[xorg-x11-server] Use mktemp and use it properly.

[Matej Cepl]

commit 6753065f959b88ccaccd36ecdc5baffbfe320c9f
Author: Matěj Cepl <mcepl at redhat.com>
Date:   Mon Sep 13 11:28:30 2010 +0200

    Use mktemp and use it properly.
    
     * fixes bug 632879 and bug 499234 (which is CVE-2009-1573)
    
    Signed-off-by: Matěj Cepl <mcepl at redhat.com>

 xvfb-run.sh |   16 +++++++---------
 1 files changed, 7 insertions(+), 9 deletions(-)
---
diff --git a/xvfb-run.sh b/xvfb-run.sh
index 8d1e293..84ad0fc 100644
--- a/xvfb-run.sh
+++ b/xvfb-run.sh
@@ -146,19 +146,17 @@ fi
 # If the user did not specify an X authorization file to use, set up a temporary
 # directory to house one.
 if [ -z "$AUTHFILE" ]; then
-    XVFB_RUN_TMPDIR="${TMPDIR:-/tmp}/$PROGNAME.$$"
-    if ! mkdir -p -m 700 "$XVFB_RUN_TMPDIR"; then
-        error "temporary directory $XVFB_RUN_TMPDIR already exists"
-        exit 4
-    fi
-    AUTHFILE=$(mktemp -p "$XVFB_RUN_TMPDIR" Xauthority)
+    XVFB_RUN_TMPDIR="$(mktemp --directory --tmpdir $PROGNAME.XXXXXX)"
+    AUTHFILE=$(mktemp -p "$XVFB_RUN_TMPDIR" Xauthority.XXXXXX)
 fi
 
 # Start Xvfb.
 MCOOKIE=$(mcookie)
-XAUTHORITY=$AUTHFILE xauth add ":$SERVERNUM" "$XAUTHPROTO" "$MCOOKIE" \
-  >"$ERRORFILE" 2>&1
-XAUTHORITY=$AUTHFILE Xvfb ":$SERVERNUM" $XVFBARGS $LISTENTCP >"$ERRORFILE" \
+
+XAUTHORITY=$AUTHFILE xauth source - << EOF >>"$ERRORFILE" 2>&1
+add :$SERVERNUM $XAUTHPROTO $MCOOKIE
+EOF
+XAUTHORITY=$AUTHFILE Xvfb ":$SERVERNUM" $XVFBARGS $LISTENTCP >>"$ERRORFILE" \
   2>&1 &
 XVFBPID=$!
 sleep "$STARTWAIT"