diff options
| author |   Ned Ludd <solar@gentoo.org> | 2008-05-31 16:34:33 -0400 |
|---|---|---|
| committer |   Mike Frysinger <vapier@gentoo.org> | 2008-05-31 17:08:11 -0400 |
| commit | 4df25f140dbb4d93c8c9482b7181c678cc69dcca (patch) | |
| tree | 9e99ca816a0e142b95d8e1f1e660a4ba58b87bb8 /rpm2targz | |
| parent | add support for rpms with bzip2 compression (diff) | |
| download | rpm2targz-4df25f140dbb4d93c8c9482b7181c678cc69dcca.tar.gz rpm2targz-4df25f140dbb4d93c8c9482b7181c678cc69dcca.tar.bz2 rpm2targz-4df25f140dbb4d93c8c9482b7181c678cc69dcca.zip | |
rpm2targz: make tempfile handling secure
Diffstat (limited to 'rpm2targz')
| -rwxr-xr-x | rpm2targz | 42 |
1 files changed, 23 insertions, 19 deletions
@@ -23,20 +23,24 @@ # debug switch to allow to bypass use of rpm2cpio provided by the rpm package USERPM2CPIO=true -if [ "$TMPDIR" = "" ]; then - TMPDIR=/tmp +[ "$TMPDIR" == "" ] && TMPDIR=/tmp +if [ ! -d "$TMPDIR" ]; then + echo "TMPDIR=$TMPDIR is not a dir" > /dev/stderr + exit 1 fi -# If mcookie is available, use it for better /tmp security. -if [ -x `which mcookie` ]; then - COOKIE=`mcookie` -else - COOKIE=$$ +WORKDIR=`mktemp -d $TMPDIR/$$XXXXXX` +if [ $? != 0 ]; then + echo "Failed to make tmp workdir for file i/o conversion" > /dev/stderr + exit 1 fi + if [ "$1" = "" ]; then echo "$0: Converts RPM format to standard GNU tar + GNU zip format." - echo " (view converted packages with \"less\", install and remove" - echo " with \"installpkg\", \"removepkg\", \"pkgtool\", or manually" - echo " with \"tar\")" + if [ -e /etc/slackware-version ]; then + echo " (view converted packages with \"less\", install and remove" + echo " with \"installpkg\", \"removepkg\", \"pkgtool\", or manually" + echo " with \"tar\")" + fi echo echo "Usage: $0 <file.rpm>" if [ "`basename $0`" = "rpm2tgz" ]; then @@ -50,8 +54,7 @@ for i in $* ; do if [ ! "$1" = "$*" ]; then echo "Processing file: $i" fi - rm -rf $TMPDIR/rpm2targz$COOKIE # clear the way, just in case of mischief - mkdir $TMPDIR/rpm2targz$COOKIE + rm -rf ${WORKDIR}/* || exit 1 ; # clear the way, just in case of mischief # Determine if this is a source or binary RPM. # If we have getrpmtype, use that. Otherwise, try "file". @@ -69,12 +72,12 @@ for i in $* ; do fi fi - ofn=$TMPDIR/rpm2targz$COOKIE/`basename $i .rpm`.cpio + ofn=${WORKDIR}/`basename $i .rpm`.cpio if $USERPM2CPIO && which rpm2cpio 1> /dev/null 2> /dev/null ; then rpm2cpio $i > $ofn 2> /dev/null if [ ! $? = 0 ]; then echo "... rpm2cpio failed. (maybe $i is not an RPM?)" - ( cd $TMPDIR ; rm -rf rpm2targz$COOKIE ) + ( rm -rf "${WORKDIR}/*" ) continue fi else # less reliable than rpm2cpio... @@ -90,7 +93,7 @@ for i in $* ; do decomp="bzip2" else echo " $i - no magic compression identifier found - skipping file" - ( cd $TMPDIR ; rm -rf rpm2targz$COOKIE ) + ( rm -rf "${WORKDIR}/*" ) continue fi echo -n " trying to decompress with ${decomp}..." @@ -100,11 +103,11 @@ for i in $* ; do else echo " FAILED" echo " $i failed to decompress - skipping file" - ( cd $TMPDIR ; rm -rf rpm2targz$COOKIE ) + ( rm -rf "${WORKDIR}/*" ) continue fi fi - DEST=$TMPDIR/rpm2targz$COOKIE + DEST=${WORKDIR} if [ "$isSource" = "1" ]; then DEST=$DEST/$(basename $(basename $i .rpm) .src) fi @@ -113,11 +116,12 @@ for i in $* ; do cpio --extract --preserve-modification-time --make-directories < $ofn 1> /dev/null 2> /dev/null rm -f $ofn find . -type d -perm 700 -exec chmod 755 {} \; ) - ( cd $TMPDIR/rpm2targz$COOKIE ; tar cf - . ) > `basename $i .rpm`.tar + ( cd ${WORKDIR} ; tar cf - . ) > `basename $i .rpm`.tar gzip -9 `basename $i .rpm`.tar if [ "`basename $0`" = "rpm2tgz" ]; then mv `basename $i .rpm`.tar.gz `basename $i .rpm`.tgz fi - ( cd $TMPDIR ; rm -rf rpm2targz$COOKIE ) + ( rm -rf "${WORKDIR}/*" ) echo done +rm -rf ${WORKDIR} |