talexander
/
freebsd_amp_hwpstate
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ee: Fix use of uninitialised pointer in ispell_op 

This used to be name = mktemp followed by fd = open downstream,
replacing upstream's crude PID-based sprintf, but in 1.4.7 this was
changed upstream to this buggy code, which we then picked up in the
1.5.0 import. Presumably nobody's actually used ee's ispell function
in the past 15 years; that or it's just ended up using junk file names
as temporary files if name's happened to be a valid address to something
that can be interpreted as a string.

Reported by:	Dapeng Gao <dapeng.gao@cl.cam.ac.uk>
Fixes:		96b676e999 ("Update ee(1) in the base system to version 1.5.0.")
MFC after:	1 week
This commit is contained in:
Jessica Clarke 2024-06-02 23:53:09 +01:00
parent 28aaa58fa6
commit 25a33bfe9c
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
contrib/ee/ee.c
View File

@ -4431,6 +4431,7 @@ ispell_op(void)
}
(void)sprintf(template, "/tmp/ee.XXXXXXXX");
fd = mkstemp(template);
name = template;
if (fd < 0) {
wmove(com_win, 0, 0);
wprintw(com_win, create_file_fail_msg, name);