pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2006Q1]: pkgsrc/devel/noweb Pullup ticket 1665 - requested by ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/c27d2edd4dcb
branches: pkgsrc-2006Q1
changeset: 510289:c27d2edd4dcb
user: salo <salo%pkgsrc.org@localhost>
date: Wed May 24 00:05:17 2006 +0000
description:
Pullup ticket 1665 - requested by joerg
security fix for noweb
Revisions pulled up:
- pkgsrc/devel/noweb/Makefile 1.33
- pkgsrc/devel/noweb/distinfo 1.4
- pkgsrc/devel/noweb/patches/patch-ab 1.1
- pkgsrc/devel/noweb/patches/patch-ac 1.1
- pkgsrc/devel/noweb/patches/patch-ad 1.1
- pkgsrc/devel/noweb/patches/patch-ae 1.1
- pkgsrc/devel/noweb/patches/patch-af 1.1
- pkgsrc/devel/noweb/patches/patch-ag 1.1
- pkgsrc/devel/noweb/patches/patch-ah 1.1
- pkgsrc/devel/noweb/patches/patch-ai 1.1
- pkgsrc/devel/noweb/patches/patch-aj 1.1
- pkgsrc/devel/noweb/patches/patch-ak 1.1
- pkgsrc/devel/noweb/patches/patch-al 1.1
- pkgsrc/devel/noweb/patches/patch-am 1.1
- pkgsrc/devel/noweb/patches/patch-an 1.1
Module Name: pkgsrc
Committed By: joerg
Date: Tue May 23 16:07:04 UTC 2006
Modified Files:
pkgsrc/devel/noweb: Makefile distinfo
Added Files:
pkgsrc/devel/noweb/patches: patch-ab patch-ac patch-ad patch-ae
patch-af patch-ag patch-ah patch-ai patch-aj patch-ak patch-al
patch-am patch-an
Log Message:
Fix insecure temporary file generation. Based on Debian patchset,
but handles more cases. Bump revision.
diffstat:
devel/noweb/Makefile | 15 +++++++++++++--
devel/noweb/distinfo | 15 ++++++++++++++-
devel/noweb/patches/patch-ab | 13 +++++++++++++
devel/noweb/patches/patch-ac | 13 +++++++++++++
devel/noweb/patches/patch-ad | 13 +++++++++++++
devel/noweb/patches/patch-ae | 13 +++++++++++++
devel/noweb/patches/patch-af | 27 +++++++++++++++++++++++++++
devel/noweb/patches/patch-ag | 13 +++++++++++++
devel/noweb/patches/patch-ah | 17 +++++++++++++++++
devel/noweb/patches/patch-ai | 13 +++++++++++++
devel/noweb/patches/patch-aj | 24 ++++++++++++++++++++++++
devel/noweb/patches/patch-ak | 19 +++++++++++++++++++
devel/noweb/patches/patch-al | 11 +++++++++++
devel/noweb/patches/patch-am | 32 ++++++++++++++++++++++++++++++++
devel/noweb/patches/patch-an | 29 +++++++++++++++++++++++++++++
15 files changed, 264 insertions(+), 3 deletions(-)
diffs (truncated from 344 to 300 lines):
diff -r 39c121b42550 -r c27d2edd4dcb devel/noweb/Makefile
--- a/devel/noweb/Makefile Tue May 23 23:34:12 2006 +0000
+++ b/devel/noweb/Makefile Wed May 24 00:05:17 2006 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.32 2006/03/04 21:29:18 jlam Exp $
+# $NetBSD: Makefile,v 1.32.2.1 2006/05/24 00:05:17 salo Exp $
DISTNAME= noweb-2.9a
-PKGREVISION= 2
+PKGREVISION= 3
CATEGORIES= devel
MASTER_SITES= ftp://ftp.cs.virginia.edu/pub/nr/
EXTRACT_SUFX= .tgz
@@ -16,6 +16,17 @@
.include "../../mk/bsd.prefs.mk"
+USE_TOOLS+= mktemp:run
+
+SUBST_CLASSES+= mktemp
+SUBST_FILES.mktemp+= awk/totex.nw lib/toascii shell/toroff shell/noroff
+SUBST_FILES.mktemp+= shell/nonu shell/cpif awkname shell/roff.nw
+SUBST_FILES.mktemp+= shell/roff.mm ../contrib/conrado/d2tex
+SUBST_FILES.mktemp+= ../contrib/jobling/correct-refs.nw
+SUBST_FILES.mktemp+= ../contrib/norman/htmlgif/pstopbm
+SUBST_SED.mktemp+= -e 's,@MKTEMP@,${TOOLS_PATH.mktemp},g'
+SUBST_STAGE.mktemp= post-patch
+
.if ${OPSYS} != "SunOS"
do-configure:
(cd ${WRKSRC} ; ./awkname awk)
diff -r 39c121b42550 -r c27d2edd4dcb devel/noweb/distinfo
--- a/devel/noweb/distinfo Tue May 23 23:34:12 2006 +0000
+++ b/devel/noweb/distinfo Wed May 24 00:05:17 2006 +0000
@@ -1,6 +1,19 @@
-$NetBSD: distinfo,v 1.3 2005/02/23 22:24:22 agc Exp $
+$NetBSD: distinfo,v 1.3.10.1 2006/05/24 00:05:17 salo Exp $
SHA1 (noweb-2.9a.tgz) = 0ee5f97c56fa7898be9815ad817036f8aee0193b
RMD160 (noweb-2.9a.tgz) = ee61f44091d2634550d33528b426af508ffad729
Size (noweb-2.9a.tgz) = 728608 bytes
SHA1 (patch-aa) = 0c0c446173c1ee13eeb0b80041cb8cf98e3c7325
+SHA1 (patch-ab) = 99200991f1dab7aaef349611c11a881483f40888
+SHA1 (patch-ac) = 364d7eb43abac9c33807b7b7d20ff9368f7568d2
+SHA1 (patch-ad) = 6102295ab1c37bb16c92cae3c77a97349794cde4
+SHA1 (patch-ae) = 0079598edc015f0ce387cb1058d06581e05f07c6
+SHA1 (patch-af) = 1af1d268381546ff214450caa7914f30106ff131
+SHA1 (patch-ag) = 5e3e8f271f5a80dda593e908fdbff2a7d5cb6dc6
+SHA1 (patch-ah) = 3038e41f2362de61cd3ad0882c7d39cb3b7e952d
+SHA1 (patch-ai) = a9c82e80ac288f7a3316cf3fb671d5a680012054
+SHA1 (patch-aj) = 800210a1143b37e6cb14bc0fdda7ada3b36692e1
+SHA1 (patch-ak) = 8cc2ee6177c633b2e1913790ab63016c19cf5eef
+SHA1 (patch-al) = d9fd8a2b59ef6b4a8cae57815ff339de6df8567d
+SHA1 (patch-am) = 89803aa4d0db6a9dcbb95832193ce19e25d7ff29
+SHA1 (patch-an) = c706aeeadb59d4b21053518d1c5dcb970be7aaae
diff -r 39c121b42550 -r c27d2edd4dcb devel/noweb/patches/patch-ab
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/noweb/patches/patch-ab Wed May 24 00:05:17 2006 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ab,v 1.1.2.2 2006/05/24 00:05:17 salo Exp $
+
+--- elisp/noweb-mode.el.orig 1999-02-16 22:12:21.000000000 +0100
++++ elisp/noweb-mode.el
+@@ -213,7 +213,7 @@ Misc:
+ (add-hook 'isearch-mode-hook 'noweb-note-isearch-mode)
+ (add-hook 'isearch-mode-end-hook 'noweb-note-isearch-mode-end)
+ (run-hooks 'noweb-mode-hook)
+- (message "nobweb mode: use `M-x noweb-describe-mode' for further information"))
++ (message "noweb mode: use `M-x noweb-describe-mode' for further information"))
+
+ (defun noweb-setup-keymap ()
+ "Setup the noweb-mode keymap. This function is rerun every time the
diff -r 39c121b42550 -r c27d2edd4dcb devel/noweb/patches/patch-ac
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/noweb/patches/patch-ac Wed May 24 00:05:17 2006 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ac,v 1.1.2.2 2006/05/24 00:05:17 salo Exp $
+
+--- awkname.orig 1995-05-26 02:49:07.000000000 +0200
++++ awkname
+@@ -5,7 +5,7 @@ case $# in
+ esac
+
+ rc=0
+-new=/tmp/$$.new; old=/tmp/$$.old
++new=$(@MKTEMP@ -t noweb_new) || exit 1; old=$(@MKTEMP@ -t noweb_old) || exit 1
+
+ for file in lib/emptydefn lib/unmarkup lib/toascii \
+ awk/noidx awk/totex awk/tohtml awk/noindex \
diff -r 39c121b42550 -r c27d2edd4dcb devel/noweb/patches/patch-ad
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/noweb/patches/patch-ad Wed May 24 00:05:17 2006 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ad,v 1.1.2.2 2006/05/24 00:05:17 salo Exp $
+
+--- shell/cpif.orig 1993-03-01 23:22:02.000000000 +0100
++++ shell/cpif
+@@ -17,7 +17,7 @@ case $# in
+ 0) echo 'Usage: '`basename $0`' [ -eq -ne ] file...' 1>&2; exit 2
+ esac
+
+-new=/tmp/$$
++new=$(@MKTEMP@ noweb) || exit 1
+ trap 'rm -f $new; exit 1' 1 2 15 # clean up files
+
+ cat >$new
diff -r 39c121b42550 -r c27d2edd4dcb devel/noweb/patches/patch-ae
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/noweb/patches/patch-ae Wed May 24 00:05:17 2006 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ae,v 1.1.2.2 2006/05/24 00:05:17 salo Exp $
+
+--- shell/nonu.orig 1993-08-19 20:46:04.000000000 +0200
++++ shell/nonu
+@@ -2,7 +2,7 @@
+ LIB=/usr/public/pkg/noweb/lib
+ # attempt to convert nuweb to noweb using sam
+
+-tmp=/tmp/nonu$$
++tmp=$(@MKTEMP@ -t nonu) || exit 1
+ trap '/bin/rm -f $tmp; exit 1' 1 2 15 # clean up files
+ cp $1 $tmp || exit 1
+
diff -r 39c121b42550 -r c27d2edd4dcb devel/noweb/patches/patch-af
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/noweb/patches/patch-af Wed May 24 00:05:17 2006 +0000
@@ -0,0 +1,27 @@
+$NetBSD: patch-af,v 1.1.2.2 2006/05/24 00:05:17 salo Exp $
+
+--- shell/noroff.orig 1999-02-16 22:58:52.000000000 +0100
++++ shell/noroff
+@@ -35,9 +35,10 @@ fi
+
+ base="`basename $1 | sed '/\./s/\.[^.]*$//'`"
+ tagsfile="$base.nwt"
++tmpfile=$(@MKTEMP@ tags) || exit 1
+ (echo ".so $macrodir/tmac.w"
+ if [ -r "$tagsfile" ]; then
+- cp $tagsfile /tmp/tags.$$
++ cp $tagsfile $tmpfile
+ $AWK '{
+ if (sub(/^###TAG### / , "")) tags[$1] = $2
+ else if (sub(/^###BEGINCHUNKS###/, "")) printf ".de CLIST\n.CLISTBEGIN\n"
+@@ -88,8 +89,8 @@ if [ -r "$tagsfile" ]; then
+ # print str3
+ # print convquote(str3)
+ # }
+- function tag(s) { if (s in tags) return tags[s]; else return "???" }' /tmp/tags.$$
+- rm -f /tmp/tags.$$
++ function tag(s) { if (s in tags) return tags[s]; else return "???" }' $tmpfile
++ rm -f $tmpfile
+ fi
+ cat "$@") |
+ ($ROFF $opts 2>$tagsfile)
diff -r 39c121b42550 -r c27d2edd4dcb devel/noweb/patches/patch-ag
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/noweb/patches/patch-ag Wed May 24 00:05:17 2006 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ag,v 1.1.2.2 2006/05/24 00:05:17 salo Exp $
+
+--- shell/toroff.orig 1999-02-16 22:58:52.000000000 +0100
++++ shell/toroff
+@@ -9,7 +9,7 @@ for i do
+ exit 1;;
+ esac
+ done
+-awkfile="/tmp/noweb$$.awk"
++awkfile=$(@MKTEMP@ -t noweb) || exit 1
+ trap 'rm -f $awkfile' 0 1 2 10 14 15
+ cat > $awkfile << 'EOF'
+ /^@begin docs 0$/ { if (delay) next }
diff -r 39c121b42550 -r c27d2edd4dcb devel/noweb/patches/patch-ah
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/noweb/patches/patch-ah Wed May 24 00:05:17 2006 +0000
@@ -0,0 +1,17 @@
+$NetBSD: patch-ah,v 1.1.2.2 2006/05/24 00:05:17 salo Exp $
+
+--- lib/toascii.orig 1999-02-16 22:58:52.000000000 +0100
++++ lib/toascii
+@@ -7,9 +7,9 @@ for i do
+ *) echo "This can't happen -- $i passed to toascii" 1>&2 ; exit 1 ;;
+ esac
+ done
+-awkfile="tmp/awk$$.tmp"
+-textfile="/tmp/text$$.tmp"
+-tagsfile="/tmp/tags$$.tmp"
++awkfile=$(@MKTEMP@ -t awk -s) || exit 1
++textfile=$(@MKTEMP@ -t text -s) || exit 1
++tagsfile=$(@MKTEMP@ -t tags -s) || exit 1
+ export awkfile textfile tagsfile
+ trap 'rm -f $awkfile $textfile $tagsfile' 0 1 2 10 14 15
+ nawk 'BEGIN { textfile=ENVIRON["textfile"]
diff -r 39c121b42550 -r c27d2edd4dcb devel/noweb/patches/patch-ai
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/noweb/patches/patch-ai Wed May 24 00:05:17 2006 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ai,v 1.1.2.2 2006/05/24 00:05:17 salo Exp $
+
+--- awk/totex.nw.orig 1996-05-31 21:04:15.000000000 +0200
++++ awk/totex.nw
+@@ -24,7 +24,7 @@ nawk '<<awk program for conversion to {\
+ @
+ On an ugly system, we have to put it in a file.
+ <<invoke awk program using file>>=
+-awkfile=/tmp/totex$$.awk
++awkfile=$(@MKTEMP@ -t totex) || exit 1
+ trap 'rm -f $awkfile; exit 1' 0 1 2 15 # clean up files
+ cat > $awkfile << 'EOF'
+ <<awk program for conversion to {\TeX}>>
diff -r 39c121b42550 -r c27d2edd4dcb devel/noweb/patches/patch-aj
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/noweb/patches/patch-aj Wed May 24 00:05:17 2006 +0000
@@ -0,0 +1,24 @@
+$NetBSD: patch-aj,v 1.1.2.2 2006/05/24 00:05:17 salo Exp $
+
+--- ../contrib/norman/htmlgif/pstopbm.orig 1998-08-07 20:29:32.000000000 +0200
++++ ../contrib/norman/htmlgif/pstopbm
+@@ -36,8 +36,8 @@ while [ $# -gt 0 ]; do
+ shift
+ done
+
+-tmp=/tmp/pstopbm$$
+-tmpa=$tmp.a
++tmp=$(@MKTEMP@ -t pstopbm) || exit 1
++tmpa=$(@MKTEMP@ -t pstopbm_a -s) || exit 1
+ if [ $# -eq 0 ]; then cat > $tmp; else cat "$@" > $tmp; fi
+
+ if echo "$@" | fgrep .eps > /dev/null; then
+@@ -76,7 +76,7 @@ exit 0
+
+
+ if [ $# -eq 0 ]; then
+- tmp=/tmp/pstopbm$$
++ tmp=$(@MKTEMP@ -t pstopbm) || exit 1
+ cat > $tmp
+ gs -q -sDEVICE=$device -sOutputFile=- -dNOPAUSE -dMAGSTEP=1.0 $tmp
+ else
diff -r 39c121b42550 -r c27d2edd4dcb devel/noweb/patches/patch-ak
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/noweb/patches/patch-ak Wed May 24 00:05:17 2006 +0000
@@ -0,0 +1,19 @@
+$NetBSD: patch-ak,v 1.1.2.2 2006/05/24 00:05:17 salo Exp $
+
+--- ../contrib/jobling/correct-refs.nw.orig 1995-05-24 20:12:48.000000000 +0200
++++ ../contrib/jobling/correct-refs.nw
+@@ -332,11 +332,12 @@ gawk -f $LIB/awk-scripts.awk anchor-list
+ echo Processing HTML nodes
+ foreach f (*.awk)
+ set root=$f:r
++ set tmpfile=`@MKTEMP@ -t noweb` || exit 1
+ echo -n Processing $root.html
+- gawk -f $f < $root.html >! /tmp/$root.html
++ gawk -f $f < $root.html >! $tmpfile
+ echo "..." Done
+ cp $root.html $root.html.bak
+- cp /tmp/$root.html $root.html
++ cp $tmpfile $root.html
+ end
+
+ @
diff -r 39c121b42550 -r c27d2edd4dcb devel/noweb/patches/patch-al
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/noweb/patches/patch-al Wed May 24 00:05:17 2006 +0000
@@ -0,0 +1,11 @@
+$NetBSD: patch-al,v 1.1.2.2 2006/05/24 00:05:17 salo Exp $
+
+--- ../contrib/conrado/d2tex.orig 1993-10-27 18:37:11.000000000 +0100
++++ ../contrib/conrado/d2tex
+@@ -1,5 +1,5 @@
+ #! /bin/sh
+-KEYGEN=/tmp/d2tex$$
++KEYGEN=$(@MKTEMP@ -t d2tex) || exit 1
+ trap "rm -f $KEYGEN; exit 1" 1 2 3 15
+ cat > $KEYGEN <<END_OF_FILE
+ COMMENT#1
diff -r 39c121b42550 -r c27d2edd4dcb devel/noweb/patches/patch-am
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/noweb/patches/patch-am Wed May 24 00:05:17 2006 +0000
@@ -0,0 +1,32 @@
+$NetBSD: patch-am,v 1.1.2.2 2006/05/24 00:05:17 salo Exp $
+
+--- shell/roff.mm.orig 1998-08-18 21:33:04.000000000 +0200
++++ shell/roff.mm
+@@ -214,7 +214,7 @@ copy the awk program into a temporary fi
+ .ADDLIST 1a
+ .PRINTLIST
+
+-awkfile="/tmp/noweb$$.awk"
++awkfile=$(@MKTEMP@ -t noweb) || { echo "$0: Cannot create temporary file" >&2; exit 1; }
+ trap 'rm -f $awkfile' 0 1 2 10 14 15
+ cat > $awkfile \&<< 'EOF'
+ \c
+@@ -1628,14 +1628,15 @@ base="`basename $1 | sed '/\./s/\.[^.]*$
+ tagsfile="$base.nwt"
+ (echo ".so $macrodir/tmac.w"
+ if [ -r "$tagsfile" ]; then
+- cp $tagsfile /tmp/tags.$$
++ tagstemp=$(@MKTEMP@ -t tags) || { echo "$0: Cannot create temporary file" >&2; exit 1; }
++ cp $tagsfile $tagstemp
+ $AWK '\c
Home |
Main Index |
Thread Index |
Old Index