SPECS: qb2c.spec - avoid security hole by not expanding tmpfiles a...

glen glen at pld-linux.org
Mon Jan 15 23:43:53 CET 2007 

Author: glen                         Date: Mon Jan 15 22:43:53 2007 GMT
Module: SPECS                         Tag: HEAD
---- Log message:
- avoid security hole by not expanding tmpfiles at compile stage
- typo
- add TODO
- rel 4

---- Files affected:
SPECS:
   qb2c.spec (1.12 -> 1.13) 

---- Diffs:

================================================================
Index: SPECS/qb2c.spec
diff -u SPECS/qb2c.spec:1.12 SPECS/qb2c.spec:1.13
--- SPECS/qb2c.spec:1.12	Thu Nov  9 21:57:28 2006
+++ SPECS/qb2c.spec	Mon Jan 15 23:43:48 2007
@@ -1,9 +1,11 @@
 # $Revision$, $Date$
+# TODO
+# - /usr/bin/bcc collides with bcc.spec
 Summary:	Qbasic to C conversion
 Summary(pl):	Konwerter z Qbasic na C
 Name:		qb2c
 Version:	3.41
-Release:	3
+Release:	4
 License:	freely distributable
 Group:		Development/Languages
 Source0:	http://matrix.irb.hr/~mario/ftp/pub/qb2c/%{name}.tgz
@@ -12,7 +14,7 @@
 BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 
 %description
-This package attempts to conver Microsoft QBASIC programs into
+This package attempts to convert Microsoft QBASIC programs into
 compilable C code. A 'brun' script is also provided to directly
 execute a qbasic program.
 
@@ -47,23 +49,23 @@
 %{__cc} %{rpmldflags} -shared -Wl,-soname,libqbX11.so.3 -o libqbX11.so.%{version} *.o \
 	-L/usr/X11R6/%{_lib} -lX11 -lm
 
-cat <<EOF >bcc
+cat <<'EOF' > bcc
 #!/bin/sh
-qb2c -b -C \$1 \$2 \$3 \$4 \$5 \$6
-if test \$? = 0 ; then
-	gcc -o \$1 \$1.c -L`pwd` -lqbX11 -L/usr/X11R6/%{_lib} -lX11 -lm
+qb2c -b -C $1 $2 $3 $4 $5 $6
+if test $? = 0 ; then
+	gcc -o $1 $1.c -L$(pwd) -lqbX11 -L/usr/X11R6/%{_lib} -lX11 -lm
 fi
 EOF
 
-cat <<EOF >brun
+cat <<'EOF' > brun
 #!/bin/sh
 TEMPNAM=`mktemp /tmp/qb.XXXXXX`
-rm -f \$TEMPNAM
-qb2c -b -C \$1 \$2 \$3 \$4 \$5
-if test \$? = 0 ; then
-	gcc -o \$TEMPNAM \$1.c -L`pwd` -lqbX11 -L/usr/X11R6/%{_lib} -lX11 -lm
-	if test \$? = 0 ; then
-		\$TEMPNAM \$2 \$3 \$4 \$5
+rm -f $TEMPNAM
+qb2c -b -C $1 $2 $3 $4 $5
+if test $? = 0 ; then
+	gcc -o $TEMPNAM $1.c -L$(pwd) -lqbX11 -L/usr/X11R6/%{_lib} -lX11 -lm
+	if test $? = 0 ; then
+		$TEMPNAM $2 $3 $4 $5
 	fi
 fi
 EOF
@@ -97,6 +99,12 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.13  2007/01/15 22:43:48  glen
+- avoid security hole by not expanding tmpfiles at compile stage
+- typo
+- add TODO
+- rel 4
+
 Revision 1.12  2006/11/09 20:57:28  glen
 - strict internal deps
 
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/SPECS/qb2c.spec?r1=1.12&r2=1.13&f=u

More information about the pld-cvs-commit mailing list