summaryrefslogtreecommitdiff
path: root/network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff
diff options
context:
space:
mode:
Diffstat (limited to 'network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff')
-rw-r--r--network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff19
1 files changed, 19 insertions, 0 deletions
diff --git a/network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff b/network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff
new file mode 100644
index 0000000000..c41ec46b97
--- /dev/null
+++ b/network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff
@@ -0,0 +1,19 @@
+diff -ru thttpd-2.23beta1.orig/extras/syslogtocern thttpd-2.23beta1/extras/syslogtocern
+--- thttpd-2.23beta1.orig/extras/syslogtocern 1999-09-15 18:00:54.000000000 +0200
++++ thttpd-2.23beta1/extras/syslogtocern 2005-10-26 01:45:34.000000000 +0200
+@@ -31,8 +31,8 @@
+ exit 1
+ fi
+
+-tmp1=/tmp/stc1.$$
+-rm -f $tmp1
++tmp1=``mktemp -t stc1.XXXXXX` || { echo "$0: Cannot create temporary file" >&2; exit 1; }
++trap " [ -f \"$tmp1\" ] && /bin/rm -f -- \"$tmp1\"" 0 1 2 3 13 15
+
+ # Gather up all the thttpd entries.
+ egrep ' thttpd\[' $* > $tmp1
+@@ -65,4 +65,3 @@
+ sed -e "s,\([A-Z][a-z][a-z] [0-9 ][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\) [^ ]* thttpd\[[0-9]*\]: \(.*\),[\1 ${year}] \2," > error_log
+
+ # Done.
+-rm -f $tmp1