@@ -37,7 +37,9 @@
# token marks the end of a list. The third column is the name to print in
# error messages.
-cat > /tmp/ka$$ <<\!
+: "${TMPDIR:=/tmp}"
+
+cat > "${TMPDIR}"/ka$$ <<\!
TEOF 1 end of file
TNL 0 newline
TSEMI 0 ";"
@@ -68,28 +70,28 @@ TWHILE 0 "while"
TBEGIN 0 "{"
TEND 1 "}"
!
-nl=`wc -l /tmp/ka$$`
+nl=`wc -l "${TMPDIR}"/ka$$`
exec > token.h
-awk '{print "#define " $1 " " NR-1}' /tmp/ka$$
+awk '{print "#define " $1 " " NR-1}' "${TMPDIR}"/ka$$
exec > token_vars.h
echo '
/* Array indicating which tokens mark the end of a list */
static const char tokendlist[] = {'
-awk '{print "\t" $2 ","}' /tmp/ka$$
+awk '{print "\t" $2 ","}' "${TMPDIR}"/ka$$
echo '};
static const char *const tokname[] = {'
sed -e 's/"/\\"/g' \
-e 's/[^ ]*[ ][ ]*[^ ]*[ ][ ]*\(.*\)/ "\1",/' \
- /tmp/ka$$
+ "${TMPDIR}"/ka$$
echo '};
'
-sed 's/"//g' /tmp/ka$$ | awk '
+sed 's/"//g' "${TMPDIR}"/ka$$ | awk '
/TNOT/{print "#define KWDOFFSET " NR-1; print "";
print "static const char *const parsekwd[] = {"}
/TNOT/,/neverfound/{if (last) print " \"" last "\","; last = $3}
END{print " \"" last "\"\n};"}'
-rm /tmp/ka$$
+rm "${TMPDIR}"/ka$$
The mktokens script fails when /tmp isn't writable (e.g., when building in a sandbox with a different TMPDIR). Replace absolute references to /tmp to relative references to TMPDIR. If TMPDIR is unset or null, default to /tmp. The mkbuiltins script was already hardened to work relative to TMPDIR, also defaulting to /tmp. v2 ensures that TMPDIR is quoted. v3 adds an extra quotation that prevents extra pathname expansions. Signed-off-by: Michael Greenberg <michael.greenberg@pomona.edu>