Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
Commits cb5ef9e
Stop using of mkstemp for regular files.
Vsevolod Stakhov committed 11 years ago
commit cb5ef9ee17465c3d42975cd78b19d5bcab00d043
parent be4f802
4 files changed +56 -10
modified libpkg/fetch.c
@@ -86,15 +86,14 @@ gethttpmirrors(struct pkg_repo *repo, const char *url) {
}



int
- 
pkg_fetch_file(struct pkg_repo *repo, const char *url, char *dest, time_t t)
+ 
pkg_fetch_file_tmp(struct pkg_repo *repo, const char *url, char *dest,
+ 
	time_t t)

{

	int fd = -1;

	int retcode = EPKG_FATAL;
- 
	mode_t mask;
- 
	mask = umask(022);

	fd = mkstemp(dest);
- 
	umask(mask);
+ 


	if (fd == -1) {

		pkg_emit_errno("mkstemp", dest);

		return(EPKG_FATAL);
@@ -125,6 +124,44 @@ pkg_fetch_file(struct pkg_repo *repo, const char *url, char *dest, time_t t)
	return (retcode);

}
+ 
int
+ 
pkg_fetch_file(struct pkg_repo *repo, const char *url, char *dest, time_t t)
+ 
{
+ 
	int fd = -1;
+ 
	int retcode = EPKG_FATAL;
+
+ 
	fd = creat(dest, 00644);
+
+ 
	if (fd == -1) {
+ 
		pkg_emit_errno("creat", dest);
+ 
		return(EPKG_FATAL);
+ 
	}
+
+ 
	retcode = pkg_fetch_file_to_fd(repo, url, fd, &t);
+
+ 
	if (t != 0) {
+ 
		struct timeval ftimes[2] = {
+ 
			{
+ 
			.tv_sec = t,
+ 
			.tv_usec = 0
+ 
			},
+ 
			{
+ 
			.tv_sec = t,
+ 
			.tv_usec = 0
+ 
			}
+ 
		};
+ 
		futimes(fd, ftimes);
+ 
	}
+
+ 
	close(fd);
+
+ 
	/* Remove local file if fetch failed */
+ 
	if (retcode != EPKG_OK)
+ 
		unlink(dest);
+
+ 
	return (retcode);
+ 
}
+ 


static int

ssh_read(void *data, char *buf, int len)

{
@@ -431,7 +468,8 @@ pkg_fetch_file_to_fd(struct pkg_repo *repo, const char *url, int dest, time_t *t
	 * Error if using plain http://, https:// etc with SRV

	 */
- 
	if (strncmp(URL_SCHEME_PREFIX, url, strlen(URL_SCHEME_PREFIX)) == 0) {
+ 
	if (repo != NULL &&
+ 
		strncmp(URL_SCHEME_PREFIX, url, strlen(URL_SCHEME_PREFIX)) == 0) {

		if (repo->mirror_type != SRV) {

			pkg_emit_error("packagesite URL error for %s -- "

				       URL_SCHEME_PREFIX
@@ -449,7 +487,7 @@ pkg_fetch_file_to_fd(struct pkg_repo *repo, const char *url, int dest, time_t *t
	if (t != NULL)

		u->ims_time = *t;
- 
	if (strcmp(u->scheme, "ssh") == 0) {
+ 
	if (repo != NULL && strcmp(u->scheme, "ssh") == 0) {

		if ((retcode = start_ssh(repo, u, &sz)) != EPKG_OK)

			goto cleanup;

		remote = repo->ssh;
modified libpkg/libpkg.ver
@@ -60,6 +60,7 @@ global:
	pkg_emit_manifest_file;

	pkg_event_register;

	pkg_fetch_file;
+ 
	pkg_fetch_file_tmp;

	pkg_file_get;

	pkg_file_keep;

	pkg_file_mode;
modified libpkg/pkg.h.in
@@ -1331,6 +1331,11 @@ pkg_change_t pkg_version_change_between(const struct pkg * pkg1, const struct pk
 * @return An error code.

 */

int pkg_fetch_file(struct pkg_repo *repo, const char *url, char *dest, time_t t);
+ 
/**
+ 
 * Fetch a file to temporary destination
+ 
 */
+ 
int pkg_fetch_file_tmp(struct pkg_repo *repo, const char *url, char *dest,
+ 
	time_t t);



/**

 * Get cached name of a package
modified libpkg/pkg_audit.c
@@ -273,12 +273,14 @@ pkg_audit_fetch(const char *src, const char *dest)
	tmpdir = getenv("TMPDIR");

	if (tmpdir == NULL)

		tmpdir = "/tmp";
+ 


	strlcpy(tmp, tmpdir, sizeof(tmp));
- 
	strlcat(tmp, "/vuln.xml.bz2.XXXX", sizeof(tmp));
- 
	if (stat(dest, &st) != -1) {
+ 
	strlcat(tmp, "/vuln.xml.bz2.XXXXXXXX", sizeof(tmp));
+
+ 
	if (stat(dest, &st) != -1)

		t = st.st_mtime;
- 
	}
- 
	switch (pkg_fetch_file(NULL, src, tmp, t)) {
+
+ 
	switch (pkg_fetch_file_tmp(NULL, src, tmp, t)) {

	case EPKG_OK:

		break;

	case EPKG_UPTODATE: