Browse Source

Fix security issue CVE-2015-7543

[taken from Debian arts patches]
pull/1/head
Slávek Banko 4 years ago
parent
commit
bbb70b9ed2
1 changed files with 6 additions and 3 deletions
  1. +6
    -3
      mcop/mcoputils.cc

+ 6
- 3
mcop/mcoputils.cc View File

@@ -307,7 +307,8 @@ int build_link(string tmp_prefix, const char *kde_prefix)
unlink(kde_tmp_dir.c_str());
user_tmp_dir += "XXXXXX";
tmp_buf = strdup(user_tmp_dir.c_str());
mktemp(tmp_buf); /* We want a directory, not a file, so using mkstemp makes no sense and is wrong */
if (mkdtemp(tmp_buf) == NULL)
return 1;
result = create_link(kde_tmp_dir.c_str(), tmp_buf);
free(tmp_buf);
return result;
@@ -347,7 +348,8 @@ int build_link(string tmp_prefix, const char *kde_prefix)
unlink(kde_tmp_dir.c_str());
user_tmp_dir += "XXXXXX";
tmp_buf = strdup(user_tmp_dir.c_str());
mktemp(tmp_buf); /* We want a directory, not a file, so using mkstemp makes no sense and is wrong */
if (mkdtemp(tmp_buf) == NULL)
return 1;
result = create_link(kde_tmp_dir.c_str(), tmp_buf);
free(tmp_buf);
return result;
@@ -358,7 +360,8 @@ int build_link(string tmp_prefix, const char *kde_prefix)
unlink(kde_tmp_dir.c_str());
user_tmp_dir += "XXXXXX";
tmp_buf = strdup(user_tmp_dir.c_str());
mktemp(tmp_buf); /* We want a directory, not a file, so using mkstemp makes no sense and is wrong */
if (mkdtemp(tmp_buf) == NULL)
return 1;
result = create_link(kde_tmp_dir.c_str(), tmp_buf);
free(tmp_buf);
return result;


Loading…
Cancel
Save