diff options
| author |   Alastair Tse <liquidx@gentoo.org> | 2005-06-25 12:40:21 +0000 |
|---|---|---|
| committer | Alastair Tse <liquidx@gentoo.org> | 2005-06-25 12:40:21 +0000 |
| commit | a9bca1d9dd254182f78b60f88277ad49bbc4f484 (patch) | |
| tree | 1297b24be26e858ca9c808c12dbd60d12af37c1c /app-arch/rpm2targz/files | |
| parent | Mask net-snmp-5.3 snapshot. (diff) | |
| download | historical-a9bca1d9dd254182f78b60f88277ad49bbc4f484.tar.gz historical-a9bca1d9dd254182f78b60f88277ad49bbc4f484.tar.bz2 historical-a9bca1d9dd254182f78b60f88277ad49bbc4f484.zip | |
added patch to secure temp file handling thanks to solar@gentoo.org (#96192)
Package-Manager: portage-2.0.51.22-r1
Diffstat (limited to 'app-arch/rpm2targz/files')
| -rw-r--r-- | app-arch/rpm2targz/files/digest-rpm2targz-9.0-r3 | 1 | ||||
| -rw-r--r-- | app-arch/rpm2targz/files/rpm2targz-9.0-secure_temp_handling.patch | 113 |
2 files changed, 114 insertions, 0 deletions
diff --git a/app-arch/rpm2targz/files/digest-rpm2targz-9.0-r3 b/app-arch/rpm2targz/files/digest-rpm2targz-9.0-r3 new file mode 100644 index 000000000000..154805e3f598 --- /dev/null +++ b/app-arch/rpm2targz/files/digest-rpm2targz-9.0-r3 @@ -0,0 +1 @@ +MD5 7b8ba680dcbe7e1e4e349698400bcea6 rpm2targz-9.0.tar.gz 2639 diff --git a/app-arch/rpm2targz/files/rpm2targz-9.0-secure_temp_handling.patch b/app-arch/rpm2targz/files/rpm2targz-9.0-secure_temp_handling.patch new file mode 100644 index 000000000000..a2d1c3cc4814 --- /dev/null +++ b/app-arch/rpm2targz/files/rpm2targz-9.0-secure_temp_handling.patch @@ -0,0 +1,113 @@ +--- rpm2targz.orig 2005-06-15 10:19:12.000000000 -0400 ++++ rpm2targz 2005-06-15 12:55:10.000000000 -0400 +@@ -2,6 +2,7 @@ + # Copyright 1997, 1998 Patrick Volkerding, Moorhead, MN USA + # Copyright 2002 Slackware Linux, Inc., Concord, CA USA + # All rights reserved. ++# $Header: /var/cvsroot/gentoo-x86/app-arch/rpm2targz/files/rpm2targz-9.0-secure_temp_handling.patch,v 1.1 2005/06/25 12:40:21 liquidx Exp $ + # + # Redistribution and use of this script, with or without modification, is + # permitted provided that the following conditions are met: +@@ -23,20 +24,24 @@ + + # debug switch to allow to bypass use of rpm2cpio provided by the rpm package + USERPM2CPIO=true +-if [ "$TMPDIR" = "" ]; then +- TMPDIR=/tmp ++[ "$TMPDIR" == "" ] && TMPDIR=/tmp ++if [ ! -d "$TMPDIR" ]; then ++ echo "TMPDIR=$TMPDIR is not a dir" > /dev/stderr ++ exit 1 + fi +-# If mcookie is available, use it for better /tmp security. +-if [ -x `which mcookie` ]; then +- COOKIE=`mcookie` +-else +- COOKIE=$$ ++WORKDIR=`mktemp -d $TMPDIR/$$XXXXXX` ++if [ $? != 0 ]; then ++ echo "Failed to make tmp workdir for file i/o conversion" > /dev/stderr ++ exit 1 + fi ++ + if [ "$1" = "" ]; then + echo "$0: Converts RPM format to standard GNU tar + GNU zip format." +- echo " (view converted packages with \"less\", install and remove" +- echo " with \"installpkg\", \"removepkg\", \"pkgtool\", or manually" +- echo " with \"tar\")" ++ if [ -e /etc/slackware-version ]; then ++ echo " (view converted packages with \"less\", install and remove" ++ echo " with \"installpkg\", \"removepkg\", \"pkgtool\", or manually" ++ echo " with \"tar\")" ++ fi + echo + echo "Usage: $0 <file.rpm>" + if [ "`basename $0`" = "rpm2tgz" ]; then +@@ -50,12 +55,11 @@ + if [ ! "$1" = "$*" ]; then + echo "Processing file: $i" + fi +- rm -rf $TMPDIR/rpm2targz$COOKIE # clear the way, just in case of mischief +- mkdir $TMPDIR/rpm2targz$COOKIE ++ rm -rf ${WORKDIR}/* || exit 1 ; # clear the way, just in case of mischief + + # Determine if this is a source or binary RPM. + # If we have getrpmtype, use that. Otherwise, try "file". +- if which getrpmtype 1> /dev/null 2> /dev/null; then ++ if type -p getrpmtype 1> /dev/null 2> /dev/null; then + if getrpmtype -n $i | grep source 1> /dev/null 2> /dev/null ; then + isSource=1 + else +@@ -69,12 +73,12 @@ + fi + fi + +- ofn=$TMPDIR/rpm2targz$COOKIE/`basename $i .rpm`.cpio ++ ofn=${WORKDIR}/`basename $i .rpm`.cpio + if $USERPM2CPIO && which rpm2cpio 1> /dev/null 2> /dev/null ; then + rpm2cpio $i > $ofn 2> /dev/null + if [ ! $? = 0 ]; then + echo "... rpm2cpio failed. (maybe $i is not an RPM?)" +- ( cd $TMPDIR ; rm -rf rpm2targz$COOKIE ) ++ ( rm -rf "${WORKDIR}/*" ) + continue + fi + else # less reliable than rpm2cpio... +@@ -90,7 +94,7 @@ + decomp="bzip2" + else + echo " $i - no magic compression identifier found - skipping file" +- ( cd $TMPDIR ; rm -rf rpm2targz$COOKIE ) ++ ( rm -rf "${WORKDIR}/*" ) + continue + fi + echo -n " trying to decompress with ${decomp}..." +@@ -100,11 +104,11 @@ + else + echo " FAILED" + echo " $i failed to decompress - skipping file" +- ( cd $TMPDIR ; rm -rf rpm2targz$COOKIE ) ++ ( rm -rf "${WORKDIR}/*" ) + continue + fi + fi +- DEST=$TMPDIR/rpm2targz$COOKIE ++ DEST=${WORKDIR} + #if [ "$isSource" = "1" ]; then + # DEST=$DEST/$(basename $(basename $i .rpm) .src) + #fi +@@ -113,11 +117,12 @@ + cpio --extract --preserve-modification-time --make-directories < $ofn 1> /dev/null 2> /dev/null + rm -f $ofn + find . -type d -perm 700 -exec chmod 755 {} \; ) +- ( cd $TMPDIR/rpm2targz$COOKIE ; tar cf - . ) > `basename $i .rpm`.tar ++ ( cd ${WORKDIR} ; tar cf - . ) > `basename $i .rpm`.tar + gzip -9 `basename $i .rpm`.tar + if [ "`basename $0`" = "rpm2tgz" ]; then + mv `basename $i .rpm`.tar.gz `basename $i .rpm`.tgz + fi +- ( cd $TMPDIR ; rm -rf rpm2targz$COOKIE ) ++ ( rm -rf "${WORKDIR}/*" ) + echo + done ++rm -rf ${WORKDIR} |