1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-28 05:29:48 +00:00

Add a patch which fixes CVE-2007-4460, insecure temporary file

handling.

Approved by:	maintainer
This commit is contained in:
Xin LI 2007-10-02 01:59:40 +00:00
parent cbec3d25f6
commit 7ab0401bee
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=200581

View File

@ -0,0 +1,49 @@
--- ./src/tag_file.cpp.orig 2003-03-02 08:23:00.000000000 +0800
+++ ./src/tag_file.cpp 2007-10-02 05:23:26.519473634 +0800
@@ -242,8 +242,8 @@
strcpy(sTempFile, filename.c_str());
strcat(sTempFile, sTmpSuffix.c_str());
-#if ((defined(__GNUC__) && __GNUC__ >= 3 ) || !defined(HAVE_MKSTEMP))
- // This section is for Windows folk && gcc 3.x folk
+#if !defined(HAVE_MKSTEMP)
+ // This section is for Windows folk
fstream tmpOut;
createFile(sTempFile, tmpOut);
@@ -257,7 +257,7 @@
tmpOut.write((char *)tmpBuffer, nBytes);
}
-#else //((defined(__GNUC__) && __GNUC__ >= 3 ) || !defined(HAVE_MKSTEMP))
+#else //!defined(HAVE_MKSTEMP)
// else we gotta make a temp file, copy the tag into it, copy the
// rest of the old file after the tag, delete the old file, rename
@@ -270,7 +270,7 @@
//ID3_THROW_DESC(ID3E_NoFile, "couldn't open temp file");
}
- ofstream tmpOut(fd);
+ ofstream tmpOut(sTempFile);
if (!tmpOut)
{
tmpOut.close();
@@ -285,14 +285,14 @@
uchar tmpBuffer[BUFSIZ];
while (file)
{
- file.read(tmpBuffer, BUFSIZ);
+ file.read((char *)tmpBuffer, BUFSIZ);
size_t nBytes = file.gcount();
- tmpOut.write(tmpBuffer, nBytes);
+ tmpOut.write((char *)tmpBuffer, nBytes);
}
close(fd); //closes the file
-#endif ////((defined(__GNUC__) && __GNUC__ >= 3 ) || !defined(HAVE_MKSTEMP))
+#endif ////!defined(HAVE_MKSTEMP)
tmpOut.close();
file.close();