#! /bin/sh /usr/share/dpatch/dpatch-run
## 09_2001-1593.patch.dpatch by Salvatore Bonaccorso <carnil@debian.org>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Fix CVE-2001-1593: insecure use of /tmp
## DP: Bug-Debian: https://bugs.debian.org/737385
## DP: Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1060630

@DPATCH@
diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' a2ps~/lib/routines.c a2ps/lib/routines.c
--- a2ps~/lib/routines.c	2014-03-30 12:24:50.000000000 +0200
+++ a2ps/lib/routines.c	2014-03-30 12:31:55.206102405 +0200
@@ -242,3 +242,50 @@
   /* Don't complain if you can't unlink.  Who cares of a tmp file? */
   unlink (filename);
 }
+
+/*
+ * Securely generate a temp file, and make sure it gets
+ * deleted upon exit.
+ */
+static char **	tempfiles;
+static unsigned	ntempfiles;
+
+static void
+cleanup_tempfiles()
+{
+	while (ntempfiles--)
+		unlink(tempfiles[ntempfiles]);
+}
+
+char *
+safe_tempnam(const char *pfx)
+{
+	char	*dirname, *filename;
+	int	fd;
+
+	if (!(dirname = getenv("TMPDIR")))
+		dirname = "/tmp";
+
+	tempfiles = (char **) realloc(tempfiles,
+			(ntempfiles+1) * sizeof(char *));
+	if (tempfiles == NULL)
+		return NULL;
+
+	filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX"));
+	if (!filename)
+		return NULL;
+
+	sprintf(filename, "%s/%sXXXXXX", dirname, pfx);
+
+	if ((fd = mkstemp(filename)) < 0) {
+		free(filename);
+		return NULL;
+	}
+	close(fd);
+
+	if (ntempfiles == 0)
+		atexit(cleanup_tempfiles);
+	tempfiles[ntempfiles++] = filename;
+
+	return filename;
+}
diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' a2ps~/lib/routines.h a2ps/lib/routines.h
--- a2ps~/lib/routines.h	2014-03-30 12:24:50.000000000 +0200
+++ a2ps/lib/routines.h	2014-03-30 12:31:55.206102405 +0200
@@ -255,7 +255,8 @@
 /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */
 #define tempname_ensure(Str)				\
 do {							\
-  (Str) = (Str) ? (Str) : tempnam (NULL, "a2_");	\
+  (Str) = (Str) ? (Str) : safe_tempnam("a2_");	\
 } while (0)
+char * safe_tempnam(const char *);
 
 #endif