From: [EMAIL PROTECTED]
Operating system: red hat 7.2
PHP version: 4.3.0RC3
PHP Bug Type: Compile Failure
Bug description: "make" crashed because my_tempnam.c
hi
on several system "make" crashed because tempnam is not secur.
I've fixed that bug.
new content of the "my_tempnam.c" working perfectly :
(located in etx/mysql if i remember good)
/* Copyright Abandoned 1996 TCX DataKonsult AB & Monty Program KB & Detron
HB
This file is public domain and comes with NO WARRANTY of any kind */
/*
This function is only used by some old ISAM code.
When we remove ISAM support from MySQL, we should also delete this file
One should instead use the functions in mf_tempfile.c
*/
#include "mysys_priv.h"
#include <m_string.h>
#include "my_static.h"
#include "mysys_err.h"
#define TMP_EXT ".tmp" /* Extension of tempfile */
#if ! defined(P_tmpdir)
#define P_tmpdir ""
#endif
#ifdef HAVE_TEMPNAM
#if !defined( MSDOS) && !defined(OS2)
extern char **environ;
#endif
#endif
/* Make a uniq temp file name by using dir and adding something after
pfx to make name uniq. Name is made by adding a uniq 8 length-string
and
TMP_EXT after pfx.
Returns pointer to malloced area for filename. Should be freed by
free().
The name should be uniq, but it isn't checked if it file allready
exists.
Uses tempnam() if function exist on system.
This function fixes that if dir is given it's used. For example
MSDOS tempnam() uses always TMP environment-variable if it exists.
*/
/* ARGSUSED */
my_string my_tempnam(const char *dir, const char *pfx,
myf MyFlags __attribute__((unused)))
{
#ifdef _MSC_VER
char temp[FN_REFLEN],*end,*res,**old_env,*temp_env[1];
old_env=environ;
if (dir)
{
end=strend(dir)-1;
if (!dir[0])
{ /* Change empty string to current dir */
temp[0]= FN_CURLIB;
temp[1]= 0;
dir=temp;
}
else if (*end == FN_DEVCHAR)
{ /* Get current dir for drive */
_fullpath(temp,dir,FN_REFLEN);
dir=temp;
}
else if (*end == FN_LIBCHAR && dir < end && end[-1] != FN_DEVCHAR)
{
strmake(temp,dir,(uint) (end-dir)); /* Copy and remove last '\' */
dir=temp;
}
environ=temp_env; /* Force use of dir (dir not checked) */
temp_env[0]=0;
}
res=mkstemp(my_string);
environ=old_env;
return res;
#else
#ifdef __ZTC__
if (!dir)
{ /* If empty test first if TMP can be used */
dir=getenv("TMP");
}
return mkstemp(my_string); /* Use stand. dir with prefix */
#else
#ifdef HAVE_TEMPNAM
char temp[2],*res,**old_env,*temp_env[1];
if (dir && !dir[0])
{ /* Change empty string to current dir */
temp[0]= FN_CURLIB;
temp[1]= 0;
dir=temp;
}
#ifdef OS2
/* changing environ variable doesn't work with VACPP */
char buffer[256];
sprintf( buffer, "TMP=%s", dir);
/* remove ending backslash */
if (buffer[strlen(buffer)-1] == '\\')
buffer[strlen(buffer)-1] = '\0';
putenv( buffer);
#else
old_env=(char**)environ;
if (dir)
{ /* Don't use TMPDIR if dir is given */
((char **)environ)=(char**)temp_env; /* May give warning */
temp_env[0]=0;
}
#endif
res=mkstemp("bidule");
#ifndef OS2
((char**)environ)=(char**)old_env; /* May give warning */
#endif
if (!res)
DBUG_PRINT("error",("Got error: %d from tempnam",errno));
return res;
#else
register long uniq;
register int length;
my_string pos,end_pos;
DBUG_ENTER("my_tempnam");
/* Make a uniq nummber */
pthread_mutex_lock(&THR_LOCK_open);
uniq= ((long) getpid() << 20) + (long) _my_tempnam_used++ ;
pthread_mutex_unlock(&THR_LOCK_open);
if (!dir && !(dir=getenv("TMPDIR"))) /* Use this if possibly */
dir=P_tmpdir; /* Use system default */
length=strlen(dir)+strlen(pfx)+1;
DBUG_PRINT("test",("mallocing %d byte",length+8+sizeof(TMP_EXT)+1));
if (!(pos=(char*) malloc(length+8+sizeof(TMP_EXT)+1)))
{
if (MyFlags & MY_FAE+MY_WME)
my_error(EE_OUTOFMEMORY, MYF(ME_BELL+ME_WAITTANG),
length+8+sizeof(TMP_EXT)+1);
DBUG_RETURN(NullS);
}
end_pos=strmov(pos,dir);
if (end_pos != pos && end_pos[-1] != FN_LIBCHAR)
*end_pos++=FN_LIBCHAR;
end_pos=strmov(end_pos,pfx);
for (length=0 ; length < 8 && uniq ; length++)
{
*end_pos++= _dig_vec[(int) (uniq & 31)];
uniq >>= 5;
}
VOID(strmov(end_pos,TMP_EXT));
DBUG_PRINT("exit",("tempnam: '%s'",pos));
DBUG_RETURN(pos);
#endif /* HAVE_TEMPNAM */
#endif /* __ZTC__ */
#endif /* _MSC_VER */
} /* my_tempnam */
--
Edit bug report at http://bugs.php.net/?id=21029&edit=1
--
Try a CVS snapshot: http://bugs.php.net/fix.php?id=21029&r=trysnapshot
Fixed in CVS: http://bugs.php.net/fix.php?id=21029&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=21029&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=21029&r=needtrace
Try newer version: http://bugs.php.net/fix.php?id=21029&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=21029&r=support
Expected behavior: http://bugs.php.net/fix.php?id=21029&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=21029&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=21029&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=21029&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=21029&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=21029&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=21029&r=isapi
