From 38186d678fae2781c441c2e9273d97243647a7ad Mon Sep 17 00:00:00 2001
From: Gerd Moellmann <gerd@gnu.org>
Date: Wed, 3 Jan 2001 12:04:06 +0000
Subject: [PATCH] Avoid security hole allowing attacker to cause user of
 rcs2log to overwrite arbitrary files, fixing a bug reported by Morten
 Welinder.

Don't put "exit 1" at the end of the exit trap; it's
ineffective in POSIX shells.
---
 lib-src/rcs2log | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/lib-src/rcs2log b/lib-src/rcs2log
index f41552e110d..dd49a04f3c2 100755
--- a/lib-src/rcs2log
+++ b/lib-src/rcs2log
@@ -28,7 +28,7 @@ Options:
 
 Report bugs to <bug-gnu-emacs@gnu.org>.'
 
-Id='$Id: rcs2log,v 1.44 1998/08/12 14:22:14 eggert Exp eggert $'
+Id='$Id: rcs2log,v 1.46 2001/01/02 18:50:14 eggert Exp $'
 
 # Copyright 1992, 93, 94, 95, 96, 97, 1998 Free Software Foundation, Inc.
 
@@ -300,10 +300,12 @@ case $# in
 	esac
 esac
 
-llogout=$TMPDIR/rcs2log$$l
-rlogout=$TMPDIR/rcs2log$$r
+logdir=$TMPDIR/rcs2log$$
+llogout=$logdir/l
+rlogout=$logdir/r
 trap exit 1 2 13 15
-trap "rm -f $llogout $rlogout; exit 1" 0
+trap "rm -fr $logdir 2>/dev/null" 0
+(umask 077 && exec mkdir $logdir) || exit
 
 case $datearg in
 ?*) $rlog $rlog_options "$datearg" ${1+"$@"} >$rlogout;;
@@ -670,7 +672,7 @@ $AWK '
 
 # Exit successfully.
 
-exec rm -f $llogout $rlogout
+exec rm -fr $logdir
 
 # Local Variables:
 # tab-width:4
-- 
2.39.5