Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 165209 Details for
Bug 235808
media-gfx/aview <1.3.0_rc1-r1 insecure temp file usage (CVE-2008-4935)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
02_tmp_creation.patch
02_tmp_creation.patch (text/plain), 1.04 KB, created by
Santiago M. Mola (RETIRED)
on 2008-09-11 18:52:37 UTC
(
hide
)
Description:
02_tmp_creation.patch
Filename:
MIME Type:
Creator:
Santiago M. Mola (RETIRED)
Created:
2008-09-11 18:52:37 UTC
Size:
1.04 KB
patch
obsolete
>diff -Nur -x '*.orig' -x '*~' aview-1.3.0rc1/asciiview aview-1.3.0rc1.new/asciiview >--- aview-1.3.0rc1/asciiview 2008-09-01 12:33:29.000000000 +0200 >+++ aview-1.3.0rc1.new/asciiview 2008-09-01 12:33:36.000000000 +0200 >@@ -3,11 +3,11 @@ > clear() > { > kill $! 2>/dev/null >- rm -f /tmp/aview$$.pgm 2>/dev/null >+ rm -rf $tmpdir 2>/dev/null > } > myconvert() > { >- if anytopnm "$1" >/tmp/aview$$.pgm 2>/dev/null ; then >+ if anytopnm "$1" >"$2" 2>/dev/null ; then > exit > elif convert -colorspace gray "$1" pgm:- 2>/dev/null ; then > exit >@@ -53,8 +53,9 @@ > esac > done > trap clear 0 >-mkfifo /tmp/aview$$.pgm >-outfile=/tmp/aview$$.pgm >+tmpdir=`mktemp -t -d` >+outfile=$tmpdir/aview.pgm >+mkfifo $outfile > while [ $counter -gt 0 ]; do > counter=$(($counter-1)) > name=${filenames[$counter]} >@@ -65,10 +66,10 @@ > aaflip $options "$name" > ;; > *) >- myconvert "$name" >/tmp/aview$$.pgm & >+ myconvert "$name" "$outfile" >"$outfile" & > pid=$! > PATH="$PATH:." >- aview $options /tmp/aview$$.pgm >+ aview $options $outfile > kill $pid 2>/dev/null > esac > else
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 235808
: 165209