File aview-1.3.0-tmpvuln.diff of Package aalib
--- aview-1.3.0/asciiview
+++ aview-1.3.0/asciiview
@@ -1,13 +1,19 @@
#!/bin/bash
# asciiview - an ascii art image browser script. Front end for aview/aaflip
+
clear()
{
kill $! 2>/dev/null
- rm -f /tmp/aview$$.pgm 2>/dev/null
+ if [ -n $ATMPDIR -a -d $ATMPDIR ]; then
+ rm -f $ATMPDIR/aview$$.pgm 2>/dev/null && rmdir $ATMPDIR 2>/dev/null
+ else
+ echo "Cannot remove temporary directory $ATMPDIR"
+ exit 1
+ fi
}
myconvert()
{
- if anytopnm $1 >/tmp/aview$$.pgm 2>/dev/null ; then
+ if anytopnm $1 >$ATMPDIR/aview$$.pgm 2>/dev/null ; then
exit
elif convert -colorspace gray $1 pgm:- 2>/dev/null ; then
exit
@@ -50,9 +56,10 @@
;;
esac
done
+ATMPDIR=`mktemp -d` || exit 1
trap clear 0
-mkfifo /tmp/aview$$.pgm
-outfile=/tmp/aview$$.pgm
+mkfifo $ATMPDIR/aview$$.pgm
+outfile=$ATMPDIR/aview$$.pgm
for name in $filenames ; do
if test -r $name ; then
case $name in
@@ -61,10 +68,10 @@
aaflip $options $name
;;
*)
- myconvert $name >/tmp/aview$$.pgm &
+ myconvert $name >$ATMPDIR/aview$$.pgm &
pid=$!
PATH="$PATH:."
- aview $options /tmp/aview$$.pgm
+ aview $options $ATMPDIR/aview$$.pgm
kill $pid 2>/dev/null
esac
else