File sgml-tools-temp-vuln-1.0.9.diff of Package sgmltool (Revision 5911b57bcaddb02eceaa624db71b5081)
Currently displaying revision 5911b57bcaddb02eceaa624db71b5081 , Show latest
44
1
--- sgml-tools-1.0.9/lib/SGMLTools.bak Wed Apr 25 14:53:48 2001
2
+++ sgml-tools-1.0.9/lib/SGMLTools.pm Wed Apr 25 14:58:42 2001
3
4
return @files;
5
}
6
7
+# Pre-create temp files safely
8
+sub create_temp {
9
+ my $fh = new FileHandle(shift,O_CREAT|O_EXCL|O_WRONLY,0600);
10
+ $fh or die "$0: failed to create temporary file: $!";
11
+ $fh->close;
12
+}
13
+
14
+
15
=item SGMLTools::process_file
16
17
With all the configuration done, this routine will take a single filename
18
19
{
20
$ifile = new FileHandle "$global->{NsgmlsPrePipe}|";
21
}
22
+ create_temp("$tmpbase.1");
23
$writensgmls = new FileHandle
24
"$precmd|$main::progs->{NSGMLS} $global->{NsgmlsOpts} $ENV{SGMLDECL} >$tmpbase.1";
25
if ($global->{charset} eq "latin")
26
27
# preASP ($inhandle, $outhandle);
28
#
29
my $inpreasp = new FileHandle "<$tmpbase.1";
30
- my $outpreasp = new FileHandle ">$tmpbase.2";
31
+ my $outpreasp = new FileHandle "$tmpbase.2",O_WRONLY|O_CREAT|O_EXCL,0600;
32
+
33
if (defined $Formats{$global->{format}}{preASP})
34
{
35
&{$Formats{$global->{format}}{preASP}}($inpreasp, $outpreasp) == 0 or
36
37
my $mapping = "$main::LibDir/site/$dtd/$global->{format}/mapping";
38
-r $mapping or $mapping = "$main::LibDir/dist/$dtd/$global->{format}/mapping";
39
40
+ create_temp("$tmpbase.3");
41
system ("$main::progs->{SGMLSASP} $style $mapping <$tmpbase.2|
42
expand -$global->{tabsize} >$tmpbase.3");
43
44