Andrew's git
/
gitweb.git
/ diff
summary
|
log
|
commit
| diff |
tree
commit
grep
author
committer
pickaxe
?
re
gitk: Use mktemp -d to avoid predictable temporary directories
author
David Aguilar
<davvid@gmail.com>
Fri, 13 Jun 2014 21:43:48 +0000
(14:43 -0700)
committer
Paul Mackerras
<paulus@samba.org>
Sun, 15 Jun 2014 01:35:50 +0000
(11:35 +1000)
gitk uses a predictable ".gitk-tmp.$PID" pattern when generating
a temporary directory.
Use "mktemp -d .gitk-tmp.XXXXXX" to harden gitk against someone
seeding /tmp with files matching the pid pattern.
Signed-off-by: David Aguilar <davvid@gmail.com>
Signed-off-by: Paul Mackerras <paulus@samba.org>
gitk
patch
|
blob
|
history
raw
|
patch
| inline |
side by side
(from parent 1:
c7664f1
)
diff --git
a/gitk
b/gitk
index c66643520413dea6b90a3a0231c2772a856fade4..41e5071c4bdce3767f7f2782dd97b448fb153022 100755
(executable)
--- a/
gitk
+++ b/
gitk
@@
-3503,7
+3503,8
@@
proc gitknewtmpdir {} {
} else {
set tmpdir $gitdir
}
- set gitktmpdir [file join $tmpdir [format ".gitk-tmp.%s" [pid]]]
+ set gitktmpformat [file join $tmpdir ".gitk-tmp.XXXXXX"]
+ set gitktmpdir [exec mktemp -d $gitktmpformat]
if {[catch {file mkdir $gitktmpdir} err]} {
error_popup "[mc "Error creating temporary directory %s:" $gitktmpdir] $err"
unset gitktmpdir