--- ispell-3.2.06/munchlist.X	2001-07-25 21:51:46 +0000

+++ ispell-3.2.06.epa7/munchlist.X	2003-11-09 17:27:51 +0000

@@ -1,6 +1,6 @@

 : Use /bin/sh

 #

-# $Id: munchlist.X,v 1.61 2001/07/25 21:51:46 geoff Exp $

+# $Id: munchlist.X,v 1.3 2003/11/09 17:27:51 ed Exp $

 #

 # Copyright 1987, 1988, 1989, 1992, 1993, 1999, 2001, Geoff Kuenning,

 # Claremont, CA.

@@ -19,16 +19,7 @@

 #    such.  Binary redistributions based on modified source code

 #    must be clearly marked as modified versions in the documentation

 #    and/or other materials provided with the distribution.

-# 4. Any web site or other electronic service that offers ispell for

-#    download or other electronic transfer as a separate entity, in

-#    either source or binary form, must also include a prominent statement

-#    indicating that information about ispell can be obtained from the

-#    following Web site URL:

-#	http://fmg-www.cs.ucla.edu/geoff/ispell.html

-#    If the offering service supports hyperlinks, the aforementioned

-#    Web site must also be offered as a hyperlink.  Condition #4 does

-#    not apply if ispell is offered only as part of a larger, aggregated

-#    product such as a word processor or packaged operating system.

+# (clause 4 removed with permission from Geoff Kuenning)

 # 5. The name of Geoff Kuenning may not be used to endorse or promote

 #    products derived from this software without specific prior

 #    written permission.

@@ -95,6 +86,15 @@

 #		2/28/87

 #

 # $Log: munchlist.X,v $

+# Revision 1.3  2003/11/09 17:27:51  ed

+# Fix (based on Debian's) for insecure temporary file created in findaffix

+# and munchlist.

+#

+# Revision 1.2  2001/10/05 14:22:25  ed

+# Imported 3.2.06.epa1 release.  This was previously developed using

+# sporadic RCS for certain files, but I'm not really bothered about

+# rolling back beyond this release.

+#

 # Revision 1.61  2001/07/25 21:51:46  geoff

 # Minor license update.

 #

@@ -153,15 +153,18 @@

 # Get rid of all old RCS log lines in preparation for the 3.1 release.

 #

 #

+

+TDIR=${TMPDIR-/tmp}/munchlist$$

+( umask 077 && mkdir ${TDIR} || ( echo "can't mkdir " ${TDIR} 1>&2 ; exit 1 ) )

+TMP=${TDIR}/munch$$

+

 if [ "X$MUNCHMAIL" != X ]

 then

-    exec 2> /tmp/munchlist.mail

+    exec 2> ${TDIR}/munchlist.mail

     echo "munchlist $*" 1>&2

     set -vx

 fi

 LIBDIR=!!LIBDIR!!

-TDIR=${TMPDIR-/usr/tmp}

-TMP=${TDIR}/munch$$

 SORTTMP="-T ${TDIR}"			# !!SORTTMP!!

 #

@@ -318,7 +321,7 @@ then

     verbose=true

     debug=yes

 fi

-trap "/bin/rm -f ${TMP}*; exit 1" 1 2 13 15

+trap "/bin/rm -rf ${TDIR}; exit 1" 1 2 13 15

 #

 # Names of temporary files.  This is just to make the code a little easier

 # to read.

@@ -381,7 +384,7 @@ case "X$convtabs" in

 esac

 echo 'QQQQQQQQ' > $FAKEDICT

 $BUILDHASH -s $FAKEDICT $convtabs $FAKEHASH \

-  ||  (echo "Couldn't create fake hash file" 1>&2; /bin/rm -f ${TMP}*; exit 1) \

+  ||  (echo "Couldn't create fake hash file" 1>&2; /bin/rm -rf ${TDIR}; exit 1) \

   ||  exit 1

 #

 # Figure out how 'sort' sorts signed fields, for arguments to ijoin.

@@ -435,7 +438,7 @@ case "$convtabs" in

     *)

 	$BUILDHASH -s $FAKEDICT $langtabs $FAKEHASH \

 	  ||  (echo "Couldn't create fake hash file" 1>&2; \

-		/bin/rm -f ${TMP}*; exit 1) \

+		/bin/rm -rf ${TDIR}; exit 1) \

 	  ||  exit 1

 	;;

 esac

@@ -736,10 +739,10 @@ ENDOFAWKSCRIPT

 	    then

 		(

 		ls -ld ${TDIR}/[A-Z]*

-		cat /tmp/munchlist.mail

+		cat ${TDIR}/munchlist.mail

 		) | mail "$MUNCHMAIL"

-		/bin/rm -f /tmp/munchlist.mail

 	    fi

+	    /bin/rm -rf ${TDIR}

 	    exit 1

 	fi

     done

@@ -820,7 +823,7 @@ if [ -s $MINIMALAFFIXES ]

 then

     $BUILDHASH -s $MINIMALAFFIXES $langtabs $FAKEHASH > /dev/null \

       ||  (echo "Couldn't create intermediate hash file" 1>&2;

-	/bin/rm -f ${TMP}*;

+	/bin/rm -rf ${TDIR};

 	exit 1) \

       ||  exit 1

     if [ "$debug" = yes ]

@@ -842,8 +845,8 @@ if [ "X$MUNCHMAIL" != X ]

 then

     (

     ls -ld ${TDIR}/[A-Z]*

-    cat /tmp/munchlist.mail

+    cat ${TDIR}/munchlist.mail

     ) | mail "$MUNCHMAIL"

-    /bin/rm -f /tmp/munchlist.mail

 fi

+rm -rf ${TDIR}

 exit 0

--- ispell-3.2.06/findaffix.X	2001-07-25 21:51:46 +0000

+++ ispell-3.2.06.epa7/findaffix.X	2003-11-09 17:27:50 +0000

@@ -1,6 +1,6 @@

 : Use /bin/sh

 #

-# $Id: findaffix.X,v 1.18 2001/07/25 21:51:46 geoff Exp $

+# $Id: findaffix.X,v 1.3 2003/11/09 17:27:50 ed Exp $

 #

 # Copyright 1992, 1993, 1999, 2001, Geoff Kuenning, Claremont, CA

 # All rights reserved.

@@ -18,16 +18,7 @@

 #    such.  Binary redistributions based on modified source code

 #    must be clearly marked as modified versions in the documentation

 #    and/or other materials provided with the distribution.

-# 4. Any web site or other electronic service that offers ispell for

-#    download or other electronic transfer as a separate entity, in

-#    either source or binary form, must also include a prominent statement

-#    indicating that information about ispell can be obtained from the

-#    following Web site URL:

-#	http://fmg-www.cs.ucla.edu/geoff/ispell.html

-#    If the offering service supports hyperlinks, the aforementioned

-#    Web site must also be offered as a hyperlink.  Condition #4 does

-#    not apply if ispell is offered only as part of a larger, aggregated

-#    product such as a word processor or packaged operating system.

+# (clause 4 removed with permission from Geoff Kuenning)

 # 5. The name of Geoff Kuenning may not be used to endorse or promote

 #    products derived from this software without specific prior

 #    written permission.

@@ -118,6 +109,15 @@

 #	should be translated to lowercase before being fed to this script.

 #

 # $Log: findaffix.X,v $

+# Revision 1.3  2003/11/09 17:27:50  ed

+# Fix (based on Debian's) for insecure temporary file created in findaffix

+# and munchlist.

+#

+# Revision 1.2  2001/10/05 14:22:25  ed

+# Imported 3.2.06.epa1 release.  This was previously developed using

+# sporadic RCS for certain files, but I'm not really bothered about

+# rolling back beyond this release.

+#

 # Revision 1.18  2001/07/25 21:51:46  geoff

 # Minor license update.

 #

@@ -131,7 +131,8 @@

 # Get rid of all old RCS log lines in preparation for the 3.1 release.

 #

 #

-TDIR=${TMPDIR-/usr/tmp}

+TDIR=${TMPDIR-/tmp}/findaffix$$

+( umask 077 && mkdir ${TDIR} || ( echo "can't mkdir " ${TDIR} 1>&2 ; exit 1 ) )

 TMP=${TDIR}/faff$$

 SORTTMP="-T ${TDIR}"			# !!SORTTMP!!

 USAGE='Usage:  findaffix [-p | -s] [-f] [-c] [-e elim] [-m min] [-M max] [-l low] [-t tabch] [files]'

@@ -213,8 +214,8 @@ do

 	    ;;

     esac

 done

-trap "/bin/rm -f ${TMP}*; exit 1" 1 2 15

-trap "/bin/rm -f ${TMP}*; exit 0" 13

+trap "/bin/rm -rf ${TDIR}; exit 1" 1 2 15

+trap "/bin/rm -rf ${TDIR}; exit 0" 13

 #

 # We are ready to do the work.  First, we collect all input, translate it

 # to lowercase, sort it (dropping duplications), and save it for later.

@@ -304,4 +305,4 @@ join "-t$tabch" -o 1.2 2.2 2.3 ${TMP}a $

     else

 	exec cat

     fi

-/bin/rm -f ${TMP}?

+rm -rf ${TDIR}