# $OpenBSD: SECURITY,v 1.1.1.1 1999/08/24 22:49:10 marc Exp $

${WRKDIR}/file.c

ports/print/mpage/patches/patch-ab was made to fix mktemp(3).
ianm@cit.nepean.uws.edu.au

--- file.c.orig	Wed Nov 26 10:14:31 1997
+++ file.c	Mon Aug 16 20:40:45 1999
@@ -145,6 +145,7 @@
     char tmpfile[LINESIZE];
     char buffer[LINESIZE];
     int incnt, outcnt;
+    int fdd;
 
     if (opt_pr) {
         Debug(DB_STDIN, "%%do_stdin: pr option selects text\n", 0);
@@ -154,8 +155,10 @@
          * a temporary file; this temporary file will then
          * be used as input to the do_doc routine
          */
-        (void)strcpy(tmpfile, "/usr/tmp/mpageXXXXXX");
-        (void)mktemp(tmpfile);
+        (void)strcpy(tmpfile, "/tmp/mpage.XXXXXX");
+
+           fdd = mkstemp(tmpfile); 
+
         if (opt_header != NULL)
             (void)sprintf(command, "pr -l%d -w%d -h \"%s\"> %s",
                       asheet->sh_plength, asheet->sh_cwidth,
@@ -194,8 +197,11 @@
          * now open the temporary file and use do_doc to
          * convert it to PS
          */
-        if ((fd = fopen(tmpfile, "r")) == NULL) {
+
+        if ((fd = fdopen(fdd, "r")) == NULL) {
             fprintf(stderr, "%s: cannot open %s\n", MPAGE, tmpfile);
+		unlink(tmpfile);
+		close(fdd);
             perror(MPAGE);
         } else {
             Debug(DB_STDIN, "%% got tmpfile, now do_doc\n", 0);
@@ -207,6 +213,7 @@
          */
         Debug(DB_STDIN, "%% now remove '%s'\n", tmpfile);
         (void)unlink(tmpfile);
+	close(fdd);
     }
     else {
         /*
