36 lines
1.3 KiB
Plaintext
36 lines
1.3 KiB
Plaintext
$OpenBSD: patch-source_file_c,v 1.5 2004/10/17 21:23:50 djm Exp $
|
|
--- source/file.c.orig Tue Aug 24 19:37:24 2004
|
|
+++ source/file.c Sat Oct 16 17:42:51 2004
|
|
@@ -1314,7 +1314,12 @@ void PrintWindow(WindowInfo *window, int
|
|
*/
|
|
void PrintString(const char *string, int length, Widget parent, const char *jobName)
|
|
{
|
|
+#ifdef HAVE_MKSTEMP
|
|
+ static char template[] = "/var/tmp/nedit-XXXXXXXXXX";
|
|
+ char tmpFileName[sizeof(template)];
|
|
+#else
|
|
char tmpFileName[L_tmpnam]; /* L_tmpnam defined in stdio.h */
|
|
+#endif
|
|
FILE *fp;
|
|
int fd;
|
|
|
|
@@ -1325,6 +1330,10 @@ void PrintString(const char *string, int
|
|
1. Create a filename
|
|
2. Open the file with the O_CREAT|O_EXCL flags
|
|
So all an attacker can do is a DoS on the print function. */
|
|
+#ifdef HAVE_MKSTEMP
|
|
+ strcpy(tmpFileName, template);
|
|
+ if ((fd = mkstemp(tmpFileName)) < 0 || (fp = fdopen(fd, "w")) == NULL)
|
|
+#else
|
|
tmpnam(tmpFileName);
|
|
|
|
/* open the temporary file */
|
|
@@ -1333,6 +1342,7 @@ void PrintString(const char *string, int
|
|
#else
|
|
if ((fd = open(tmpFileName, O_CREAT|O_EXCL|O_WRONLY, S_IRUSR | S_IWUSR)) < 0 || (fp = fdopen(fd, "w")) == NULL)
|
|
#endif /* VMS */
|
|
+#endif /* HAVE_MKSTEMP */
|
|
{
|
|
DialogF(DF_WARN, parent, 1, "Error while Printing",
|
|
"Unable to write file for printing:\n%s", "OK",
|