--- lhasa-0.0.7.orig/debian/changelog +++ lhasa-0.0.7/debian/changelog @@ -0,0 +1,44 @@ +lhasa (0.0.7-2+deb7u1ubuntu0.14.04.1) trusty-security; urgency=medium + + * Security merge from Debian + * Backport and applied inline patches from debian to fix tests from using /tmp, + causing the package to FTBFS. + + d/p/use_mktemp_for_tests_1, d/p/use_mktemp_for_tests_2 - Origin: + https://anonscm.debian.org/cgit/collab-maint/lhasa.git/commit/?id=9332aeaa50f66c9db3210d0dea5c6c903aba5316 + + -- Steve Beattie Fri, 19 Aug 2016 15:00:31 -0700 + +lhasa (0.0.7-2+deb7u1) wheezy-security; urgency=high + + * Backport a patch from 0.3.1 to fix an integer underflow + vulnerability in the code for doing LZH level 3 header + decodes (TALOS-CAN-0095). Thanks go to Marcin Noga and + Regina Wilson of Cisco TALOS for reporting this + vulnerability. + + -- Jonathan Dowland Fri, 01 Apr 2016 06:29:51 +0100 + +lhasa (0.0.7-2) unstable; urgency=low + + * Include some missing headers in the -dev package. + + -- Jon Dowland Wed, 06 Jun 2012 13:59:47 +0100 + +lhasa (0.0.7-1) unstable; urgency=low + + * New upstream version. + + -- Jon Dowland Sun, 03 Jun 2012 09:55:08 +0100 + +lhasa (0.0.6-2) unstable; urgency=low + + * correct liblhasa-dev to depend on liblhasa0. + Thanks Aaron M. Ucko. Closes: #674438. + + -- Jon Dowland Thu, 24 May 2012 17:14:47 +0100 + +lhasa (0.0.6-1) unstable; urgency=low + + * Initial package. Closes: #671154. + + -- Jon Dowland Tue, 22 May 2012 23:05:51 +0100 --- lhasa-0.0.7.orig/debian/compat +++ lhasa-0.0.7/debian/compat @@ -0,0 +1 @@ +8 --- lhasa-0.0.7.orig/debian/control +++ lhasa-0.0.7/debian/control @@ -0,0 +1,57 @@ +Source: lhasa +Section: utils +Priority: optional +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Jon Dowland +Build-Depends: debhelper (>= 9.20120115), automake (>= 1:1.11.3), + autoconf (>= 2.68), libtool (>= 2.4.2) +Standards-Version: 3.9.3 +Homepage: http://fragglet.github.com/lhasa/ +Vcs-Browser: http://git.debian.org/?p=collab-maint/lhasa.git +Vcs-Git: git://git.debian.org/git/collab-maint/lhasa.git + +Package: lhasa +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, liblhasa0 (= ${binary:Version}) +Conflicts: lha (<< 1.14i-10.4) +Description: lzh archive decompressor + Lhasa lha is a tool for parsing LHA (.lzh) archives and a free + replacement for the Unix LHA tool. + . + Currently it is only possible to read from (ie. decompress) archives; + generating (compressing) LHA archives may be an enhancement for future + versions. The aim is to be compatible with as many different variants + of the LHA file format as possible, including LArc (.lzs) and + PMarc (.pma). + . + The command line tool aims to be interface-compatible with the non-free + Unix LHA tool (command line syntax and output), for backwards + compatibility with tools that expect particular output. + +Package: liblhasa-dev +Section: libdevel +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, liblhasa0 (= ${binary:Version}) +Description: lzh decompression library - development files + Lhasa is a library for parsing LHA (.lzh) archives and a free + replacement for the Unix LHA tool. + . + Currently it is only possible to read from (ie. decompress) archives; + generating (compressing) LHA archives may be an enhancement for future + versions. The aim is to be compatible with as many different variants + of the LHA file format as possible, including LArc (.lzs) and PMarc + (.pma). + +Package: liblhasa0 +Section: libs +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: lzh archive decompression library + Lhasa is a library for parsing LHA (.lzh) archives and a free + replacement for the Unix LHA tool. + . + Currently it is only possible to read from (ie. decompress) archives; + generating (compressing) LHA archives may be an enhancement for future + versions. The aim is to be compatible with as many different variants + of the LHA file format as possible, including LArc (.lzs) and PMarc + (.pma). --- lhasa-0.0.7.orig/debian/copyright +++ lhasa-0.0.7/debian/copyright @@ -0,0 +1,22 @@ +Files: * +Copyright: Copyright © 2011, 2012, Simon Howard +License: ISC + +Files: debian/* +Copyright: Copyright © 2012 Jon Dowland +License: ISC + +License: ISC + Permission to use, copy, modify, and/or distribute this software + for any purpose with or without fee is hereby granted, provided + that the above copyright notice and this permission notice appear + in all copies. + . + THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL + WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR + CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, + NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. --- lhasa-0.0.7.orig/debian/lhasa.install +++ lhasa-0.0.7/debian/lhasa.install @@ -0,0 +1 @@ +usr/bin/lhasa usr/bin --- lhasa-0.0.7.orig/debian/lhasa.manpages +++ lhasa-0.0.7/debian/lhasa.manpages @@ -0,0 +1 @@ +debian/tmp/usr/share/man/man1/lhasa.1 --- lhasa-0.0.7.orig/debian/lhasa.postinst +++ lhasa-0.0.7/debian/lhasa.postinst @@ -0,0 +1,22 @@ +#!/bin/sh +set -e + +case "$1" in + configure|abort-upgrade) + update-alternatives --install /usr/bin/lha lha /usr/bin/lhasa 30 \ + --slave /usr/share/man/man1/lha.1.gz lha.1.gz /usr/share/man/man1/lhasa.1.gz + + ;; + + abort-remove|abort-deconfigure) + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +#DEBHELPER# + +exit 0 --- lhasa-0.0.7.orig/debian/lhasa.prerm +++ lhasa-0.0.7/debian/lhasa.prerm @@ -0,0 +1,20 @@ +#!/bin/sh +set -e + +case "$1" in + remove) + update-alternatives --remove lha /usr/bin/lhasa + ;; + + upgrade|deconfigure|failed-upgrade) + ;; + + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +#DEBHELPER# + +exit 0 --- lhasa-0.0.7.orig/debian/liblhasa-dev.install +++ lhasa-0.0.7/debian/liblhasa-dev.install @@ -0,0 +1,7 @@ +usr/include/liblhasa-1.0/lha_input_stream.h usr/include/liblhasa-1.0 +usr/include/liblhasa-1.0/lha_reader.h usr/include/liblhasa-1.0 +usr/include/liblhasa-1.0/lha_file_header.h usr/include/liblhasa-1.0 +usr/include/liblhasa-1.0/lha_decoder.h usr/include/liblhasa-1.0 +usr/include/liblhasa-1.0/lhasa.h usr/include/liblhasa-1.0 +usr/lib/liblhasa.a usr/lib +usr/lib/liblhasa.so usr/lib --- lhasa-0.0.7.orig/debian/liblhasa0.install +++ lhasa-0.0.7/debian/liblhasa0.install @@ -0,0 +1,2 @@ +usr/lib/liblhasa.so.0.0.0 usr/lib +usr/lib/liblhasa.so.0 usr/lib --- lhasa-0.0.7.orig/debian/patches/use_mktemp_for_tests_1 +++ lhasa-0.0.7/debian/patches/use_mktemp_for_tests_1 @@ -0,0 +1,166 @@ +commit d42ed05f3842dae9064d8801ff9969f0556794e0 +Author: Jonathan Dowland +Date: Fri Jul 4 17:52:57 2014 +0100 + + Stop using predictable paths under /tmp for tests + + Most of the tests use predicable paths for intermediate files in /tmp. + This is a problem on multi-user systems, as it makes the test suite + vulnerable to symlink attacks. It may also cause problems with things + like buildds. + + All tests except 'test-extract' are fixed in this patch (that's a + bigger piece of work). + +[Ubuntu note: patch has dropped changes to test/test-print from upstream +commit, as it does not exist in this version. --sbeattie] + +diff --git a/test/test-crc-output b/test/test-crc-output +index cfa8331..7ed7c39 100755 +--- a/test/test-crc-output ++++ b/test/test-crc-output +@@ -38,23 +38,24 @@ test_archive() { + + # CRC test: + +- test_lha t archives/$archive > /tmp/t.txt ++ wd=$(mktemp -td test-crc-output.XXXXXX) ++ test_lha t archives/$archive > "$wd/t.txt" + +- if ! diff -u output/$archive-t.txt /tmp/t.txt; then ++ if ! diff -u output/$archive-t.txt "$wd/t.txt"; then + fail "Output not as expected for lha t $archive" + fi + +- rm -f /tmp/t.txt ++ rm -f "$wd/t.txt" + + # Perform the same test, reading from stdin. + +- test_lha t - < archives/$archive > /tmp/t.txt ++ test_lha t - < archives/$archive > "$wd/t.txt" + +- if ! diff -u output/$archive-t.txt /tmp/t.txt; then ++ if ! diff -u output/$archive-t.txt "$wd/t.txt"; then + fail "Output not as expected for lha t - < $archive" + fi + +- rm -f /tmp/t.txt ++ rm -f "$wd/t.txt" + } + + # Length-specific tests: +diff --git a/test/test-decompress b/test/test-decompress +index fbce80b..727cb55 100755 +--- a/test/test-decompress ++++ b/test/test-decompress +@@ -27,15 +27,16 @@ + test_archive() { + local archive=$1 + +- (echo "crc: $2"; echo "length: $3") > /tmp/expected.txt ++ wd=$(mktemp -td test-decompress.XXXXXX) ++ (echo "crc: $2"; echo "length: $3") > "$wd/expected.txt" + +- ./decompress-crc "archives/$archive" > /tmp/output.txt ++ ./decompress-crc "archives/$archive" > "$wd/output.txt" + +- if ! diff -u /tmp/expected.txt /tmp/output.txt; then ++ if ! diff -u "$wd/expected.txt" "$wd/output.txt"; then + fail "Output not as expected for $archive" + fi + +- rm -f /tmp/expected.txt /tmp/output.txt ++ rm -f "$wd/expected.txt" "$wd/output.txt" + } + + generate_test_line() { +diff --git a/test/test-dry-run b/test/test-dry-run +index 7596f1e..94f9bee 100755 +--- a/test/test-dry-run ++++ b/test/test-dry-run +@@ -22,6 +22,7 @@ + + . test_common.sh + ++ + test_dry_run() { + local option=$1 + local archive_file=$2 +@@ -31,18 +32,20 @@ test_dry_run() { + archive_file="archives/$archive_file" + fi + ++ wd=$(mktemp -td test-dry-run.XXXXXX) + # Only check the last line of output: + +- echo "$expected" > /tmp/expected.txt +- test_lha $option "$archive_file" > /tmp/output.txt ++ echo "$expected" > "$wd/expected.txt" ++ test_lha $option "$archive_file" > "$wd/output.txt" + +- tail -n 1 < /tmp/output.txt > /tmp/output2.txt ++ tail -n 1 < "$wd/output.txt" > "$wd/output2.txt" + +- if ! diff /tmp/expected.txt /tmp/output2.txt; then ++ if ! diff "$wd/expected.txt" "$wd/output2.txt"; then + fail "Output not as expected for $archive_file" + fi + +- rm -f /tmp/expected.txt /tmp/output.txt /tmp/output2.txt ++ rm -f "$wd/expected.txt" "$wd/output.txt" "$wd/output2.txt" ++ rmdir "$wd" || find "$wd" + } + + test_archive() { +diff --git a/test/test-file-headers b/test/test-file-headers +index 5eb0747..c90847e 100755 +--- a/test/test-file-headers ++++ b/test/test-file-headers +@@ -28,19 +28,20 @@ test_archive() { + local archive=$1 + local expected="output/$archive-hdr.txt" + +- ./dump-headers "archives/$archive" > /tmp/hdr.txt ++ wd=$(mktemp -td test-file-headers.XXXXXX) ++ ./dump-headers "archives/$archive" > "$wd/hdr.txt" + + if [ ! -e "$expected" ]; then + echo "New file: $expected" +- cp /tmp/hdr.txt "$expected" ++ cp "$wd/hdr.txt" "$expected" + cat "$expected" + fi + +- if ! diff -u "$expected" /tmp/hdr.txt; then ++ if ! diff -u "$expected" "$wd/hdr.txt"; then + fail "Output not as expected for $archive" + fi + +- rm -f /tmp/hdr.txt ++ rm -f "$wd/hdr.txt" + } + + test_archive larc333/lz4.lzs +diff --git a/test/test-list-output b/test/test-list-output +index d42fe04..2a40f40 100755 +--- a/test/test-list-output ++++ b/test/test-list-output +@@ -30,13 +30,14 @@ check_output() { + # Check the output for a particular option matches the expected + # output file. + +- test_lha "$@" > /tmp/tmp.txt ++ wd=$(mktemp -td test-list-output.XXXXXX) ++ test_lha "$@" > "$wd/tmp.txt" + +- if ! diff -u output/$expected /tmp/tmp.txt; then ++ if ! diff -u output/$expected "$wd/tmp.txt"; then + fail "Output not as expected for lha $*" + fi + +- rm -f /tmp/tmp.txt ++ rm -f "$wd/tmp.txt" + } + + gather_output() { --- lhasa-0.0.7.orig/debian/patches/use_mktemp_for_tests_2 +++ lhasa-0.0.7/debian/patches/use_mktemp_for_tests_2 @@ -0,0 +1,109 @@ +commit cd0afe2e78f68f8b91c30d115fddcc2f45f1e8e9 +Author: Jonathan Dowland +Date: Tue Oct 21 00:56:13 2014 +0100 + + test-extract: Use mktemp for working directory + + Adjust test-extract to use a working directory created using + mktemp, to avoid predictable filenames and symlink-attacks in + /tmp. + + This completes the work begun in d42ed05. + +diff --git a/test/test-extract b/test/test-extract +index 863368f..9cfa446 100755 +--- a/test/test-extract ++++ b/test/test-extract +@@ -22,9 +22,11 @@ + + . test_common.sh + +-run_sandbox=/tmp/extract1 +-w_sandbox=/tmp/extract2 +-gather_sandbox=/tmp/extract3 ++wd="$(mktemp -td lhasa-test-extract.XXXXX)" ++trap "rmdir '$wd'" INT EXIT ++run_sandbox="$wd/extract1" ++w_sandbox="$wd/extract2" ++gather_sandbox="$wd/extract3" + + remove_sandboxes() { + if [ -e "$run_sandbox" ]; then +@@ -208,9 +210,14 @@ lha_check_output() { + #echo "lha_check_output: $@" + local expected_output="$1" + shift ++ output="$wd/output.txt" + + cd "$run_sandbox" +- test_lha "$@" >/tmp/output.txt 2>&1 ++ test_lha "$@" >"$output" 2>&1 ++ ++ # test outputs have their test root as '/tmp'; adjust accordingly ++ sed -i "s,$wd,/tmp,g" "$output" ++ + cd "$test_base" + + if $GATHER && [ ! -e "$expected_output" ]; then +@@ -219,12 +226,12 @@ lha_check_output() { + cd "$test_base" + fi + +- if ! diff -u "$expected_output" /tmp/output.txt; then ++ if ! diff -u "$expected_output" "$output"; then + fail "Output not as expected for command:" \ + " lha $*" >&2 + fi + +- rm -f /tmp/output.txt ++ rm -f "$output" + } + + # Basic 'lha e' extract. +@@ -305,6 +312,7 @@ test_q1_option() { + shift + + make_sandboxes ++ expected="$wd/expected.txt" + + for filename in "$@"; do + local symlink=$(get_file_data "$archive_file" \ +@@ -314,14 +322,14 @@ test_q1_option() { + else + printf "\r$filename :\r$filename\t- Melted \n" + fi +- done >/tmp/expected.txt ++ done >"$expected" + +- lha_check_output /tmp/expected.txt \ ++ lha_check_output "$expected" \ + eq1 $(test_arc_file "$archive_file") + + check_exists "$archive_file" "$@" + +- rm -f /tmp/expected.txt ++ rm -f "$expected" + + remove_sandboxes + } +@@ -362,9 +370,9 @@ test_i_option() { + + sed 's/\(Symbolic Link \|\r\)\([A-Za-z0-9]*\/\)*/\1/g' \ + < "$test_base/output/$archive_file-e.txt" \ +- > /tmp/expected.txt ++ > "$expected" + +- lha_check_output /tmp/expected.txt \ ++ lha_check_output "$expected" \ + ei $(test_arc_file "$archive_file") + + for filename in "$@"; do +@@ -372,7 +380,7 @@ test_i_option() { + check_exists "$archive_file" "$base_filename" + done + +- rm -f /tmp/expected.txt ++ rm -f "$expected" + remove_sandboxes + } + --- lhasa-0.0.7.orig/debian/rules +++ lhasa-0.0.7/debian/rules @@ -0,0 +1,35 @@ +#!/usr/bin/make -f + +dhargs := --parallel + +%: + prefix="/usr" dh $@ $(dhargs) + +override_dh_auto_configure: + ./autogen.sh + dh_auto_configure $(dhargs) -- --program-suffix=sa + +override_dh_auto_test: + dh_auto_test $(dhargs) $@ -- VERBOSE=true + +override_dh_auto_clean: + dh_auto_clean $(dhargs) + rm -f autotools/missing \ + autotools/depcomp \ + autotools/config.guess \ + autotools/ltmain.sh \ + autotools/compile \ + autotools/config.sub \ + autotools/install-sh \ + INSTALL \ + Makefile.in \ + aclocal.m4 \ + config.hin \ + configure \ + doc/Makefile.in \ + lib/Makefile.in \ + lib/public/Makefile.in \ + pkg/Makefile.in \ + src/Makefile.in \ + test/Makefile.in + --- lhasa-0.0.7.orig/debian/source/format +++ lhasa-0.0.7/debian/source/format @@ -0,0 +1 @@ +1.0 --- lhasa-0.0.7.orig/lib/lha_file_header.c +++ lhasa-0.0.7/lib/lha_file_header.c @@ -277,6 +277,10 @@ size_t new_raw_len; uint8_t *result; + if (nbytes > LEVEL_3_MAX_HEADER_LEN) { + return NULL; + } + // Reallocate the header and raw_data area to be larger. new_raw_len = RAW_DATA_LEN(header) + nbytes; @@ -647,7 +651,8 @@ header_len = lha_decode_uint32(&RAW_DATA(header, 24)); - if (header_len > LEVEL_3_MAX_HEADER_LEN) { + if (header_len > LEVEL_3_MAX_HEADER_LEN + || header_len < RAW_DATA_LEN(header)) { return 0; } --- lhasa-0.0.7.orig/test/test-crc-output +++ lhasa-0.0.7/test/test-crc-output @@ -38,23 +38,24 @@ # CRC test: - test_lha t archives/$archive > /tmp/t.txt + wd=$(mktemp -td test-crc-output.XXXXXX) + test_lha t archives/$archive > "$wd/t.txt" - if ! diff -u output/$archive-t.txt /tmp/t.txt; then + if ! diff -u output/$archive-t.txt "$wd/t.txt"; then fail "Output not as expected for lha t $archive" fi - rm -f /tmp/t.txt + rm -f "$wd/t.txt" # Perform the same test, reading from stdin. - test_lha t - < archives/$archive > /tmp/t.txt + test_lha t - < archives/$archive > "$wd/t.txt" - if ! diff -u output/$archive-t.txt /tmp/t.txt; then + if ! diff -u output/$archive-t.txt "$wd/t.txt"; then fail "Output not as expected for lha t - < $archive" fi - rm -f /tmp/t.txt + rm -f "$wd/t.txt" } # Length-specific tests: --- lhasa-0.0.7.orig/test/test-decompress +++ lhasa-0.0.7/test/test-decompress @@ -27,15 +27,16 @@ test_archive() { local archive=$1 - (echo "crc: $2"; echo "length: $3") > /tmp/expected.txt + wd=$(mktemp -td test-decompress.XXXXXX) + (echo "crc: $2"; echo "length: $3") > "$wd/expected.txt" - ./decompress-crc "archives/$archive" > /tmp/output.txt + ./decompress-crc "archives/$archive" > "$wd/output.txt" - if ! diff -u /tmp/expected.txt /tmp/output.txt; then + if ! diff -u "$wd/expected.txt" "$wd/output.txt"; then fail "Output not as expected for $archive" fi - rm -f /tmp/expected.txt /tmp/output.txt + rm -f "$wd/expected.txt" "$wd/output.txt" } generate_test_line() { --- lhasa-0.0.7.orig/test/test-dry-run +++ lhasa-0.0.7/test/test-dry-run @@ -22,6 +22,7 @@ . test_common.sh + test_dry_run() { local option=$1 local archive_file=$2 @@ -31,18 +32,20 @@ archive_file="archives/$archive_file" fi + wd=$(mktemp -td test-dry-run.XXXXXX) # Only check the last line of output: - echo "$expected" > /tmp/expected.txt - test_lha $option "$archive_file" > /tmp/output.txt + echo "$expected" > "$wd/expected.txt" + test_lha $option "$archive_file" > "$wd/output.txt" - tail -n 1 < /tmp/output.txt > /tmp/output2.txt + tail -n 1 < "$wd/output.txt" > "$wd/output2.txt" - if ! diff /tmp/expected.txt /tmp/output2.txt; then + if ! diff "$wd/expected.txt" "$wd/output2.txt"; then fail "Output not as expected for $archive_file" fi - rm -f /tmp/expected.txt /tmp/output.txt /tmp/output2.txt + rm -f "$wd/expected.txt" "$wd/output.txt" "$wd/output2.txt" + rmdir "$wd" || find "$wd" } test_archive() { --- lhasa-0.0.7.orig/test/test-extract +++ lhasa-0.0.7/test/test-extract @@ -22,9 +22,11 @@ . test_common.sh -run_sandbox=/tmp/extract1 -w_sandbox=/tmp/extract2 -gather_sandbox=/tmp/extract3 +wd="$(mktemp -td lhasa-test-extract.XXXXX)" +trap "rmdir '$wd'" INT EXIT +run_sandbox="$wd/extract1" +w_sandbox="$wd/extract2" +gather_sandbox="$wd/extract3" remove_sandboxes() { if [ -e "$run_sandbox" ]; then @@ -229,9 +231,14 @@ #echo "lha_check_output: $@" local expected_output="$1" shift + output="$wd/output.txt" cd "$run_sandbox" - test_lha "$@" >/tmp/output.txt 2>&1 + test_lha "$@" >"$output" 2>&1 + + # test outputs have their test root as '/tmp'; adjust accordingly + sed -i "s,$wd,/tmp,g" "$output" + cd "$test_base" if $GATHER && [ ! -e "$expected_output" ]; then @@ -240,12 +247,12 @@ cd "$test_base" fi - if ! diff -u "$expected_output" /tmp/output.txt; then + if ! diff -u "$expected_output" "$output"; then fail "Output not as expected for command:" \ " lha $*" >&2 fi - rm -f /tmp/output.txt + rm -f "$output" } # Basic 'lha e' extract. @@ -322,6 +329,7 @@ shift make_sandboxes + expected="$wd/expected.txt" for filename in "$@"; do if [ "$filename" = "symlink" ]; then @@ -329,14 +337,14 @@ else printf "\r$filename :\r$filename\t- Melted \n" fi - done >/tmp/expected.txt + done >"$expected" - lha_check_output /tmp/expected.txt \ + lha_check_output "$expected" \ eq1 $(test_arc_file "$archive_file") check_exists "$archive_file" "$@" - rm -f /tmp/expected.txt + rm -f "$expected" remove_sandboxes } @@ -377,9 +385,9 @@ sed 's/[A-Za-z0-9\/]*\///g' \ < "$test_base/output/$archive_file-e.txt" \ - > /tmp/expected.txt + > "$expected" - lha_check_output /tmp/expected.txt \ + lha_check_output "$expected" \ ei $(test_arc_file "$archive_file") for filename in "$@"; do @@ -387,7 +395,7 @@ check_exists "$archive_file" "$base_filename" done - rm -f /tmp/expected.txt + rm -f "$expected" remove_sandboxes } --- lhasa-0.0.7.orig/test/test-file-headers +++ lhasa-0.0.7/test/test-file-headers @@ -28,19 +28,20 @@ local archive=$1 local expected="output/$archive-hdr.txt" - ./dump-headers "archives/$archive" > /tmp/hdr.txt + wd=$(mktemp -td test-file-headers.XXXXXX) + ./dump-headers "archives/$archive" > "$wd/hdr.txt" if [ ! -e "$expected" ]; then echo "New file: $expected" - cp /tmp/hdr.txt "$expected" + cp "$wd/hdr.txt" "$expected" cat "$expected" fi - if ! diff -u "$expected" /tmp/hdr.txt; then + if ! diff -u "$expected" "$wd/hdr.txt"; then fail "Output not as expected for $archive" fi - rm -f /tmp/hdr.txt + rm -f "$wd/hdr.txt" } test_archive larc333/lz4.lzs --- lhasa-0.0.7.orig/test/test-list-output +++ lhasa-0.0.7/test/test-list-output @@ -30,13 +30,14 @@ # Check the output for a particular option matches the expected # output file. - test_lha "$@" > /tmp/tmp.txt + wd=$(mktemp -td test-list-output.XXXXXX) + test_lha "$@" > "$wd/tmp.txt" - if ! diff -u output/$expected /tmp/tmp.txt; then + if ! diff -u output/$expected "$wd/tmp.txt"; then fail "Output not as expected for lha $*" fi - rm -f /tmp/tmp.txt + rm -f "$wd/tmp.txt" } gather_output() {