This is the mail archive of the
binutils@sources.redhat.com
mailing list for the binutils project.
PATCH: get rid of some choose_temp_base in binutils/
- To: binutils at sourceware dot cygnus dot com
- Subject: PATCH: get rid of some choose_temp_base in binutils/
- From: Marc Espie <espie at bonnie dot liafa dot jussieu dot fr>
- Date: Tue, 1 Aug 2000 15:04:07 +0200
This small patch does replace calls to choose_temp_base with calls to
make_temp_file. The only issue is that make_temp_file actually creates the
file.
(choose_temp_base has obvious security considerations, since it does not
create the temporary file, and an attacker can usually exploit the race
condition to overwrite an important file by using a symlink).
I'm aware that these calls are in the cygwin part of the compiler, but
are they only used for native builds, or also for cross-builds ?
In any case, completely getting rid of make_temp_name() looks like a
worthy goal to me...
Tue Aug 1 15:01:57 CEST 2000 Marc Espie <espie@openbsd.org>
* dllwrap.c (main): Use make_temp_file().
* resrc.c (open_input_stream): Use make_temp_file().
diff --exclude libiberty --exclude texinfo -u -r -p -N binutils-2.10.orig/binutils/dllwrap.c binutils-2.10/binutils/dllwrap.c
--- binutils-2.10.orig/binutils/dllwrap.c Fri Apr 7 06:39:24 2000
+++ binutils-2.10/binutils/dllwrap.c Thu Jul 20 18:22:03 2000
@@ -834,12 +838,9 @@ main (argc, argv)
if (! def_file_seen)
{
- char *fileprefix = choose_temp_base ();
- def_file_name = (char *) xmalloc (strlen (fileprefix) + 5);
- sprintf (def_file_name, "%s.def",
- (dontdeltemps) ? mybasename (fileprefix) : fileprefix);
- delete_def_file = 1;
- free (fileprefix);
+ def_file_name = make_temp_file (".def");
+ if (dontdeltemps)
+ def_file_name = mybasename (def_file_name);
delete_def_file = 1;
warn (_("no export definition file provided"));
warn (_("creating one, but that may not be what you want"));
@@ -1022,12 +1023,10 @@ main (argc, argv)
if (! base_file_name)
{
- char *fileprefix = choose_temp_base ();
- base_file_name = (char *) xmalloc (strlen (fileprefix) + 6);
- sprintf (base_file_name, "%s.base",
- (dontdeltemps) ? mybasename (fileprefix) : fileprefix);
+ base_file_name = make_temp_file (".base");
+ if (dontdeltemps)
+ base_file_name = mybasename (base_file_name);
delete_base_file = 1;
- free (fileprefix);
}
{
diff --exclude libiberty --exclude texinfo -u -r -p -N binutils-2.10.orig/binutils/resrc.c binutils-2.10/binutils/resrc.c
--- binutils-2.10.orig/binutils/resrc.c Sat Feb 19 04:59:10 2000
+++ binutils-2.10/binutils/resrc.c Thu Jul 20 18:09:56 2000
@@ -297,12 +302,7 @@ open_input_stream (cmd)
{
if (istream_type == ISTREAM_FILE)
{
- char *fileprefix;
-
- fileprefix = choose_temp_base ();
- cpp_temp_file = (char *) xmalloc (strlen (fileprefix) + 5);
- sprintf (cpp_temp_file, "%s.irc", fileprefix);
- free (fileprefix);
+ cpp_temp_file = make_temp_file (".irc");
if (run_cmd (cmd, cpp_temp_file))
fatal (_("can't execute `%s': %s"), cmd, strerror (errno));