1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
#! /bin/sh /usr/share/dpatch/dpatch-run
## 100-fix-insecure-tempfiles.dpatch by Andreas Putzo <andreas@putzo.net>
##
## DP: Fix insecure tempfile creation in geo-code.
## DP: Thanks Moritz Muehlenhoff <jmm@inutil.org>.
@DPATCH@
diff -urNad gpsdrive-2.10~pre4-6.dfsg~/scripts/geo-code gpsdrive-2.10~pre4-6.dfsg/scripts/geo-code
--- gpsdrive-2.10~pre4-6.dfsg~/scripts/geo-code 2007-09-14 21:47:07.000000000 +0000
+++ gpsdrive-2.10~pre4-6.dfsg/scripts/geo-code 2008-12-28 17:47:39.000000000 +0000
@@ -83,6 +83,7 @@
#
error() {
echo "`basename $PROGNAME`: $1" >&2
+ remove_cruft
exit 1
}
@@ -130,8 +131,9 @@
a) SQLMATCH=all;;
D) DEBUG="$OPTARG";;
U) echo "Getting latest version of this script..."
- curl -o$UPDATEcodeFILE "$UPDATEcodeURL"
- echo "Latest version is in $UPDATEcodeFILE"
+ destdir=`mktemp -d`
+ curl -o$destdir/$UPDATEcodeFILE "$UPDATEcodeURL"
+ echo "Latest version is in $destdir/$UPDATEcodeFILE"
exit
;;
h|\?) usage;;
@@ -239,7 +241,7 @@
# procedure to remove cruft files
#
remove_cruft() {
- for i in $STYLE $COORDS $OUTWAY $MAP
+ for i in $STYLE $COORDS $OUTWAY $MAP $TMP
do
[ -f $i ] && rm -f $i
done
@@ -248,11 +250,11 @@
#
# Main Program
#
-TMP=/tmp/geo$$
-STYLE=${TMP}.style
-COORDS=${TMP}.coords
-OUTWAY=${TMP}.way
-MAP=${TMP}.gif
+TMP=`mktemp -d`
+STYLE=${TMP}/style
+COORDS=${TMP}/coords
+OUTWAY=${TMP}/way
+MAP=${TMP}/gif
UA="Mozilla/5.0"
if [ "$GURL" != "" ]; then
@@ -269,7 +271,6 @@
| head -n1 \
`
if [ "$URL" = "" ]; then
- cp $COORDS /tmp/geo.google
error "Unable to lookup telephone number or name with Google"
else
URL="http://maps.yahoo.com/$URL"
@@ -295,7 +296,7 @@
fi
if [ $DEBUG -gt 0 ]; then
- filter="tee /tmp/geo.yahoo"
+ filter="tee `mktemp`"
else
filter=cat
fi
@@ -306,9 +307,9 @@
-e 's/.*slt=\([^%]*\).*sln=\([^%]*\).*Create.*/\1 \2/p' \
> $COORDS
-if [ $DEBUG -gt 0 ]; then
- cp $COORDS /tmp/geo.coords
-fi
+#if [ $DEBUG -gt 0 ]; then
+# cp -d $COORDS /tmp/geo.coords
+#fi
#
# Convert the coords, address, and type to the desired
|
