You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@subversion.apache.org by Matt Kraai <kr...@alumni.cmu.edu> on 2002/12/04 17:18:44 UTC

Re: svn commit: rev 3973 - trunk/subversion/tests/libsvn_delta

On Tue, Dec 03, 2002 at 06:50:17PM -0600, brane@tigris.org wrote:
> Author: brane
> Date: 2002-12-03 18:50:17 -0600 (Tue, 03 Dec 2002)
> New Revision: 3973
> 
> Modified:
>    trunk/subversion/tests/libsvn_delta/random-test.c
> Log:
> This is fallout from my deciding not to have admin privs for my normal
> login on the new Windows box...
> 
> * subversion/tests/libsvn_delta/random-test.c: Don't use tmpnam to
>   open temporary files.
> (open_temp, close_temp): New functions. Use instead of tmpfile and
> fclose, respectively.
> (unlink_magic_struct): Helper for close_temp to maintain the list of
> open file names.

This use of tempnam is insecure.  Would you use apr_file_mktemp
instead?

Matt

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: svn commit: rev 3973 - trunk/subversion/tests/libsvn_delta

Posted by Branko Čibej <br...@xbc.nu>.

Matt Kraai wrote:

>On Wed, Dec 04, 2002 at 07:22:40PM +0100, Branko ??ibej wrote:
>  
>
>>Matt Kraai wrote:
>>    
>>
>>>This use of tempnam is insecure.
>>>
>>>      
>>>
>>Why should I care about that in a test program? This code is not part of
>>the Subversion libraries.
>>    
>>
>
>Because people who test Subversion are vulnerable.
>
Oh yes, how could I be so stupid? It's totally natural to run
random-test as root, in a loop, and of course the file it opens using
tempnam is piped immediately to a shell.

If you want to rewrite random-test, be my guest.

-- 
Brane Čibej   <br...@xbc.nu>   http://www.xbc.nu/brane/


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: svn commit: rev 3973 - trunk/subversion/tests/libsvn_delta

Posted by Matt Kraai <kr...@alumni.cmu.edu>.

On Wed, Dec 04, 2002 at 07:22:40PM +0100, Branko ??ibej wrote:
> Matt Kraai wrote:
> >This use of tempnam is insecure.
> >
> Why should I care about that in a test program? This code is not part of
> the Subversion libraries.

Because people who test Subversion are vulnerable.

Matt

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: svn commit: rev 3973 - trunk/subversion/tests/libsvn_delta

Posted by Branko Čibej <br...@xbc.nu>.

Karl Fogel wrote:

>Branko Čibej <br...@xbc.nu> writes:
>  
>
>>Why should I care about that in a test program? This code is not part of
>>the Subversion libraries.
>>    
>>
>
>It's generating a compile-time warning right now, for some of us.
>  
>
Hm, O.K., this is a more relevant argument than the insecure whatsit.
I'll look into rewriting random-test.c... and will hate it, I'm sure.
But needs must.

-- 
Brane Čibej   <br...@xbc.nu>   http://www.xbc.nu/brane/


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: svn commit: rev 3973 - trunk/subversion/tests/libsvn_delta

Posted by Karl Fogel <kf...@newton.ch.collab.net>.

Branko Čibej <br...@xbc.nu> writes:
> Why should I care about that in a test program? This code is not part of
> the Subversion libraries.

It's generating a compile-time warning right now, for some of us.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: svn commit: rev 3973 - trunk/subversion/tests/libsvn_delta

Posted by Branko Čibej <br...@xbc.nu>.

Matt Kraai wrote:

>On Tue, Dec 03, 2002 at 06:50:17PM -0600, brane@tigris.org wrote:
>  
>
>>Author: brane
>>Date: 2002-12-03 18:50:17 -0600 (Tue, 03 Dec 2002)
>>New Revision: 3973
>>
>>Modified:
>>   trunk/subversion/tests/libsvn_delta/random-test.c
>>Log:
>>This is fallout from my deciding not to have admin privs for my normal
>>login on the new Windows box...
>>
>>* subversion/tests/libsvn_delta/random-test.c: Don't use tmpnam to
>>  open temporary files.
>>(open_temp, close_temp): New functions. Use instead of tmpfile and
>>fclose, respectively.
>>(unlink_magic_struct): Helper for close_temp to maintain the list of
>>open file names.
>>    
>>
>
>This use of tempnam is insecure.
>
Why should I care about that in a test program? This code is not part of
the Subversion libraries.

>Would you use apr_file_mktemp instead?
>
No, because then I'd have to rewrite all of random-test.c to use APR
files instead for STDIO files, and I can't be bothered.

-- 
Brane Čibej   <br...@xbc.nu>   http://www.xbc.nu/brane/


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org