Bug#450887: b43-fwcutter: install_bcm43xx_firmware.sh untars an archive in /tmp with a predefined name

[Zbyszek Szmek]

Package: b43-fwcutter
Version: 1:008-1
Severity: normal
Tags: patch

The script /usr/share/b43-fwcutter/install_bcm43xx_firmware.sh 
download's files into
/tmp using wget. If files /tmp/broadcom-wl-4.80.53.0.tar.bz2 or
/tmp/wl_apsta-3.130.20.0.o, wget will save downloaded files under a
different name (e.g. broadcom-wl-4.80.53.0.tar.bz2.1) and further 
installation will use
those preexisting files, possibly extracting hostile data into /tmp/.
(patch install_bcm43xx_firmware.sh.diff)

Additionally, b43-fwcutter creates the directories /lib/firmware/b43 and 
/lib/firmware/b43legacy with mode 0770, which seem to be unnecessarily 
strict, since every installation using this download script contains the 
same files, there is nothing to hide here.
(patch install_bcm43xx_firmware.sh.diff2)

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.20-1-486
Locale: LANG=en_GB.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

--- b43-fwcutter-008/debian/install_bcm43xx_firmware.sh 2007-11-11 
23:15:43.000000000 +0100
+++ b43-fwcutter-008.1/debian/install_bcm43xx_firmware.sh       2007-11-11 
23:16:10.000000000 +0100
@@ -2,11 +2,11 @@
 
 set -e
 
-cd /tmp
+dir=$(mktemp -d)
+cd "$dir"
 wget http://downloads.openwrt.org/sources/wl_apsta-3.130.20.0.o
 wget http://downloads.openwrt.org/sources/broadcom-wl-4.80.53.0.tar.bz2
 b43-fwcutter -w /lib/firmware wl_apsta-3.130.20.0.o
 tar xfvj broadcom-wl-4.80.53.0.tar.bz2
 b43-fwcutter -w /lib/firmware broadcom-wl-4.80.53.0/kmod/wl_apsta.o
-rm wl_apsta*.o
-rm -rf broadcom-wl-4.80.53.0
+rm -rf "$dir"

--- b43-fwcutter-008/debian/install_bcm43xx_firmware.sh~ 2007-11-11 
23:23:47.000000000 +0100
+++ b43-fwcutter-008/debian/install_bcm43xx_firmware.sh 2007-11-11 
22:44:57.000000000 +0100
@@ -10,3 +10,4 @@
 tar xfvj broadcom-wl-4.80.53.0.tar.bz2
 b43-fwcutter -w /lib/firmware broadcom-wl-4.80.53.0/kmod/wl_apsta.o
 rm -rf "$dir"
+chmod o+rx /lib/firmware/b43 /lib/firmware/b43legacy