* Bug #15213, #18635: The use of the insecure m_scratch() and

[mmh] / uip / rcvtty.c

diff --git a/uip/rcvtty.c b/uip/rcvtty.c
index 12b73e7..333a3b2 100644 (file)
--- a/uip/rcvtty.c
+++ b/uip/rcvtty.c
@@ -176,10 +176,14 @@ main (int argc, char **argv)
 #ifdef HAVE_GETUTENT
     setutent();
     while ((utp = getutent()) != NULL) {
-        if (utp->ut_type == USER_PROCESS 
-               && utp->ut_user[0] != 0
+        if (
+#ifdef HAVE_STRUCT_UTMP_UT_TYPE
+              utp->ut_type == USER_PROCESS 
+              &&
+#endif
+               utp->ut_name[0] != 0
                && utp->ut_line[0] != 0
-               && strncmp (user, utp->ut_user, sizeof(utp->ut_user)) == 0) {
+               && strncmp (user, utp->ut_name, sizeof(utp->ut_name)) == 0) {
             strncpy (tty, utp->ut_line, sizeof(utp->ut_line));
            alert (tty, md);
         }
@@ -283,12 +287,12 @@ static int
 header_fd (void)
 {
     int fd;
-    char *nfs, tmpfil[BUFSIZ];
+    char *nfs;
+    char *tfile = NULL;
 
-    strncpy (tmpfil, m_tmpfil (invo_name), sizeof(tmpfil));
-    if ((fd = open (tmpfil, O_RDWR | O_CREAT | O_TRUNC, 0600)) == NOTOK)
-       return NOTOK;
-    unlink (tmpfil);
+    tfile = m_mktemp2(NULL, invo_name, &fd, NULL);
+    if (tfile == NULL) return NOTOK;
+    unlink (tfile);
 
     rewind (stdin);