Date: Thu, 20 Nov 2003 11:57:57 +0300 (MSK) From: Konstantin Oznobihin <bork@rsu.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/59499: [patch] openFile function opens files for reading and writing instead of reading only Message-ID: <200311200857.hAK8vvAf039277@rocky.cc.rsu.ru> Resent-Message-ID: <200311200900.hAK90YS6090530@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 59499 >Category: ports >Synopsis: [patch] openFile function opens files for reading and writing instead of reading only >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Nov 20 01:00:33 PST 2003 >Closed-Date: >Last-Modified: >Originator: Konstantin Oznobihin >Release: FreeBSD 5.1-RELEASE-p8 i386 >Organization: Computer Center of Rostov State University >Environment: System: FreeBSD 5.1-RELEASE-p8 FreeBSD 5.1-RELEASE-p8 #2: Sat Oct 4 18:24:23 MSD 2003 bork@rsu.ru:/usr/obj/usr/src/sys/KERNEL i386 >Description: The XMLPlatformUtils::openFile function opens files with fopen and passes it "r+" string as mode argument. This makes(according to fopen(3)) it try to open file for reading and writing while it should be opened for reading only. As a result you can't work with files not owned by you which is rather common case for dtd files. >How-To-Repeat: Try "SAX2Pint somefile.xml" where somefile.xml belongs to other user and has access rights rw-r--r--. >Fix: Just change mode from "r+" to "r", here is the patch: --- patch begins here --- --- xerces-c-src_2_3_0/src/xercesc/util/Platforms/FreeBSD/FreeBSDPlatformUtils.cpp Wed Nov 12 20:32:33 2003 +++ FreeBSDPlatformUtils.cpp Wed Nov 12 20:31:16 2003 @@ -298,7 +298,7 @@ XMLExcepts::CPtr_PointerIsZero); const char* tmpFileName = XMLString::transcode(fileName, fgMemoryManager); ArrayJanitor<char> janText((char*)tmpFileName, fgMemoryManager); - FileHandle retVal = (FileHandle)fopen( tmpFileName , "r+" ); + FileHandle retVal = (FileHandle)fopen( tmpFileName , "r" ); return retVal; } @@ -307,7 +307,7 @@ if (fileName == NULL) ThrowXML(XMLPlatformUtilsException, XMLExcepts::CPtr_PointerIsZero); - FileHandle retVal = (FileHandle)fopen( fileName , "r+" ); + FileHandle retVal = (FileHandle)fopen( fileName , "r" ); return retVal; } --- patch ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200311200857.hAK8vvAf039277>