From 52354375333001cbcbd4f97373e7f2ac3a5c33c1 Mon Sep 17 00:00:00 2001
From: TredwellGit <tredwell@tutanota.com>
Date: Wed, 30 Sep 2020 09:21:55 +0000
Subject: [PATCH] generate-expr-from-tarballs.pl: fix insecure temporary file

https://cwe.mitre.org/data/definitions/377.html
---
 pkgs/servers/x11/xorg/generate-expr-from-tarballs.pl | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/pkgs/servers/x11/xorg/generate-expr-from-tarballs.pl b/pkgs/servers/x11/xorg/generate-expr-from-tarballs.pl
index 8bed3fc6d09..ba33623b495 100755
--- a/pkgs/servers/x11/xorg/generate-expr-from-tarballs.pl
+++ b/pkgs/servers/x11/xorg/generate-expr-from-tarballs.pl
@@ -11,8 +11,7 @@ use warnings;
 
 use File::Basename;
 use File::Spec::Functions;
-
-my $tmpDir = "/tmp/xorg-unpack";
+use File::Temp;
 
 
 my %pkgURLs;
@@ -93,8 +92,7 @@ while (<>) {
     $pkgHashes{$pkg} = $hash;
 
     print "\nunpacking $path\n";
-    system "rm -rf '$tmpDir'";
-    mkdir $tmpDir, 0700;
+    my $tmpDir = File::Temp->newdir();
     system "cd '$tmpDir' && tar xf '$path'";
     die "cannot unpack `$path'" if $? != 0;
     print "\n";