mktemp() vulnerability removed.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_4@795 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

ChangeLog

@@ -1,3 +1,11 @@
+Thu Jun 29 18:57:05 2000  Koga Youichirou <y-koga@mms.mt.nec.co.jp>
+
+	* ruby.c (proc_options): mktemp() vulnerability removed.
+
+Wed Jun 28 14:52:28 2000  Koga Youichirou <y-koga@mms.mt.nec.co.jp>
+
+	* config.sub: NetBSD/hpcmips support.
+
 Wed Jun 28 09:30:09 2000  WATANABE Hirofumi  <eban@os.rim.or.jp>
 
 	* cygwin/GNUmakefile: add $(LIBS).

config.sub

@@ -525,6 +525,10 @@ case $basic_machine in
 		basic_machine=i386-unknown
 		os=-netbsd
 		;;
+	hpcmips*-*)
+		basic_machine=hpcmips-unknown
+		os=-netbsd
+		;;
 	netwinder)
 		basic_machine=armv4l-corel
 		os=-linux

ruby.c

@@ -19,6 +19,7 @@
 #include <stdio.h>
 #include <sys/types.h>
 #include <ctype.h>
+#include <fcntl.h>
 
 #ifdef __hpux
 #include <sys/pstat.h>
@@ -342,9 +343,14 @@ proc_options(argcp, argvp)
 		exit(2);
 	    }
 	    if (!e_fp) {
+		int fd;
 		e_tmpname = ruby_mktemp();
 		if (!e_tmpname) rb_fatal("Can't mktemp");
-		e_fp = fopen(e_tmpname, "w");
+		fd = open(e_tmpname, O_CREAT|O_EXCL|O_RDWR, 0600);
+		if (fd < 0) {
+		    rb_fatal("Cannot open temporary file: %s", e_tmpname);
+		}
+		e_fp = fdopen(fd, "w");
 		if (!e_fp) {
 		    rb_fatal("Cannot open temporary file: %s", e_tmpname);
 		}