rpms/cups/F-10 cups-str3382.patch,NONE,1.1 cups.spec,1.463,1.464
Jiří Popelka
jpopelka at fedoraproject.org
Tue Oct 20 15:34:06 UTC 2009
Author: jpopelka
Update of /cvs/pkgs/rpms/cups/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv3101
Modified Files:
cups.spec
Added Files:
cups-str3382.patch
Log Message:
* Tue Oct 20 2009 Jiri Popelka <jpopelka at redhat.com> 1:1.3.10-6
- Fix cups-lpd to create unique temporary data files (bug #529838, STR #3382).
cups-str3382.patch:
tempfile.c | 31 ++++++++++++-------------------
1 file changed, 12 insertions(+), 19 deletions(-)
--- NEW FILE cups-str3382.patch ---
diff -up cups-1.3.10/cups/tempfile.c.str3382 cups-1.3.10/cups/tempfile.c
--- cups-1.3.10/cups/tempfile.c.str3382 2008-07-12 00:48:49.000000000 +0200
+++ cups-1.3.10/cups/tempfile.c 2009-10-20 15:23:25.000000000 +0200
@@ -35,6 +35,7 @@
# include <io.h>
#else
# include <unistd.h>
+# include <sys/types.h>
#endif /* WIN32 || __EMX__ */
@@ -56,7 +57,7 @@ cupsTempFd(char *filename, /* I - Point
char tmppath[1024]; /* Windows temporary directory */
DWORD curtime; /* Current time */
#else
- struct timeval curtime; /* Current time */
+ mode_t old_umask; /* Old umask before using mkstemp() */
#endif /* WIN32 */
@@ -107,33 +108,25 @@ cupsTempFd(char *filename, /* I - Point
snprintf(filename, len - 1, "%s/%05lx%08lx", tmpdir,
GetCurrentProcessId(), curtime);
-#else
- /*
- * Get the current time of day...
- */
-
- gettimeofday(&curtime, NULL);
-
- /*
- * Format a string using the hex time values...
- */
-
- snprintf(filename, len - 1, "%s/%08lx%05lx", tmpdir,
- (unsigned long)curtime.tv_sec, (unsigned long)curtime.tv_usec);
-#endif /* WIN32 */
/*
* Open the file in "exclusive" mode, making sure that we don't
* stomp on an existing file or someone's symlink crack...
*/
-#ifdef WIN32
fd = open(filename, _O_CREAT | _O_RDWR | _O_TRUNC | _O_BINARY,
_S_IREAD | _S_IWRITE);
-#elif defined(O_NOFOLLOW)
- fd = open(filename, O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW, 0600);
#else
- fd = open(filename, O_RDWR | O_CREAT | O_EXCL, 0600);
+ /*
+ * Use the standard mkstemp() call to make a temporary filename
+ * securely. -- andrew.wood at jdplc.com
+ */
+
+ snprintf(filename, len - 1, "%s/cupsXXXXXX", tmpdir);
+
+ old_umask = umask(0077);
+ fd = mkstemp(filename);
+ umask(old_umask);
#endif /* WIN32 */
if (fd < 0 && errno != EEXIST)
Index: cups.spec
===================================================================
RCS file: /cvs/pkgs/rpms/cups/F-10/cups.spec,v
retrieving revision 1.463
retrieving revision 1.464
diff -u -p -r1.463 -r1.464
--- cups.spec 6 May 2009 12:08:40 -0000 1.463
+++ cups.spec 20 Oct 2009 15:34:05 -0000 1.464
@@ -7,7 +7,7 @@
Summary: Common Unix Printing System
Name: cups
Version: 1.3.10
-Release: 5%{?svn:.svn%{svn}}%{?dist}
+Release: 6%{?svn:.svn%{svn}}%{?dist}
License: GPLv2
Group: System Environment/Daemons
Source: ftp://ftp.easysw.com/pub/cups/test//cups-%{version}%{?svn:svn-r%{svn}}-source.tar.bz2
@@ -51,6 +51,7 @@ Patch24: cups-str2536.patch
Patch25: cups-localhost-ipv6.patch
Patch26: cups-str3023.patch
Patch29: cups-str2831.patch
+Patch30: cups-str3382.patch
Patch100: cups-lspp.patch
Epoch: 1
Url: http://www.cups.org/
@@ -188,6 +189,7 @@ module.
%patch25 -p1 -b .localhost-ipv6
%patch26 -p1 -b .str3023
%patch29 -p1 -b .str2831
+%patch30 -p1 -b .str3382
%if %lspp
%patch100 -p1 -b .lspp
@@ -508,6 +510,9 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/php/modules/*.so
%changelog
+* Tue Oct 20 2009 Jiri Popelka <jpopelka at redhat.com> 1:1.3.10-6
+- Fix cups-lpd to create unique temporary data files (bug #529838, STR #3382).
+
* Wed May 6 2009 Tim Waugh <twaugh at redhat.com> 1:1.3.10-5
- Restart cupsd if "ServerAlias *" is added to cupsd.conf
(bug #497354).
More information about the fedora-extras-commits
mailing list