summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--lib/libalpm/add.c10
-rw-r--r--lib/libalpm/package.c15
2 files changed, 20 insertions, 5 deletions
diff --git a/lib/libalpm/add.c b/lib/libalpm/add.c
index a60b0633..689172c5 100644
--- a/lib/libalpm/add.c
+++ b/lib/libalpm/add.c
@@ -447,17 +447,20 @@ int add_commit(pmtrans_t *trans, pmdb_t *db)
if(nb) {
char *temp;
char *md5_local, *md5_pkg;
+ int fd;
- md5_local = MDFile(expath);
/* extract the package's version to a temporary file and md5 it */
temp = strdup("/tmp/alpm_XXXXXX");
- mkstemp(temp);
+ fd = mkstemp(temp);
if(tar_extract_file(tar, temp)) {
alpm_logaction("could not extract %s (%s)", pathname, strerror(errno));
errors++;
- FREE(md5_local);
+ unlink(temp);
+ FREE(temp);
+ close(fd);
continue;
}
+ md5_local = MDFile(expath);
md5_pkg = MDFile(temp);
/* append the new md5 hash to it's respective entry in info->backup
* (it will be the new orginal)
@@ -550,6 +553,7 @@ int add_commit(pmtrans_t *trans, pmdb_t *db)
FREE(md5_orig);
unlink(temp);
FREE(temp);
+ close(fd);
} else {
if(!notouch) {
_alpm_log(PM_LOG_FLOW2, "extracting %s", pathname);
diff --git a/lib/libalpm/package.c b/lib/libalpm/package.c
index f657df41..777d9353 100644
--- a/lib/libalpm/package.c
+++ b/lib/libalpm/package.c
@@ -279,32 +279,41 @@ pmpkg_t *pkg_load(char *pkgfile)
}
if(!strcmp(th_get_pathname(tar), ".PKGINFO")) {
char *descfile;
+ int fd;
/* extract this file into /tmp. it has info for us */
descfile = strdup("/tmp/alpm_XXXXXX");
- mkstemp(descfile);
+ fd = mkstemp(descfile);
tar_extract_file(tar, descfile);
/* parse the info file */
if(parse_descfile(descfile, info, 0) == -1) {
_alpm_log(PM_LOG_ERROR, "could not parse the package description file");
pm_errno = PM_ERR_PKG_INVALID;
+ unlink(descfile);
FREE(descfile);
+ close(fd);
goto error;
}
if(!strlen(info->name)) {
_alpm_log(PM_LOG_ERROR, "missing package name in %s", pkgfile);
pm_errno = PM_ERR_PKG_INVALID;
+ unlink(descfile);
FREE(descfile);
+ close(fd);
goto error;
}
if(!strlen(info->version)) {
_alpm_log(PM_LOG_ERROR, "missing package version in %s", pkgfile);
pm_errno = PM_ERR_PKG_INVALID;
+ unlink(descfile);
FREE(descfile);
+ close(fd);
goto error;
}
config = 1;
+ unlink(descfile);
FREE(descfile);
+ close(fd);
continue;
} else if(!strcmp(th_get_pathname(tar), "._install") || !strcmp(th_get_pathname(tar), ".INSTALL")) {
info->scriptlet = 1;
@@ -314,10 +323,11 @@ pmpkg_t *pkg_load(char *pkgfile)
FILE *fp;
char *fn;
char *str;
+ int fd;
MALLOC(str, PATH_MAX);
fn = strdup("/tmp/alpm_XXXXXX");
- mkstemp(fn);
+ fd = mkstemp(fn);
tar_extract_file(tar, fn);
fp = fopen(fn, "r");
while(!feof(fp)) {
@@ -333,6 +343,7 @@ pmpkg_t *pkg_load(char *pkgfile)
_alpm_log(PM_LOG_WARNING, "could not remove tempfile %s", fn);
}
FREE(fn);
+ close(fd);
filelist = 1;
continue;
} else {