFF_TMPDIR=${TMPDIR-${TMP-${TEMP-"."}}}}/pdf$$.tmp
+  WRKFILE=${GROFF_TMPDIR}/pdf$$.tmp
 #
   REFCOPY=${GROFF_TMPDIR}/pdf$$.cmp
   REFFILE=${GROFF_TMPDIR}/pdf$$.ref
@@ -146,11 +177,6 @@
   TC_DATA=${GROFF_TMPDIR}/pdf$$.tc
   BD_DATA=${GROFF_TMPDIR}/pdf$$.ps
 #
-# Set a trap, to delete temporary files on exit.
-# (FIXME: may want to include other signals, in released version).
-#
-  trap "rm -f ${GROFF_TMPDIR}/pdf$$.*" 0
-#
 # Initialise 'groff' format control settings,
 # to discriminate table of contents and document body formatting passes.
 #
@@ -627,4 +653,4 @@
   $SAY >&2 ". done"
 #
 # 
------------------------------------------------------------------------------
-# $RCSfile: pdfroff.sh,v $ $Revision: 1.16 $: end of file
+# $RCSfile: pdfroff.sh,v $ $Revision: 1.17 $: end of file

[Prev in Thread]

Current Thread

[Next in Thread]

[Groff-commit] groff/contrib/pdfmark ChangeLog pdfroff.man pdf..., Keith Marshall <=

Next by Date: [Groff-commit] groff/contrib/chem ChangeLog Makefile.sub examp...
Next by thread: [Groff-commit] groff/contrib/chem ChangeLog Makefile.sub examp...
Index(es):
- Date
- Thread