HCoop / bpt / emacs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8a7d918)
2008-04-18 Steve Grubb <sgrubb@redhat.com> (tiny change)
authorRomain Francoise <romain@orebokech.com>
Fri, 18 Apr 2008 18:24:29 +0000 (18:24 +0000)
committerRomain Francoise <romain@orebokech.com>
Fri, 18 Apr 2008 18:24:29 +0000 (18:24 +0000)
* vcdiff: Use mktemp (CVE-2008-1694).

lib-src/ChangeLog patch | blob | blame | history
lib-src/vcdiff patch | blob | blame | history

diff --git a/lib-src/ChangeLog b/lib-src/ChangeLog
index f03217b..86448dd 100644 (file)
--- a/lib-src/ChangeLog
+++ b/lib-src/ChangeLog
@@ -1,3 +1,7 @@
+2008-04-18  Steve Grubb  <sgrubb@redhat.com>  (tiny change)
+
+       * vcdiff: Use mktemp (CVE-2008-1694).
+
 2008-04-09  Jason Rumney  <jasonr@gnu.org>
 
        * makefile.w32-in (distclean, maintainer-clean): New targets.
diff --git a/lib-src/vcdiff b/lib-src/vcdiff
index 86b80bc..cb97770 100755 (executable)
--- a/lib-src/vcdiff
+++ b/lib-src/vcdiff
@@ -84,14 +84,14 @@ do
        case $f in
        s.* | */s.*)
                if
-                       rev1=/tmp/geta$$
+                       rev1=`mktemp /tmp/geta.XXXXXXXX`
                        get -s -p -k $sid1 "$f" > $rev1 &&
                        case $sid2 in
                        '')
                                workfile=`expr " /$f" : '.*/s.\(.*\)'`
                                ;;
                        *)
-                               rev2=/tmp/getb$$
+                               rev2=`mktemp /tmp/getb.XXXXXXXX`
                                get -s -p -k $sid2 "$f" > $rev2
                                workfile=$rev2
                        esac
Unnamed repository; edit this file 'description' to name the repository.