[xorg-x11-server/f14/master: 1/2] Use mktemp and use it properly.

Matej Cepl mcepl at fedoraproject.org
Mon Sep 13 16:11:03 UTC 2010 

commit 41b6300cedcbb56c4b470cb2f037248172c54af5
Author: Matěj Cepl <mcepl at redhat.com>
Date:   Mon Sep 13 11:28:30 2010 +0200

    Use mktemp and use it properly.
    
     * fixes bug 632879 and bug 499234 (which is CVE-2009-1573)
    
    Signed-off-by: Matěj Cepl <mcepl at redhat.com>
    (cherry picked from commit 6753065f959b88ccaccd36ecdc5baffbfe320c9f)

 xorg-x11-server.spec |    5 ++++-
 xvfb-run.sh          |   16 +++++++---------
 2 files changed, 11 insertions(+), 10 deletions(-)
---
diff --git a/xorg-x11-server.spec b/xorg-x11-server.spec
index 26fe63c..37cd42c 100644
--- a/xorg-x11-server.spec
+++ b/xorg-x11-server.spec
@@ -30,7 +30,7 @@
 Summary:   X.Org X11 X server
 Name:      xorg-x11-server
 Version:   1.9.0
-Release:   7%{?gitdate:.%{gitdate}}%{dist}
+Release:   8%{?gitdate:.%{gitdate}}%{dist}
 URL:       http://www.x.org
 License:   MIT
 Group:     User Interface/X
@@ -554,6 +554,9 @@ rm -rf $RPM_BUILD_ROOT
 %{xserver_source_dir}
 
 %changelog
+* Mon Sep 13 2010 Matěj Cepl <mcepl at redhat.com> - 1.9.0-8
+- Call mktemp correctly (fixes RHBZ bug 632879
+
 * Thu Sep 02 2010 Adam Jackson <ajax at redhat.com> 1.9.0-7
 - ... but only in F15 and later.
 
diff --git a/xvfb-run.sh b/xvfb-run.sh
index 8d1e293..84ad0fc 100644
--- a/xvfb-run.sh
+++ b/xvfb-run.sh
@@ -146,19 +146,17 @@ fi
 # If the user did not specify an X authorization file to use, set up a temporary
 # directory to house one.
 if [ -z "$AUTHFILE" ]; then
-    XVFB_RUN_TMPDIR="${TMPDIR:-/tmp}/$PROGNAME.$$"
-    if ! mkdir -p -m 700 "$XVFB_RUN_TMPDIR"; then
-        error "temporary directory $XVFB_RUN_TMPDIR already exists"
-        exit 4
-    fi
-    AUTHFILE=$(mktemp -p "$XVFB_RUN_TMPDIR" Xauthority)
+    XVFB_RUN_TMPDIR="$(mktemp --directory --tmpdir $PROGNAME.XXXXXX)"
+    AUTHFILE=$(mktemp -p "$XVFB_RUN_TMPDIR" Xauthority.XXXXXX)
 fi
 
 # Start Xvfb.
 MCOOKIE=$(mcookie)
-XAUTHORITY=$AUTHFILE xauth add ":$SERVERNUM" "$XAUTHPROTO" "$MCOOKIE" \
-  >"$ERRORFILE" 2>&1
-XAUTHORITY=$AUTHFILE Xvfb ":$SERVERNUM" $XVFBARGS $LISTENTCP >"$ERRORFILE" \
+
+XAUTHORITY=$AUTHFILE xauth source - << EOF >>"$ERRORFILE" 2>&1
+add :$SERVERNUM $XAUTHPROTO $MCOOKIE
+EOF
+XAUTHORITY=$AUTHFILE Xvfb ":$SERVERNUM" $XVFBARGS $LISTENTCP >>"$ERRORFILE" \
   2>&1 &
 XVFBPID=$!
 sleep "$STARTWAIT"

More information about the scm-commits mailing list