Bug#612033: conky: diff for NMU version 1.8.0-1.1

[Luca Falavigna]

tags 612033 + patch pending
thanks


Hi Cesare,

I've prepared an NMU for conky (versioned as 1.8.0-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Regards.


-- 
  .''`.
 :  :' :   Luca Falavigna <dktrkr...@debian.org>
 `.  `'
   `-

diff -Nru conky-1.8.0/debian/changelog conky-1.8.0/debian/changelog
--- conky-1.8.0/debian/changelog	2010-04-01 16:42:19.000000000 +0200
+++ conky-1.8.0/debian/changelog	2011-04-03 15:17:41.000000000 +0200
@@ -1,3 +1,12 @@
+conky (1.8.0-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * debian/patches/70b6f35a.patch:
+    - Cherrypick a patch from upstream to avoid rewriting an arbitrary
+      user file (Closes: #612033).
+
+ -- Luca Falavigna <dktrkr...@debian.org>  Sun, 03 Apr 2011 15:17:39 +0200
+
 conky (1.8.0-1) unstable; urgency=low
 
   * New upstream release:
diff -Nru conky-1.8.0/debian/patches/70b6f35a.patch conky-1.8.0/debian/patches/70b6f35a.patch
--- conky-1.8.0/debian/patches/70b6f35a.patch	1970-01-01 01:00:00.000000000 +0100
+++ conky-1.8.0/debian/patches/70b6f35a.patch	2011-04-03 15:17:27.000000000 +0200
@@ -0,0 +1,77 @@
+Description: Avoid rewriting an arbitrary user file
+Origin: http://git.omp.am/?p=conky.git;a=patch;h=70b6f35a846f7b85bd11e66c1f23feee6b369688
+
+Index: conky-1.8.0/src/eve.c
+===================================================================
+--- conky-1.8.0.orig/src/eve.c	2011-04-03 15:15:02.658500522 +0200
++++ conky-1.8.0/src/eve.c	2011-04-03 15:14:58.162500519 +0200
+@@ -252,19 +252,6 @@
+ 	}
+ }
+ 
+-static int file_exists(const char *filename)
+-{
+-	struct stat fi;
+-
+-	if ((stat(filename, &fi)) == 0) {
+-		if (fi.st_size > 0)
+-			return 1;
+-		else
+-			return 0;
+-	} else
+-		return 0;
+-}
+-
+ static void writeSkilltree(char *content, const char *filename)
+ {
+ 	FILE *fp = fopen(filename, "w");
+@@ -280,13 +267,12 @@
+ 	xmlDocPtr doc = 0;
+ 	xmlNodePtr root = 0;
+ 
+-	if (!file_exists(file)) {
+-		skilltree = getXmlFromAPI(NULL, NULL, NULL, EVEURL_SKILLTREE);
+-		writeSkilltree(skilltree, file);
+-		free(skilltree);
+-	}
++	skilltree = getXmlFromAPI(NULL, NULL, NULL, EVEURL_SKILLTREE);
++	writeSkilltree(skilltree, file);
++	free(skilltree);
+ 
+ 	doc = xmlReadFile(file, NULL, 0);
++	unlink(file);
+ 	if (!doc)
+ 		return NULL;
+ 
+@@ -337,7 +323,7 @@
+ static char *eve(char *userid, char *apikey, char *charid)
+ {
+ 	Character *chr = NULL;
+-	const char *skillfile = "/tmp/.cesf";
++	char skillfile[] = "/tmp/.cesfXXXXXX";
+ 	int i = 0;
+ 	char *output = 0;
+ 	char *timel = 0;
+@@ -345,6 +331,7 @@
+ 	char *content = 0;
+ 	time_t now = 0;
+ 	char *error = 0;
++	int tmp_fd, old_umask;
+ 
+ 
+ 	for (i = 0; i < MAXCHARS; i++) {
+@@ -397,6 +384,14 @@
+ 
+ 		output = (char *)malloc(200 * sizeof(char));
+ 		timel = formatTime(&chr->ends);
++		old_umask = umask(0066);
++		tmp_fd = mkstemp(skillfile);
++		umask(old_umask);
++		if (tmp_fd == -1) {
++			error = strdup("Cannot create temporary file");
++			return error;
++		}
++		close(tmp_fd);
+ 		skill = getSkillname(skillfile, chr->skill);
+ 
+ 		chr->skillname = strdup(skill);
diff -Nru conky-1.8.0/debian/patches/series conky-1.8.0/debian/patches/series
--- conky-1.8.0/debian/patches/series	1970-01-01 01:00:00.000000000 +0100
+++ conky-1.8.0/debian/patches/series	2011-04-03 15:05:23.000000000 +0200
@@ -0,0 +1 @@
+70b6f35a.patch

signature.asc
Description: OpenPGP digital signature