Date: Sat, 17 Feb 2001 19:28:00 +0100 (CET) From: xpaint@oldach.net To: FreeBSD-gnats-submit@freebsd.org Cc: hmo@sep.hamburg.com Subject: ports/25176: ports/graphics/xpaint temporary file problem Message-ID: <200102171828.f1HIS0u49879@sep.hamburg.com>
next in thread | raw e-mail | index | archive | help
>Number: 25176 >Category: ports >Synopsis: ports/graphics/xpaint 2.6.1 allocates temporary files with illegal names >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Feb 17 10:30:01 PST 2001 >Closed-Date: >Last-Modified: >Originator: Helge Oldach >Release: FreeBSD 4.2-STABLE i386 >Organization: >Environment: openTemp() in readRC.c allocates wrong space, resulting in an illegal filename. >Description: static FILE * openTemp(char **np) { char *n; char xx[256]; if ((n = getenv("TMPDIR")) == NULL) n = "/tmp"; strcpy(xx, n); strcat(xx, "/XPaintXXXXXXX"); #if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) if ((fd = mkstemp(xx) < 0)) return (FILE *) NULL; tempName[++tempIndex] = XtNewString(n); /********************************* ^^^ ***************************/ if (np != NULL) *np = tempName[tempIndex]; return fdopen(fd, "w"); #else n = mktemp(xx); tempName[++tempIndex] = XtNewString(n); if (np != NULL) *np = tempName[tempIndex]; return fopen(tempName[tempIndex], "w"); #endif } XtNewString(n) basically is (strcpy(XtMalloc((unsigned) strlen(n) + 1), n)) At the marked line, XtNewString copies n but in fact should copy xx, as this is the temporary file name previously created by mkstemp(). This apparently is a simple copy error from the non-FreeBSD code. The effect is that a too short temporary filename is allocated, in fact it's just TMPDIR (or /tmp) which is a directory and not a legal filename. >How-To-Repeat: make >Fix: Replace "XtNewString(n)" with "XtNewString(xx)" in ports/graphics/xpaint/files/patch-ae. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102171828.f1HIS0u49879>