diff options
| author | keithmarshall <keithmarshall> | 2010-12-02 17:14:16 +0000 |
|---|---|---|
| committer | keithmarshall <keithmarshall> | 2010-12-02 17:14:16 +0000 |
| commit | 2262217705247ae443e9016cb467dac9ecf49f8d (patch) | |
| tree | b84839a709fa68be479e4c2f8b2c1a81f04cd487 /contrib/pdfmark/pdfroff.sh | |
| parent | 780293087ed2076c123b432b0c06ca66be4fa803 (diff) | |
| download | groff-2262217705247ae443e9016cb467dac9ecf49f8d.tar.gz | |
Address potential temporary file security vulnerabilities.
Diffstat (limited to 'contrib/pdfmark/pdfroff.sh')
| -rw-r--r-- | contrib/pdfmark/pdfroff.sh | 42 |
1 files changed, 34 insertions, 8 deletions
diff --git a/contrib/pdfmark/pdfroff.sh b/contrib/pdfmark/pdfroff.sh index aa13ec73..bb05df04 100644 --- a/contrib/pdfmark/pdfroff.sh +++ b/contrib/pdfmark/pdfroff.sh @@ -135,9 +135,40 @@ echo $2` fi # -# Set up temporary/intermediate file locations. +# Set up temporary/intermediate file locations, with traps to +# clean them up on exit. Note that, for greater portability, we +# prefer to refer to events by number, rather than by symbolic +# names; thus, the EXIT event is trapped as event zero. +# + export TMPDIR GROFF_TMPDIR + TMPDIR=${GROFF_TMPDIR=${TMPDIR-${TMP-${TEMP-"."}}}} + if GROFF_TMPDIR=`exec 2>${NULLDEV}; mktemp -dt pdfroff-XXXXXXXXXX` + then + # + # We successfully created a private temporary directory, + # so to clean up, we may simply purge it. + # + trap "rm -rf ${GROFF_TMPDIR}" 0 + # + else + # + # Creation of a private temporary directory was unsuccessful; + # fall back to user nominated directory, (using current directory + # as default), and schedule removal of only the temporary files. + # + GROFF_TMPDIR=${TMPDIR} + trap "rm -f ${GROFF_TMPDIR}/pdf$$.*" 0 + fi + # + # In the case of abnormal termination events, we force an exit + # (with status code '1'), leaving the normal exit trap to clean + # up the temporary files, as above. Note that we again prefer + # to refer to events by number, rather than by symbolic names; + # here we trap SIGHUP, SIGINT, SIGQUIT, SIGPIPE and SIGTERM. + # + trap "exit 1" 1 2 3 13 15 # - WRKFILE=${GROFF_TMPDIR=${TMPDIR-${TMP-${TEMP-"."}}}}/pdf$$.tmp + WRKFILE=${GROFF_TMPDIR}/pdf$$.tmp # REFCOPY=${GROFF_TMPDIR}/pdf$$.cmp REFFILE=${GROFF_TMPDIR}/pdf$$.ref @@ -146,11 +177,6 @@ TC_DATA=${GROFF_TMPDIR}/pdf$$.tc BD_DATA=${GROFF_TMPDIR}/pdf$$.ps # -# Set a trap, to delete temporary files on exit. -# (FIXME: may want to include other signals, in released version). -# - trap "rm -f ${GROFF_TMPDIR}/pdf$$.*" 0 -# # Initialise 'groff' format control settings, # to discriminate table of contents and document body formatting passes. # @@ -627,4 +653,4 @@ $SAY >&2 ". done" # # ------------------------------------------------------------------------------ -# $RCSfile: pdfroff.sh,v $ $Revision: 1.16 $: end of file +# $RCSfile: pdfroff.sh,v $ $Revision: 1.17 $: end of file |