Zsh Mailing List Archive
Messages sorted by:
Reverse Date,
Date,
Thread,
Author
Re: [PATCH] Re: Insecure tempfile creation
On Dec 27, 11:44pm, Bart Schaefer wrote:
}
} I suppose =(<<<'') would actually be better, since it won't fork. Hm.
}
} This patch does not yet tackle uses of "/tmp" that do not use $TMPPREFIX
Fortunately I didn't find any of the latter except for the previously
identified one in _cvs (_cvs_run). So the patch below changes the use
of =(:) to =(<<<'') and repairs _cvs_run to create the temp directory
in a safe (I hope) manner. Apply on top of 34067.
diff --git a/Completion/Base/Widget/_complete_debug b/Completion/Base/Widget/_complete_debug
index 00f600e..50fc809 100644
--- a/Completion/Base/Widget/_complete_debug
+++ b/Completion/Base/Widget/_complete_debug
@@ -9,7 +9,7 @@ local pager w="${(qq)words}"
integer debug_fd=-1
{
if [[ -t 2 ]]; then
- mv -f =(:) $tmp &&
+ mv -f =(<<<'') $tmp &&
exec {debug_fd}>&2 2>| $tmp
fi
diff --git a/Completion/Unix/Command/_cvs b/Completion/Unix/Command/_cvs
index 3c06e04..31997ec 100644
--- a/Completion/Unix/Command/_cvs
+++ b/Completion/Unix/Command/_cvs
@@ -704,15 +704,18 @@ _cvs_sub_modules() {
_cvs_run() {
local cvsroot="$1" dir="$2"
shift 2
- local d=/tmp/zsh-cvs-work-$$
- mkdir $d >&/dev/null
- cd $d
- mkdir CVS >&/dev/null
+ local d=${TMPPREFIX:-/tmp/zsh}-cvs-work-$$
+ rm -rf $d
+ mkdir $d &&
+ (
+ chmod 0700 $d &&
+ builtin cd -q $d &&
+ mkdir CVS >&/dev/null || return 1
print -r - "$cvsroot" > CVS/Root
print "$dir" > CVS/Repository
print D > CVS/Entries
CVS_IGNORE_REMOTE_ROOT= cvs "$@"
- cd $OLDPWD
+ )
rm -rf $d
}
diff --git a/Completion/compinstall b/Completion/compinstall
index 7d34ee4..ae94993 100644
--- a/Completion/compinstall
+++ b/Completion/compinstall
@@ -1958,8 +1958,8 @@ if [[ -z $ifile || -d $ifile ]] ||
fi
local tmpout=${TMPPREFIX:-/tmp/zsh}compinstall$$
-mv -f =(:) $tmpout && # safe tempfile creation
-mv -f =(:) ${tmpout}x || return 1
+mv -f =(<<<'') $tmpout && # safe tempfile creation
+mv -f =(<<<'') ${tmpout}x || return 1
#
# Assemble the complete set of lines to
diff --git a/Functions/Calendar/calendar b/Functions/Calendar/calendar
index 08c4250..39fc431 100644
--- a/Functions/Calendar/calendar
+++ b/Functions/Calendar/calendar
@@ -254,7 +254,7 @@ if (( verbose )); then
fi
local mycmds="${TMPPREFIX:-/tmp/zsh}.calendar_cmds.$$"
-mv -f =(:) $mycmds
+mv -f =(<<<'') $mycmds
# start of subshell for OS file locking
(
diff --git a/Functions/Zftp/zfcd_match b/Functions/Zftp/zfcd_match
index 2c809c2..9159f49 100644
--- a/Functions/Zftp/zfcd_match
+++ b/Functions/Zftp/zfcd_match
@@ -29,7 +29,7 @@ if [[ $ZFTP_SYSTEM = UNIX* ]]; then
# () {
# zftp ls -LF $dir >|$1
# reply=($(awk '/\/$/ { print substr($1, 1, length($1)-1) }' $1))
-# } =(:)
+# } =(<<<'')
[[ -n $dir && $dir != */ ]] && dir="$dir/"
if [[ -n $WIDGET ]]; then
_wanted directories expl 'remote directory' \
diff --git a/Functions/Zftp/zfcget b/Functions/Zftp/zfcget
index 4359801..569ee9d 100644
--- a/Functions/Zftp/zfcget
+++ b/Functions/Zftp/zfcget
@@ -43,7 +43,7 @@ for remlist in $*; do
zftp remote $rem >|$1
rstat=$?
remst=($(<$1))
- } =(: temporary file)
+ } =(<<<'temporary file')
if [[ $rstat = 2 ]]; then
print "Server does not support SIZE command.\n" \
"Assuming you know what you're doing..." 2>&1
diff --git a/Functions/Zftp/zfcput b/Functions/Zftp/zfcput
index 2cf8fe2..eafecde 100644
--- a/Functions/Zftp/zfcput
+++ b/Functions/Zftp/zfcput
@@ -43,7 +43,7 @@ for loc in $*; do
zftp remote $rem >|$1
rstat=$?
remst=($(<$1))
- } =(: temporary file)
+ } =(<<<'temporary file')
if [[ $rstat = 2 ]]; then
print "Server does not support remote status commands.\n" \
"You will have to find out the size by hand and use zftp append." 2>&1
diff --git a/Functions/Zftp/zfget_match b/Functions/Zftp/zfget_match
index c2871fa..3ba06c4 100644
--- a/Functions/Zftp/zfget_match
+++ b/Functions/Zftp/zfget_match
@@ -10,7 +10,7 @@ fi
if [[ $ZFTP_SYSTEM == UNIX* && $1 == */* ]]; then
setopt localoptions clobber
local tmpf=${TMPPREFIX}zfgm$$
- mv -f =(:) $tmpf
+ mv -f =(<<<'') $tmpf
if [[ -n $WIDGET ]]; then
local dir=${1:h}
diff --git a/Functions/Zftp/zfrglob b/Functions/Zftp/zfrglob
index 5015be7..677b85f 100644
--- a/Functions/Zftp/zfrglob
+++ b/Functions/Zftp/zfrglob
@@ -38,7 +38,7 @@ if [[ $zfrglob != '' ]]; then
() {
zftp ls "$pat" >|$1 2>/dev/null
eval "$1=(\$(<\$1))"
- } =(: temporary file)
+ } =(<<<'temporary file')
else
if [[ $ZFTP_SYSTEM = UNIX* && $pat = */* ]]; then
# not the current directory and we know how to handle paths
@@ -52,7 +52,7 @@ else
() {
zftp ls "$dir" 2>/dev/null >|$1
files=($(<$1))
- } =(: temporary file)
+ } =(<<<'temporary file')
files=(${files:t})
else
# we just have to do an ls and hope that's right
diff --git a/Functions/Zftp/zftransfer b/Functions/Zftp/zftransfer
index 432e2f5..c97ae46 100644
--- a/Functions/Zftp/zftransfer
+++ b/Functions/Zftp/zftransfer
@@ -47,7 +47,7 @@ if [[ -n $style && $style != none ]]; then
() {
zftp remote $file1 >|$1 2>/dev/null
array=($(<$1))
- } =(: temporary file)
+ } =(<<<'temporary file')
[[ $#array -eq 2 ]] && ZFTP_TSIZE=$array[1]
fi
diff --git a/Functions/Zftp/zfuget b/Functions/Zftp/zfuget
index 7bdaedc..2850975 100644
--- a/Functions/Zftp/zfuget
+++ b/Functions/Zftp/zfuget
@@ -72,7 +72,7 @@ for remlist in $*; do
zftp remote $rem >|$1
rstat=$?
remstats=($(<$1))
- } =(: temporary file)
+ } =(<<<'temporary file')
if [[ $rstat = 2 ]]; then
print "Server does not implement full command set required." 1>&2
return 1
diff --git a/Functions/Zftp/zfuput b/Functions/Zftp/zfuput
index 24a3559..f4e6a0f 100644
--- a/Functions/Zftp/zfuput
+++ b/Functions/Zftp/zfuput
@@ -58,7 +58,7 @@ for rem in $*; do
zftp remote $rem >|$1
rstat=$?
remstats=($(<$1))
- } =(: temporary file)
+ } =(<<<'temporary file')
if [[ $rstat = 2 ]]; then
print "Server does not implement full command set required." 1>&2
return 1
Messages sorted by:
Reverse Date,
Date,
Thread,
Author