[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV Re: ...vulnerability in Lynx - code
From: |
Jonathan Sergent |
Subject: |
Re: LYNX-DEV Re: ...vulnerability in Lynx - code |
Date: |
Sat, 10 May 1997 00:04:24 EST |
] On Fri, 9 May 1997, Jonathan Sergent wrote:
] > In my opinion:
] >
] > We want lynx to work as well (this includes "in a relatively secure
] > fashion") in as many environments as possible. "We" do this by
] > creating our temporary files with something like mkstemp.
]
] Here is my attempt at it, as patches against official 2.7.1:
]
] <URL:http://sol.slcc.edu/lynx/klaus/temp/diffs-2.7.1--stemp.pch>
]
] (Visit <URL:http://sol.slcc.edu/lynx/klaus/temp/>,
] then D)ownload, not P)rint, for a usable diff)
...
Thanks.
Attached is a copy of mkstemp() from the GNU libc which I modified to
support arbitrary extensions. It probably doesn't work, though. Call
it with template == fooXXXXXX.html and n == 3, and it should replace
the X's and create the temp file. I didn't try to compile it and I'm
out of it so it probably won't work. The includes will need the usual
ifdef'ing I suppose. This at least makes you not need to do all of
the rename() business. None of that would be needed at all if we could
get rid of the open / write / close / open / read / close business I
suppose (but that isn't a problem if you have a "sticky" or a private
directory to write things to). In any case some form of this helps
machines with no mkstemp. I can send you a copy of the original one
as well if you like.
If you're concerned about reading back the same file you wrote out, you
could fstat() the fd you know you wrote to, fstat() it before you read
it back in, and make sure they have the same inode number. If they
don't, you'd certainly want to complain rather than show the user a file
they didn't ask to see. Just an idea.
Sorry I keep suggesting these ideas without doing anything about them,
I really ought to be doing other things ...
--jss.
/* Copyright (C) 1991, 1992, 1996 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Library General Public License as
published by the Free Software Foundation; either version 2 of the
License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Library General Public License for more details.
You should have received a copy of the GNU Library General Public
License along with the GNU C Library; see the file COPYING.LIB. If not,
write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA. */
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <stdio.h>
#include <fcntl.h>
#include <unistd.h>
/* Generate a unique temporary file name from TEMPLATE.
The last six characters of TEMPLATE must be "XXXXXX";
they are replaced with a string that makes the filename unique.
Returns a file descriptor open on the file for reading and writing. */
int
mkstemp (template, xstart)
char *template;
int xstart;
{
static const char letters[]
= "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
size_t len;
size_t i;
len = strlen (template);
if (len < 6 || strcmp (&template[n], "XXXXXX"))
{
errno = EINVAL;
return -1;
}
if (sprintf (&template[n + 1], "%.5u",
(unsigned int) getpid () % 100000) != 5)
/* Inconceivable lossage. */
return -1;
for (i = 0; i < sizeof (letters); ++i)
{
int fd;
template[n] = letters[i];
fd = open (template, O_RDWR|O_CREAT|O_EXCL, 0666);
if (fd >= 0)
return fd;
}
/* We return the null string if we can't find a unique file name. */
template[0] = '\0';
return -1;
}
--
Jonathan Sergent / address@hidden / address@hidden
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., (continued)
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Scott McGee (Personal), 1997/05/09
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Scott McGee (Personal), 1997/05/09
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Scott McGee (Personal), 1997/05/09
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Jonathan Sergent, 1997/05/09
- LYNX-DEV Re: ...vulnerability in Lynx - code, Klaus Weide, 1997/05/09
- Re: LYNX-DEV Re: ...vulnerability in Lynx - code,
Jonathan Sergent <=
- LYNX-DEV Re: mkstemp source, Larry W. Virden, x2487, 1997/05/10
- Re: LYNX-DEV Re: mkstemp source, T.E.Dickey, 1997/05/10
- Re: LYNX-DEV Re: mkstemp source, Larry W. Virden, x2487, 1997/05/10
- Re: LYNX-DEV Re: mkstemp source, Jonathan Sergent, 1997/05/10
- Re: LYNX-DEV Re: mkstemp source, Larry W. Virden, x2487, 1997/05/10
Re: LYNX-DEV Re: ...vulnerability in Lynx..., Nelson Henry Eric, 1997/05/09