portage-overlay/www-servers/thttpd/files/thttpd-2.25/fix-insecure-tmp-creation-CVE-2005-3124.diff

   1 diff -ru thttpd-2.23beta1.orig/extras/syslogtocern thttpd-2.23beta1/extras/syslogtocern
   2 --- thttpd-2.23beta1.orig/extras/syslogtocern   1999-09-15 18:00:54.000000000 +0200
   3 +++ thttpd-2.23beta1/extras/syslogtocern        2005-10-26 01:45:34.000000000 +0200
   4 @@ -31,8 +31,8 @@
   5      exit 1
   6  fi
   7
   8 -tmp1=/tmp/stc1.$$
   9 -rm -f $tmp1
  10 +tmp1=``mktemp -t stc1.XXXXXX` || { echo "$0: Cannot create temporary file" >&2; exit 1;  }
  11 +trap " [ -f \"$tmp1\" ] && /bin/rm -f -- \"$tmp1\"" 0 1 2 3 13 15
  12
  13  # Gather up all the thttpd entries.
  14  egrep ' thttpd\[' $* > $tmp1
  15 @@ -65,4 +65,3 @@
  16    sed -e "s,\([A-Z][a-z][a-z] [0-9 ][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\) [^ ]* thttpd\[[0-9]*\]: \(.*\),[\1 ${year}] \2," > error_log
  17
  18  # Done.
  19 -rm -f $tmp1