| This patch fixes an issues where temporary files were created in an insecure |
| way. |
| |
| It was first intruduced in version 3.8.3-7 and fixes |
| http://bugs.debian.org/438540 |
| --- a/src/tag_file.cpp |
| +++ b/src/tag_file.cpp |
| @@ -242,8 +242,8 @@ |
| strcpy(sTempFile, filename.c_str()); |
| strcat(sTempFile, sTmpSuffix.c_str()); |
| |
| -#if ((defined(__GNUC__) && __GNUC__ >= 3 ) || !defined(HAVE_MKSTEMP)) |
| - // This section is for Windows folk && gcc 3.x folk |
| +#if !defined(HAVE_MKSTEMP) |
| + // This section is for Windows folk |
| fstream tmpOut; |
| createFile(sTempFile, tmpOut); |
| |
| @@ -257,7 +257,7 @@ |
| tmpOut.write((char *)tmpBuffer, nBytes); |
| } |
| |
| -#else //((defined(__GNUC__) && __GNUC__ >= 3 ) || !defined(HAVE_MKSTEMP)) |
| +#else //!defined(HAVE_MKSTEMP) |
| |
| // else we gotta make a temp file, copy the tag into it, copy the |
| // rest of the old file after the tag, delete the old file, rename |
| @@ -270,7 +270,7 @@ |
| //ID3_THROW_DESC(ID3E_NoFile, "couldn't open temp file"); |
| } |
| |
| - ofstream tmpOut(fd); |
| + ofstream tmpOut(sTempFile); |
| if (!tmpOut) |
| { |
| tmpOut.close(); |
| @@ -285,14 +285,14 @@ |
| uchar tmpBuffer[BUFSIZ]; |
| while (file) |
| { |
| - file.read(tmpBuffer, BUFSIZ); |
| + file.read((char *)tmpBuffer, BUFSIZ); |
| size_t nBytes = file.gcount(); |
| - tmpOut.write(tmpBuffer, nBytes); |
| + tmpOut.write((char *)tmpBuffer, nBytes); |
| } |
| |
| close(fd); //closes the file |
| |
| -#endif ////((defined(__GNUC__) && __GNUC__ >= 3 ) || !defined(HAVE_MKSTEMP)) |
| +#endif ////!defined(HAVE_MKSTEMP) |
| |
| tmpOut.close(); |
| file.close(); |
