h/fish-shell
1
Fork 0
mirror of https://github.com/fish-shell/fish-shell.git synced 2026-06-09 12:11:20 -03:00
Code Issues Packages Projects Releases Wiki Activity

use mktemp(1) to generate temporary file names

Browse Source 
Fix for CVE-2014-2906.

Closes a race condition in funced which would allow execution of
arbitrary code; closes a race condition in psub which would allow
alternation of the data stream.

Note that `psub -f` does not work (#1040); a fix should be committed
separately for ease of maintenance.

Closes #1437
This commit is contained in:
David Adam
2014-04-20 23:51:20 +08:00
parent ba1b5e34a7
commit 55bc4168bf
2 changed files with 4 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
share/functions/funced.fish
View File

@@ -81,11 +81,7 @@ function funced --description 'Edit function definition'
return 0
end
set -q TMPDIR; or set -l TMPDIR /tmp
set -l tmpname (printf "$TMPDIR/fish_funced_%d_%d.fish" %self (random))
while test -f $tmpname
set tmpname (printf "$TMPDIR/fish_funced_%d_%d.fish" %self (random))
end
set tmpname (mktemp -t fish_funced.XXXXXXXXXX)
if functions -q -- $funcname
functions -- $funcname > $tmpname