On 2025-02-08 19:07, KO Myung-Hun wrote:
OS/2 does not allow file actions with a file name to opened files. As a result, copy(), chmod() and update_file() fail.
Ouch, that means OS/2 is inherently insecure with temp files due to races in some situations. However, the Autoconf code is already insecure even on non-OS/2 platforms, so I guess it's no extra harm done.
+ copy ($src, $^O eq 'os2' ? $temp : $tempname)
I'd rather not have os2-specific code if we can avoid it, as that makes testing harder cross-platform. I installed the attached instead; please give it a try.
From 2f64dcd048b08bb90ec44b26f4cd6b729112a28e Mon Sep 17 00:00:00 2001 From: Paul Eggert <egg...@cs.ucla.edu> Date: Sun, 9 Feb 2025 10:00:11 -0800 Subject: [PATCH] Port install_aux_file to OS/2 * bin/autoreconf.in (install_aux_file): Port to OS/2, which does not allow file name operations on open files. Problem reported by KO Myung-Hun in: https://lists.gnu.org/r/autoconf-patches/2025-02/msg00001.html --- bin/autoreconf.in | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/bin/autoreconf.in b/bin/autoreconf.in index 74c9890e..a5ffc6fa 100644 --- a/bin/autoreconf.in +++ b/bin/autoreconf.in @@ -400,8 +400,10 @@ sub install_aux_file or fatal "rm -f $dest: $!"; } my ($temp, $tempname) = tempfile (UNLINK => 0, DIR => $destdir); - copy ($src, $tempname) + copy ($src, $temp) or fatal "copying $src to $tempname: $!"; + close ($temp) + or fatal "closing $tempname: $!"; make_executable ($tempname) if -x $src; update_file ($tempname, $dest, $force); } -- 2.45.2
