Hi,
Vincent Lefevre wrote:
> --- /usr/bin/xpdf 2011-07-28 06:29:44.000000000 +0200
> +++ xpdf 2011-07-29 16:36:38.000000000 +0200
> @@ -78,7 +78,7 @@
> elif [ "$cat" = "cat" ]; then
> $cmd -title "$title" "$file" $pages
> else
> - tmp=$(tempfile -p "$(basename "$file")" -s .pdf)
> + tmp=$(tempfile -s .pdf)
> $cat "$file" > "$tmp"
> trap "rm -f \"$tmp\"" EXIT HUP INT QUIT TERM
This is still vaguely vulnerable if a malicious or incompetent person
has control of TMPDIR (which I admit is far-fetched). Wasn't the
original intent closer to
trap "rm -f -- \"\$tmp\"" EXIT HUP INT QUIT TERM
which prevents the variable from being interpolated in advance at all?
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
