generate-expr-from-tarballs.pl: fix insecure temporary file

https://cwe.mitre.org/data/definitions/377.html
author: TredwellGit <tredwell@tutanota.com> 2020-09-30 09:21:55 +0000
committer: TredwellGit <tredwell@tutanota.com> 2020-09-30 09:21:55 +0000
commit: 52354375333001cbcbd4f97373e7f2ac3a5c33c1 (patch)
tree: fb906c47d49def4ecdab1c6274a7bc1fc80533bc /pkgs/servers/x11
parent: d7702e0dbab81a24c27b57d26ddb613f6d451749 (diff)
1 files changed, 2 insertions, 4 deletions
diff --git a/pkgs/servers/x11/xorg/generate-expr-from-tarballs.pl b/pkgs/servers/x11/xorg/generate-expr-from-tarballs.pl
index 8bed3fc6d09c..ba33623b4956 100755
--- a/pkgs/servers/x11/xorg/generate-expr-from-tarballs.pl
+++ b/pkgs/servers/x11/xorg/generate-expr-from-tarballs.pl
@@ -11,8 +11,7 @@ use warnings;
 
 use File::Basename;
 use File::Spec::Functions;
-
-my $tmpDir = "/tmp/xorg-unpack";
+use File::Temp;
 
 
 my %pkgURLs;
@@ -93,8 +92,7 @@ while (<>) {
     $pkgHashes{$pkg} = $hash;
 
     print "\nunpacking $path\n";
-    system "rm -rf '$tmpDir'";
-    mkdir $tmpDir, 0700;
+    my $tmpDir = File::Temp->newdir();
     system "cd '$tmpDir' && tar xf '$path'";
     die "cannot unpack `$path'" if $? != 0;
     print "\n";
author	TredwellGit <tredwell@tutanota.com>	2020-09-30 09:21:55 +0000
committer	TredwellGit <tredwell@tutanota.com>	2020-09-30 09:21:55 +0000
commit	52354375333001cbcbd4f97373e7f2ac3a5c33c1 (patch)
tree	fb906c47d49def4ecdab1c6274a7bc1fc80533bc /pkgs/servers/x11
parent	d7702e0dbab81a24c27b57d26ddb613f6d451749 (diff)