36 lines
1.3 KiB
Plaintext
36 lines
1.3 KiB
Plaintext
$OpenBSD: patch-source_file_c,v 1.4 2004/01/14 23:42:53 djm Exp $
|
|
--- source/file.c.orig 2003-09-29 00:18:12.000000000 +1000
|
|
+++ source/file.c 2003-12-04 22:24:52.000000000 +1100
|
|
@@ -1218,7 +1218,12 @@ void PrintWindow(WindowInfo *window, int
|
|
*/
|
|
void PrintString(const char *string, int length, Widget parent, const char *jobName)
|
|
{
|
|
+#ifdef HAVE_MKSTEMP
|
|
+ static char template[] = "/var/tmp/nedit-XXXXXXXXXX";
|
|
+ char tmpFileName[sizeof(template)];
|
|
+#else
|
|
char tmpFileName[L_tmpnam]; /* L_tmpnam defined in stdio.h */
|
|
+#endif
|
|
FILE *fp;
|
|
int fd;
|
|
|
|
@@ -1229,6 +1234,10 @@ void PrintString(const char *string, int
|
|
1. Create a filename
|
|
2. Open the file with the O_CREAT|O_EXCL flags
|
|
So all an attacker can do is a DoS on the print function. */
|
|
+#ifdef HAVE_MKSTEMP
|
|
+ strcpy(tmpFileName, template);
|
|
+ if ((fd = mkstemp(tmpFileName)) < 0 || (fp = fdopen(fd, "w")) == NULL)
|
|
+#else
|
|
tmpnam(tmpFileName);
|
|
|
|
/* open the temporary file */
|
|
@@ -1237,6 +1246,7 @@ void PrintString(const char *string, int
|
|
#else
|
|
if ((fd = open(tmpFileName, O_CREAT|O_EXCL|O_WRONLY, S_IRUSR | S_IWUSR)) < 0 || (fp = fdopen(fd, "w")) == NULL)
|
|
#endif /* VMS */
|
|
+#endif /* HAVE_MKSTEMP */
|
|
{
|
|
DialogF(DF_WARN, parent, 1, "Error while Printing",
|
|
"Unable to write file for printing:\n%s", "Dismiss",
|