[m-dev.] for review: fix security holes.

Tyson Dowd trd at stimpy.cs.mu.oz.au
Wed Mar 25 18:03:57 AEDT 1998
Previous message: [m-dev.] for review: fix security holes.
Next message: [m-dev.] for review: fix security holes.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 24-Mar-1998, Fergus Henderson <fjh at cs.mu.OZ.AU> wrote:
> On 23-Mar-1998, Tyson Dowd <trd at stimpy.cs.mu.oz.au> wrote:
> ...
> > +MERCURY_MSG("looking for a way to create temporary files...")
> > +
> > +AC_PATH_PROG(MKTMP,mktemp)
> > +if test "$MKTMP" != ""; then
> > +	# check that it really works
> > +	TMPFILE=`mktemp /tmp/$0.XXXXXX`
> 
> Better not use $0 there, it might contain /'s.
> I think it would be simplest to just hard-code `ml'.

Why would you want to hardcode `ml'? 

This is the configure script that is running -- hardcoding `configure'
might be better.

> 
> Also, I think you should spell MKTMP as MKTEMP.
> (There's already enough confusion caused by the difference
> between tempnam() and tmpnam() ;-)
> 
> >  		# create the pipe, making sure we remove it if interrupted
> > -	PIPE=/tmp/ml.$$
> > -	trap 'rm -f $PIPE; exit 1' 1 2 3 13 15 
> > +	um=`umask`
> > +	umask 022
> > +	TMPDIR=/tmp/ml$$
> > +	PIPE=$TMPDIR/pipe
> > +	if ! mkdir $TMPDIR ; then
> > +		echo "Unable to create temporary pipe"
> > +		exit 1
> > +	fi
> > +	umask $um
> > +	trap 'rm -rf $TMPDIR; exit 1' 1 2 3 13 15 
> 
> I think `old_umask' would be a better name than `um'.
> 
> Also it might be clearer to use the name `ML_TMPDIR',
> to distinguish it from the TMPDIR that is used by tempnam() etc.
> 
> > +		if ! mkdir $tmpdir ; then
> > +			echo "Unable to create temporary makefile"
> > +			exit 1
> 
> should be
> 	echo "Unable ..." 1>&2
> 
> Otherwise that looks OK.
> 
> Can you please post another diff when you've addressed those
> comments?


Index: configure.in
===================================================================
RCS file: /home/staff/zs/imp/mercury/configure.in,v
retrieving revision 1.116
diff -u -r1.116 configure.in
--- configure.in	1997/10/17 02:39:11	1.116
+++ configure.in	1998/03/25 06:56:41
@@ -199,6 +199,25 @@
 
 PATH="$save_PATH"
 #-----------------------------------------------------------------------------#
+MERCURY_MSG("looking for a way to create temporary files...")
+
+AC_PATH_PROG(MKTEMP,mktemp)
+if test "$MKTEMP" != ""; then
+	# check that it really works
+	TMPFILE=`mktemp /tmp/configure.XXXXXX`
+	if test -f $TMPFILE ; then
+		rm -f $TMPFILE
+		true
+	else
+		MKTEMP=""
+	fi
+fi
+if test "$MKTEMP" = ""; then
+	AC_MSG_WARN(cannot find a working \`mktemp', using \`mkdir || exit'')
+	MKTEMP=""
+fi
+AC_SUBST(MKTEMP)
+#-----------------------------------------------------------------------------#
 AC_PROG_CC
 AC_SUBST(CC)
 
Index: scripts/ml.in
===================================================================
RCS file: /home/staff/zs/imp/mercury/scripts/ml.in,v
retrieving revision 1.35
diff -u -r1.35 ml.in
--- ml.in	1997/10/12 13:46:45	1.35
+++ ml.in	1998/03/25 06:56:51
@@ -370,8 +370,16 @@
 	# pipes, then we don't use the demangler
 
 		# create the pipe, making sure we remove it if interrupted
-	PIPE=/tmp/ml.$$
-	trap 'rm -f $PIPE; exit 1' 1 2 3 13 15 
+	old_umask=`umask`
+	umask 022
+	ML_TMPDIR=/tmp/ml$$
+	PIPE=$ML_TMPDIR/pipe
+	if ! mkdir $ML_TMPDIR ; then
+		echo "Unable to create temporary pipe" 1>&2
+		exit 1
+	fi
+	umask $old_umask
+	trap 'rm -rf $ML_TMPDIR; exit 1' 1 2 3 13 15 
 	$MKFIFO $PIPE
 		# execute the demangler in the background, with stdin 
 		# coming from the pipe and with stdout redirected to stderr
@@ -380,7 +388,7 @@
 	exec >$PIPE 2>&1
 		# now we can remove the pipe; since is an open file, it will
 		# stay around until $CC and $DEMANGLER exit
-	rm -f $PIPE
+	rm -rf $ML_TMPDIR
 		# finally execute $CC; stdout & stderr will
 		# go via the pipe to $DEMANGLER and then to stderr
 	;;
Index: scripts/mmake.in
===================================================================
RCS file: /home/staff/zs/imp/mercury/scripts/mmake.in,v
retrieving revision 1.14
diff -u -r1.14 mmake.in
--- mmake.in	1997/07/27 15:09:36	1.14
+++ mmake.in	1998/03/25 06:56:51
@@ -56,6 +56,7 @@
 MMAKE_RULES=${MMAKE_RULES=$MMAKE_DIR/Mmake.rules}
 MERCURY_INT_DIR=${MERCURY_INT_DIR=@LIBDIR@/ints}
 MERCURY_DEFAULT_GRADE=${MERCURY_DEFAULT_GRADE=@DEFAULT_GRADE@}
+MKTEMP=@MKTEMP@
 
 MMAKE=$0
 verbose=false
@@ -111,8 +112,22 @@
 if $save_makefile; then
 	tmp=Mmake.makefile
 else
-	tmp=/tmp/mmake.$$
-	trap 'status=$?; rm -f $tmp; exit $status' 0 1 2 3 13 15
+	if [ $MKTEMP = "" ] ; then
+		old_umask=`umask`
+		umask 022
+		mmake_tmpdir=/tmp/mmake$$
+		tmp=$mmake_tmpdir/mmake
+		if ! mkdir $mmake_tmpdir ; then
+			echo "Unable to create temporary makefile" 1>&2
+			exit 1
+		fi
+		umask $old_umask
+		trap 'status=$?; rm -rf $mmake_tmpdir; exit $status' 0 1 2 3 13 15
+	else
+		# mktemp should give its own error message.
+		tmp=`$MKTEMP /tmp/mmake.XXXXXX` || exit 1
+		trap 'status=$?; rm -f $tmp; exit $status' 0 1 2 3 13 15
+	fi
 fi
 
 MMAKE_MAKE_CMD="${MMAKE_MAKE} -f $tmp -r"
@@ -126,7 +141,7 @@
 	echo export MERCURY_INT_DIR
 	echo MERCURY_DEFAULT_GRADE=$MERCURY_DEFAULT_GRADE
 	echo export MERCURY_DEFAULT_GRADE
-	echo cat ${MMAKE_VARS} $deps $ds $mmake ${MMAKE_RULES} ">" $tmp
+	echo cat ${MMAKE_VARS} $deps $ds $mmake ${MMAKE_RULES} ">>" $tmp
 	echo ${MMAKE_MAKE} -f $tmp -r "$@"
 fi
 export MMAKE

-- 
       Tyson Dowd           # So I asked Sarah: what's the serial number on
                            # your computer? She replied:
     trd at cs.mu.oz.au        #          A-C-2-4-0-V-/-5-0-H-Z
http://www.cs.mu.oz.au/~trd #
Previous message: [m-dev.] for review: fix security holes.
Next message: [m-dev.] for review: fix security holes.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the developers mailing list