1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
diff -aur apache_1.3.14/src/support/htdigest.c apache_1.3.14-mkstemp/src/support/htdigest.c
--- apache_1.3.14/src/support/htdigest.c Tue Jan 25 23:36:53 2000
+++ apache_1.3.14-mkstemp/src/support/htdigest.c Tue Jan 9 20:42:42 2001
@@ -93,7 +93,7 @@
#define MAX_STRING_LEN 256
-char *tn;
+char tn[MAX_STRING_LEN];
static void getword(char *word, char *line, char stop)
@@ -156,7 +156,7 @@
ap_getpass("Re-type new password: ", pwv, sizeof(pwv));
if (strcmp(pwin, pwv) != 0) {
fprintf(stderr, "They don't match, sorry.\n");
- if (tn) {
+ if (strlen(tn)) {
unlink(tn);
}
exit(1);
@@ -187,7 +187,7 @@
static void interrupted(void)
{
fprintf(stderr, "Interrupted.\n");
- if (tn)
+ if (strlen(tn))
unlink(tn);
exit(1);
}
@@ -215,8 +215,9 @@
char x[MAX_STRING_LEN];
char command[MAX_STRING_LEN];
int found;
+ int tfd;
- tn = NULL;
+ strcpy (tn, "/tmp/htdigest-XXXXXX");
signal(SIGINT, (void (*)(int)) interrupted);
if (argc == 5) {
if (strcmp(argv[1], "-c"))
@@ -235,8 +236,12 @@
else if (argc != 4)
usage();
- tn = tmpnam(NULL);
- if (!(tfp = fopen(tn, "w"))) {
+ tfd = mkstemp (tn);
+ if (tfd == -1) {
+ fprintf(stderr, "Could not open temp file.\n");
+ exit(1);
+ }
+ if (!(tfp = fdopen(tfd, "w"))) {
fprintf(stderr, "Could not open temp file.\n");
exit(1);
}
diff -aur apache_1.3.14/src/support/htpasswd.c apache_1.3.14-mkstemp/src/support/htpasswd.c
--- apache_1.3.14/src/support/htpasswd.c Thu Jun 1 19:42:33 2000
+++ apache_1.3.14-mkstemp/src/support/htpasswd.c Tue Jan 9 20:41:36 2001
@@ -125,7 +125,7 @@
* This needs to be declared statically so the signal handler can
* access it.
*/
-static char *tempfilename;
+static char tempfilename[MAX_STRING_LEN];
/*
* If our platform knows about the tmpnam() external buffer size, create
* a buffer to pass in. This is needed in a threaded environment, or
@@ -285,7 +285,7 @@
static void interrupted(void)
{
fprintf(stderr, "Interrupted.\n");
- if (tempfilename != NULL) {
+ if (strlen(tempfilename) > 0) {
unlink(tempfilename);
}
exit(ERR_INTERRUPTED);
@@ -377,8 +377,10 @@
int noninteractive = 0;
int i;
int args_left = 2;
+ int tfd;
+
+ memset (tempfilename, 0x00, sizeof(tempfilename));
- tempfilename = NULL;
signal(SIGINT, (void (*)(int)) interrupted);
/*
@@ -560,8 +562,9 @@
* to add or update. Let's do it..
*/
errno = 0;
- tempfilename = tmpnam(tname_buf);
- if ((tempfilename == NULL) || (*tempfilename == '\0')) {
+ strcpy(tempfilename, "/tmp/htpasswd-XXXXXX");
+ tfd = mkstemp(tempfilename);
+ if (tfd == -1) {
fprintf(stderr, "%s: unable to generate temporary filename\n",
argv[0]);
if (errno == 0) {
@@ -570,7 +573,7 @@
perror("tmpnam");
exit(ERR_FILEPERM);
}
- ftemp = fopen(tempfilename, "w+");
+ ftemp = fdopen(tfd, "w+");
if (ftemp == NULL) {
fprintf(stderr, "%s: unable to create temporary file '%s'\n", argv[0],
tempfilename);
|
GitWeb