Sisyphus repositório
Última atualização: 1 outubro 2023 | SRPMs: 18631 | Visitas: 37514059
en ru br
ALT Linux repositórios
S:5.7-alt1
5.0: 5.5-alt2.1
4.1: 5.5-alt2
4.0: 5.5-alt2
3.0: 5.5-alt1

Group :: Editores
RPM: nedit

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs e FR  Repocop 

Patch: nedit-5.5-alt-tmp.patch
Download

--- nedit-5.5/source/file.c.orig	2004-08-24 13:37:24 +0400
+++ nedit-5.5/source/file.c	2005-03-14 20:18:19 +0300
@@ -1314,25 +1314,23 @@ void PrintWindow(WindowInfo *window, int
 */
 void PrintString(const char *string, int length, Widget parent, const char *jobName)
 {
-    char tmpFileName[L_tmpnam];    /* L_tmpnam defined in stdio.h */
     FILE *fp;
     int fd;
+    const char progname[] = "nedit";
+    const char suffix[] = ".XXXXXX";
+    const char *tmpdir = getenv("TMPDIR") ? : P_tmpdir;
+    unsigned tmplen = strlen(tmpdir);
+    unsigned proglen = sizeof(progname) - 1;
+    char tmpFileName[2 + tmplen + proglen + sizeof(suffix)];
 
     /* Generate a temporary file name */
-    /*  If the glibc is used, the linker issues a warning at this point. This is
-	very thoughtful of him, but does not apply to NEdit. The recommended
-	replacement mkstemp(3) uses the same algorithm as NEdit, namely
-	    1. Create a filename
-	    2. Open the file with the O_CREAT|O_EXCL flags
-	So all an attacker can do is a DoS on the print function. */
-    tmpnam(tmpFileName);
+    memcpy(tmpFileName, tmpdir, tmplen);
+    tmpFileName[tmplen] = '/';
+    memcpy(tmpFileName + tmplen + 1, progname, proglen);
+    memcpy(tmpFileName + tmplen + 1 + proglen, suffix, sizeof(suffix));
 
     /* open the temporary file */
-#ifdef VMS
-    if ((fp = fopen(tmpFileName, "w", "rfm = stmlf")) == NULL)
-#else
-    if ((fd = open(tmpFileName, O_CREAT|O_EXCL|O_WRONLY, S_IRUSR | S_IWUSR)) < 0 || (fp = fdopen(fd, "w")) == NULL)
-#endif /* VMS */
+    if ((fd = mkstemp(tmpFileName)) < 0 || (fp = fdopen(fd, "w")) == NULL)
     {
         DialogF(DF_WARN, parent, 1, "Error while Printing",
                 "Unable to write file for printing:\n%s", "OK",
@@ -1340,16 +1338,8 @@ void PrintString(const char *string, int
         return;
     }
 
-#ifdef VMS
-    chmod(tmpFileName, S_IRUSR | S_IWUSR);    
-#endif
-    
     /* write to the file */
-#ifdef IBM_FWRITE_BUG
-    write(fileno(fp), string, length);
-#else
     fwrite(string, sizeof(char), length, fp);
-#endif
     if (ferror(fp))
     {
         DialogF(DF_ERR, parent, 1, "Error while Printing",
 
projeto & código: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009