It seems to me that there's still a bug if there's a race:
function random_suffix
{
TEMP_FILE="$(mktemp)"
TARGET="${TEMP_FILE}${1}"
mv ${TEMP_FILE} ${TARGET} || exit 1
echo "${TARGET}"
}
And further down:
OTRASALIDA=$(random_suffix odtsalida.zip)
Followed by no check for failure. This means that OTRASALIDA can be
the empty string if the mv fails. I'm not sure how well the script
copes with that, but I couldn't see that it's readily exploitable,
either.
Fix is to create a temporary directory using "mktemp -d" and put the
files into that.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
