changeset 80512:444a87e05509

2008-04-18 Steve Grubb <sgrubb@redhat.com> (tiny change) * vcdiff: Use mktemp (CVE-2008-1694).
author Romain Francoise <romain@orebokech.com>
date Fri, 18 Apr 2008 18:27:25 +0000
parents e85df11c51e4
children e58dfb854c06
files lib-src/ChangeLog lib-src/vcdiff
diffstat 2 files changed, 6 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/lib-src/ChangeLog	Sat Apr 12 13:14:56 2008 +0000
+++ b/lib-src/ChangeLog	Fri Apr 18 18:27:25 2008 +0000
@@ -1,3 +1,7 @@
+2008-04-18  Steve Grubb  <sgrubb@redhat.com>  (tiny change)
+
+	* vcdiff: Use mktemp (CVE-2008-1694).
+
 2008-04-10  Jason Rumney  <jasonr@gnu.org>
 
 	* makefile.w32-in (CLIENTRES): New variable and target.
--- a/lib-src/vcdiff	Sat Apr 12 13:14:56 2008 +0000
+++ b/lib-src/vcdiff	Fri Apr 18 18:27:25 2008 +0000
@@ -84,14 +84,14 @@
 	case $f in
 	s.* | */s.*)
 		if
-			rev1=/tmp/geta$$
+			rev1=`mktemp /tmp/geta.XXXXXXXX`
 			get -s -p -k $sid1 "$f" > $rev1 &&
 			case $sid2 in
 			'')
 				workfile=`expr " /$f" : '.*/s.\(.*\)'`
 				;;
 			*)
-				rev2=/tmp/getb$$
+				rev2=`mktemp /tmp/getb.XXXXXXXX`
 				get -s -p -k $sid2 "$f" > $rev2
 				workfile=$rev2
 			esac