36 lines
1.3 KiB
Plaintext
36 lines
1.3 KiB
Plaintext
$OpenBSD: patch-source_file_c,v 1.3 2002/06/13 05:44:57 form Exp $
|
|
--- source/file.c.orig Sat Mar 2 23:02:22 2002
|
|
+++ source/file.c Thu Jun 13 12:41:13 2002
|
|
@@ -1066,7 +1066,12 @@ void PrintWindow(WindowInfo *window, int
|
|
*/
|
|
void PrintString(const char *string, int length, Widget parent, const char *jobName)
|
|
{
|
|
+#ifdef HAVE_MKSTEMP
|
|
+ static char template[] = "/var/tmp/nedit-XXXXXXXXXX";
|
|
+ char tmpFileName[sizeof(template)];
|
|
+#else
|
|
char tmpFileName[L_tmpnam]; /* L_tmpnam defined in stdio.h */
|
|
+#endif
|
|
FILE *fp;
|
|
int fd;
|
|
|
|
@@ -1077,6 +1082,10 @@ void PrintString(const char *string, int
|
|
1. Create a filename
|
|
2. Open the file with the O_CREAT|O_EXCL flags
|
|
So all an attacker can do is a DoS on the print function. */
|
|
+#ifdef HAVE_MKSTEMP
|
|
+ strcpy(tmpFileName, template);
|
|
+ if ((fd = mkstemp(tmpFileName)) < 0 || (fp = fdopen(fd, "w")) == NULL)
|
|
+#else
|
|
tmpnam(tmpFileName);
|
|
|
|
/* open the temporary file */
|
|
@@ -1085,6 +1094,7 @@ void PrintString(const char *string, int
|
|
#else
|
|
if ((fd = open(tmpFileName, O_CREAT|O_EXCL|O_WRONLY, S_IRUSR | S_IWUSR)) < 0 || (fp = fdopen(fd, "w")) == NULL)
|
|
#endif /* VMS */
|
|
+#endif /* HAVE_MKSTEMP */
|
|
{
|
|
DialogF(DF_WARN, parent, 1, "Unable to write file for printing:\n%s",
|
|
"Dismiss", errorString());
|