Both files in this commit exhibit the wrong way to use temporary files.

For TEHistory.cpp, it uses tmpfile() which produces a file which has a name that can be guessed. For vmemo.cpp, it uses tmpname() which only creates a predictable string. Both uses have been switched to using mkstemp() wrapped around umask(). This produces a much less predictable file that also has guaranteed restrictive permissions. I went a little farther in vmemo because it calls out to the shell using system to 'mv' the new file. That is kinda wasteful so I switched it to use rename instead.
author: erik <erik> 2007-01-26 21:43:58 (UTC)
committer: erik <erik> 2007-01-26 21:43:58 (UTC)
commit: 3cd37427b5c5f26f62cff583fbde914467ddafe3 (patch) (unidiff)
tree: 664a2c1cf2198b69f94e9aa683133a3d92c98511
parent: f77da1ae08512b02a3c50a124f823ed77e53dd64 (diff)
download: opie-3cd37427b5c5f26f62cff583fbde914467ddafe3.zip
opie-3cd37427b5c5f26f62cff583fbde914467ddafe3.tar.gz
opie-3cd37427b5c5f26f62cff583fbde914467ddafe3.tar.bz2
2 files changed, 72 insertions, 28 deletions
diff --git a/core/applets/vmemo/vmemo.cpp b/core/applets/vmemo/vmemo.cpp
index 8ba1eb7..1a8f154 100644
--- a/core/applets/vmemo/vmemo.cpp
+++ b/core/applets/vmemo/vmemo.cpp
@@ -308,84 +308,107 @@ bool VMemo::startRecording() {
  fileName = config.readEntry("RecLocation", fName);
  int s;
  s=fileName.find(':');
  if(s)
    fileName=fileName.right(fileName.length()-s-2);
  odebug << "pathname will be "+fileName << oendl;
  if( fileName.left(1).find('/') == -1)
    fileName="/"+fileName;
  if( fileName.right(1).find('/') == -1)
    fileName+="/";
  fName = "vm_"+ date + ".wav";
  fileName += fName;
  odebug << "filename is " + fileName << oendl;
  useAlerts = config.readBoolEntry("Alert",1);
  if(useAlerts) {
    msgLabel = new QLabel( 0, "alertLabel" );
    msgLabel->setText( tr("<B><P><font size=+2>VMemo-Recording</font></B><p>%1</p>").arg("vm_"+ date));
    msgLabel->show();
  }
        
-// open tmp file here
+  // open tmp file here
-  char *pointer;
+  char *tmpFilePath = 0;
-  pointer=tmpnam(NULL);
+  char *tmpDir = getenv("TMPDIR");
-  odebug << "Opening tmp file " << pointer << "" << oendl;
+  if (tmpDir && *tmpDir != '\0') {
+    tmpFilePath = new char[strlen(tmpDir) + strlen("/vmemo-wav-XXXXXX") + 1];
+    strcpy(tmpFilePath, tmpDir);
+    free(tmpDir);
+  } else {
+    tmpFilePath = new char[strlen("/tmp/vmemo-wav-XXXXXX") + 1];
+    strcpy(tmpFilePath, "/tmp");
+  }
+  strcat(tmpFilePath, "/vmemo-wav-XXXXXX");
+  mode_t currUmask = umask(S_IRWXO | S_IRWXG);
+  int tmpFd = mkstemp(tmpFilePath);
+  umask(currUmask);
+  if (tmpFd == -1) {
+    owarn << "Could not open temp file with template " << tmpFilePath
+          << oendl;
+    delete [] tmpFilePath;
+    return false;
+  } else
+    odebug << "Opened temp file " << tmpFilePath << "" << oendl;
+  close(tmpFd);
-  if(openWAV(pointer ) == -1)  {
+  if(openWAV(tmpFilePath ) == -1)  {
    QString err("Could not open the temp file\n");
    err += fileName;
    QMessageBox::critical(0, "vmemo", err, "Abort");
    ::close(dsp);
    return false;
  }
  if( record() ) {
-  QString cmd;
+    if( fileName.find(".wav",0,true) == -1)
-  if( fileName.find(".wav",0,true) == -1)
+        fileName += ".wav";
-      fileName += ".wav";
-  cmd.sprintf("mv %s "+fileName, pointer);
+    int retVal = rename(tmpFilePath, fileName.local8Bit());
-// move tmp file to regular file here
+    if (retVal == -1) {
+        owarn << "Could not move " << tmpFilePath << " to " << fileName
-  system(cmd.latin1());
+              << oendl;
+        delete [] tmpFilePath;
-  QArray<int> cats(1);
+        return false;
-  cats[0] = config.readNumEntry("Category", 0);
+    }
+    delete [] tmpFilePath;
-  QString dlName("vm_");
-  dlName += date;
+    QArray<int> cats(1);
-  DocLnk l;
+    cats[0] = config.readNumEntry("Category", 0);
-  l.setFile(fileName);
-  l.setName(dlName);
+    QString dlName("vm_");
-  l.setType("audio/x-wav");
+    dlName += date;
-  l.setCategories(cats);
+    DocLnk l;
-  l.writeLink();
+    l.setFile(fileName);
-  return true;
+    l.setName(dlName);
+    l.setType("audio/x-wav");
+    l.setCategories(cats);
+    l.writeLink();
+    return true;
  } else
      return false;
 }
 void VMemo::stopRecording() {
 //    show();
    odebug << "Stopped recording" << oendl;
    recording = false;
    if(useAlerts) {
        msgLabel->close();
        msgLabel=0;
        delete msgLabel;
    }
    t_timer->stop();
    Config cfg("Vmemo");
    cfg.setGroup("Defaults");
 //     if( cfg.readNumEntry("hideIcon",0) == 1 )
 //         hide();
 }
 int VMemo::openDSP() {
  Config cfg("Vmemo");
  cfg.setGroup("Record");
diff --git a/noncore/apps/opie-console/TEHistory.cpp b/noncore/apps/opie-console/TEHistory.cpp
index 317ce57..e2be42a 100644
--- a/noncore/apps/opie-console/TEHistory.cpp
+++ b/noncore/apps/opie-console/TEHistory.cpp
@@ -1,47 +1,48 @@
 /* -------------------------------------------------------------------------- */
 /*                                                                            */
 /* [TEHistory.C]                   History Buffer                             */
 /*                                                                            */
 /* -------------------------------------------------------------------------- */
 /*                                                                            */
 /* Copyright (c) 1997,1998 by Lars Doelle <lars.doelle@on-line.de>            */
 /*                                                                            */
 /* This file is part of Konsole - an X terminal for KDE                       */
 /*                                                                            */
 /* -------------------------------------------------------------------------- */
        /*                                                                    */
 /* Ported Konsole to Qt/Embedded                                              */
        /*                                                                    */
 /* Copyright (C) 2000 by John Ryland <jryland@trolltech.com>                  */
        /*                                                                    */
 /* -------------------------------------------------------------------------- */
 #include "TEHistory.h"
 #include <stdlib.h>
 #include <assert.h>
 #include <stdio.h>
 #include <sys/types.h>
+#include <sys/stat.h>
 #include <unistd.h>
 #include <errno.h>
 #define HERE printf("%s(%d): here\n",__FILE__,__LINE__)
 /*
   An arbitrary long scroll.
   One can modify the scroll only by adding either cells
   or newlines, but access it randomly.
   The model is that of an arbitrary wide typewriter scroll
   in that the scroll is a serie of lines and each line is
   a serie of cells with no overwriting permitted.
   The implementation provides arbitrary length and numbers
   of cells and line/column indexed read access to the scroll
   at constant costs.
 FIXME: some complain about the history buffer comsuming the
       memory of their machines. This problem is critical
       since the history does not behave gracefully in cases
       where the memory is used up completely.
@@ -75,51 +76,71 @@ FILE* xTmpFile()
 /*
   A Row(X) data type which allows adding elements to the end.
 */
 HistoryBuffer::HistoryBuffer()
 {
  ion    = -1;
  length = 0;
 }
 HistoryBuffer::~HistoryBuffer()
 {
  setScroll(FALSE);
 }
 void HistoryBuffer::setScroll(bool on)
 {
  if (on == hasScroll()) return;
  if (on)
  {
    assert( ion < 0 );
    assert( length == 0);
-    FILE* tmp = tmpfile(); if (!tmp) { perror("konsole: cannot open temp file.\n"); return; }
+    char* tmpDir = getenv("TMPDIR");
-    ion = dup(fileno(tmp)); if (ion<0) perror("konsole: cannot dup temp file.\n");
+    char* tmpFilePath = 0;
-    fclose(tmp);
+    if (tmpDir && *tmpDir != '\0') {
+        tmpFilePath = new char[strlen(tmpDir) + strlen("/opie-console-HistoryBuffer-XXXXXX") + 1];
+        strcpy(tmpFilePath, tmpDir);
+        free(tmpDir);
+    } else {
+        tmpFilePath = new char[strlen("/tmp/opie-console-HistoryBuffer-XXXXXX") + 1];
+        strcpy(tmpFilePath, "/tmp");
+    }
+    strcat(tmpFilePath, "/opie-console-HistoryBuffer-XXXXXX");
+    mode_t currUmask = umask(S_IRWXO | S_IRWXG);
+    int tmpfd = mkstemp(tmpFilePath);
+    delete [] tmpFilePath;
+    umask(currUmask);
+    if (tmpfd == -1) {
+        perror("konsole: cannot open temp file.\n");
+        return;
+    }
+    ion = dup(tmpfd);
+    if (ion<0)
+        perror("konsole: cannot dup temp file.\n");
+    close(tmpfd);
  }
  else
  {
    assert( ion >= 0 );
    close(ion);
    ion    = -1;
    length = 0;
  }
 }
 bool HistoryBuffer::hasScroll()
 {
  return ion >= 0;
 }
 void HistoryBuffer::add(const unsigned char* bytes, int len)
 { int rc;
  assert(hasScroll());
  rc = lseek(ion,length,SEEK_SET); if (rc < 0) { perror("HistoryBuffer::add.seek"); setScroll(FALSE); return; }
  rc = write(ion,bytes,len);       if (rc < 0) { perror("HistoryBuffer::add.write"); setScroll(FALSE); return; }
  length += rc;
 }
 void HistoryBuffer::get(unsigned char* bytes, int len, int loc)
author	erik <erik>	2007-01-26 21:43:58 (UTC)
committer	erik <erik>	2007-01-26 21:43:58 (UTC)
commit	3cd37427b5c5f26f62cff583fbde914467ddafe3 (patch) (unidiff)
tree	664a2c1cf2198b69f94e9aa683133a3d92c98511
parent	f77da1ae08512b02a3c50a124f823ed77e53dd64 (diff)
download	opie-3cd37427b5c5f26f62cff583fbde914467ddafe3.zip opie-3cd37427b5c5f26f62cff583fbde914467ddafe3.tar.gz opie-3cd37427b5c5f26f62cff583fbde914467ddafe3.tar.bz2

diff --git a/core/applets/vmemo/vmemo.cpp b/core/applets/vmemo/vmemo.cpp index 8ba1eb7..1a8f154 100644 --- a/core/applets/vmemo/vmemo.cpp +++ b/core/applets/vmemo/vmemo.cpp
@@ -308,84 +308,107 @@ bool VMemo::startRecording() {
308	fileName = config.readEntry("RecLocation", fName);	308	fileName = config.readEntry("RecLocation", fName);
309		309
310	int s;	310	int s;
311	s=fileName.find(':');	311	s=fileName.find(':');
312	if(s)	312	if(s)
313	fileName=fileName.right(fileName.length()-s-2);	313	fileName=fileName.right(fileName.length()-s-2);
314	odebug << "pathname will be "+fileName << oendl;	314	odebug << "pathname will be "+fileName << oendl;
315		315
316	if( fileName.left(1).find('/') == -1)	316	if( fileName.left(1).find('/') == -1)
317	fileName="/"+fileName;	317	fileName="/"+fileName;
318	if( fileName.right(1).find('/') == -1)	318	if( fileName.right(1).find('/') == -1)
319	fileName+="/";	319	fileName+="/";
320	fName = "vm_"+ date + ".wav";	320	fName = "vm_"+ date + ".wav";
321		321
322	fileName += fName;	322	fileName += fName;
323	odebug << "filename is " + fileName << oendl;	323	odebug << "filename is " + fileName << oendl;
324		324
325	useAlerts = config.readBoolEntry("Alert",1);	325	useAlerts = config.readBoolEntry("Alert",1);
326	if(useAlerts) {	326	if(useAlerts) {
327	msgLabel = new QLabel( 0, "alertLabel" );	327	msgLabel = new QLabel( 0, "alertLabel" );
328	msgLabel->setText( tr("<B><P><font size=+2>VMemo-Recording</font></B><p>%1</p>").arg("vm_"+ date));	328	msgLabel->setText( tr("<B><P><font size=+2>VMemo-Recording</font></B><p>%1</p>").arg("vm_"+ date));
329	msgLabel->show();	329	msgLabel->show();
330	}	330	}
331		331
332	// open tmp file here	332	// open tmp file here
333	char *pointer;	333	char *tmpFilePath = 0;
334	pointer=tmpnam(NULL);	334	char *tmpDir = getenv("TMPDIR");
335	odebug << "Opening tmp file " << pointer << "" << oendl;	335	if (tmpDir && *tmpDir != '\0') {
		336	tmpFilePath = new char[strlen(tmpDir) + strlen("/vmemo-wav-XXXXXX") + 1];
		337	strcpy(tmpFilePath, tmpDir);
		338	free(tmpDir);
		339	} else {
		340	tmpFilePath = new char[strlen("/tmp/vmemo-wav-XXXXXX") + 1];
		341	strcpy(tmpFilePath, "/tmp");
		342	}
		343	strcat(tmpFilePath, "/vmemo-wav-XXXXXX");
		344	mode_t currUmask = umask(S_IRWXO \| S_IRWXG);
		345	int tmpFd = mkstemp(tmpFilePath);
		346	umask(currUmask);
		347	if (tmpFd == -1) {
		348	owarn << "Could not open temp file with template " << tmpFilePath
		349	<< oendl;
		350	delete [] tmpFilePath;
		351	return false;
		352	} else
		353	odebug << "Opened temp file " << tmpFilePath << "" << oendl;
		354
		355	close(tmpFd);
336		356
337	if(openWAV(pointer ) == -1) {	357	if(openWAV(tmpFilePath ) == -1) {
338		358
339	QString err("Could not open the temp file\n");	359	QString err("Could not open the temp file\n");
340	err += fileName;	360	err += fileName;
341	QMessageBox::critical(0, "vmemo", err, "Abort");	361	QMessageBox::critical(0, "vmemo", err, "Abort");
342	::close(dsp);	362	::close(dsp);
343	return false;	363	return false;
344	}	364	}
345	if( record() ) {	365	if( record() ) {
346		366
347	QString cmd;	367	if( fileName.find(".wav",0,true) == -1)
348	if( fileName.find(".wav",0,true) == -1)	368	fileName += ".wav";
349	fileName += ".wav";
350		369
351	cmd.sprintf("mv %s "+fileName, pointer);	370	int retVal = rename(tmpFilePath, fileName.local8Bit());
352	// move tmp file to regular file here	371	if (retVal == -1) {
353		372	owarn << "Could not move " << tmpFilePath << " to " << fileName
354	system(cmd.latin1());	373	<< oendl;
355		374	delete [] tmpFilePath;
356	QArray<int> cats(1);	375	return false;
357	cats[0] = config.readNumEntry("Category", 0);	376	}
358		377	delete [] tmpFilePath;
359	QString dlName("vm_");	378
360	dlName += date;	379	QArray<int> cats(1);
361	DocLnk l;	380	cats[0] = config.readNumEntry("Category", 0);
362	l.setFile(fileName);	381
363	l.setName(dlName);	382	QString dlName("vm_");
364	l.setType("audio/x-wav");	383	dlName += date;
365	l.setCategories(cats);	384	DocLnk l;
366	l.writeLink();	385	l.setFile(fileName);
367	return true;	386	l.setName(dlName);
		387	l.setType("audio/x-wav");
		388	l.setCategories(cats);
		389	l.writeLink();
		390	return true;
368	} else	391	} else
369	return false;	392	return false;
370		393
371	}	394	}
372		395
373	void VMemo::stopRecording() {	396	void VMemo::stopRecording() {
374	// show();	397	// show();
375	odebug << "Stopped recording" << oendl;	398	odebug << "Stopped recording" << oendl;
376	recording = false;	399	recording = false;
377	if(useAlerts) {	400	if(useAlerts) {
378	msgLabel->close();	401	msgLabel->close();
379	msgLabel=0;	402	msgLabel=0;
380	delete msgLabel;	403	delete msgLabel;
381	}	404	}
382	t_timer->stop();	405	t_timer->stop();
383	Config cfg("Vmemo");	406	Config cfg("Vmemo");
384	cfg.setGroup("Defaults");	407	cfg.setGroup("Defaults");
385	// if( cfg.readNumEntry("hideIcon",0) == 1 )	408	// if( cfg.readNumEntry("hideIcon",0) == 1 )
386	// hide();	409	// hide();
387	}	410	}
388		411
389	int VMemo::openDSP() {	412	int VMemo::openDSP() {
390	Config cfg("Vmemo");	413	Config cfg("Vmemo");
391	cfg.setGroup("Record");	414	cfg.setGroup("Record");


diff --git a/noncore/apps/opie-console/TEHistory.cpp b/noncore/apps/opie-console/TEHistory.cpp index 317ce57..e2be42a 100644 --- a/noncore/apps/opie-console/TEHistory.cpp +++ b/noncore/apps/opie-console/TEHistory.cpp
@@ -1,47 +1,48 @@
1	/* -------------------------------------------------------------------------- */	1	/* -------------------------------------------------------------------------- */
2	/* */	2	/* */
3	/* [TEHistory.C] History Buffer */	3	/* [TEHistory.C] History Buffer */
4	/* */	4	/* */
5	/* -------------------------------------------------------------------------- */	5	/* -------------------------------------------------------------------------- */
6	/* */	6	/* */
7	/* Copyright (c) 1997,1998 by Lars Doelle <lars.doelle@on-line.de> */	7	/* Copyright (c) 1997,1998 by Lars Doelle <lars.doelle@on-line.de> */
8	/* */	8	/* */
9	/* This file is part of Konsole - an X terminal for KDE */	9	/* This file is part of Konsole - an X terminal for KDE */
10	/* */	10	/* */
11	/* -------------------------------------------------------------------------- */	11	/* -------------------------------------------------------------------------- */
12	/* */	12	/* */
13	/* Ported Konsole to Qt/Embedded */	13	/* Ported Konsole to Qt/Embedded */
14	/* */	14	/* */
15	/* Copyright (C) 2000 by John Ryland <jryland@trolltech.com> */	15	/* Copyright (C) 2000 by John Ryland <jryland@trolltech.com> */
16	/* */	16	/* */
17	/* -------------------------------------------------------------------------- */	17	/* -------------------------------------------------------------------------- */
18		18
19	#include "TEHistory.h"	19	#include "TEHistory.h"
20	#include <stdlib.h>	20	#include <stdlib.h>
21	#include <assert.h>	21	#include <assert.h>
22	#include <stdio.h>	22	#include <stdio.h>
23	#include <sys/types.h>	23	#include <sys/types.h>
		24	#include <sys/stat.h>
24	#include <unistd.h>	25	#include <unistd.h>
25	#include <errno.h>	26	#include <errno.h>
26		27
27	#define HERE printf("%s(%d): here\n",__FILE__,__LINE__)	28	#define HERE printf("%s(%d): here\n",__FILE__,__LINE__)
28		29
29	/*	30	/*
30	An arbitrary long scroll.	31	An arbitrary long scroll.
31		32
32	One can modify the scroll only by adding either cells	33	One can modify the scroll only by adding either cells
33	or newlines, but access it randomly.	34	or newlines, but access it randomly.
34		35
35	The model is that of an arbitrary wide typewriter scroll	36	The model is that of an arbitrary wide typewriter scroll
36	in that the scroll is a serie of lines and each line is	37	in that the scroll is a serie of lines and each line is
37	a serie of cells with no overwriting permitted.	38	a serie of cells with no overwriting permitted.
38		39
39	The implementation provides arbitrary length and numbers	40	The implementation provides arbitrary length and numbers
40	of cells and line/column indexed read access to the scroll	41	of cells and line/column indexed read access to the scroll
41	at constant costs.	42	at constant costs.
42		43
43	FIXME: some complain about the history buffer comsuming the	44	FIXME: some complain about the history buffer comsuming the
44	memory of their machines. This problem is critical	45	memory of their machines. This problem is critical
45	since the history does not behave gracefully in cases	46	since the history does not behave gracefully in cases
46	where the memory is used up completely.	47	where the memory is used up completely.
47		48
@@ -75,51 +76,71 @@ FILE* xTmpFile()
75		76
76	/*	77	/*
77	A Row(X) data type which allows adding elements to the end.	78	A Row(X) data type which allows adding elements to the end.
78	*/	79	*/
79		80
80	HistoryBuffer::HistoryBuffer()	81	HistoryBuffer::HistoryBuffer()
81	{	82	{
82	ion = -1;	83	ion = -1;
83	length = 0;	84	length = 0;
84	}	85	}
85		86
86	HistoryBuffer::~HistoryBuffer()	87	HistoryBuffer::~HistoryBuffer()
87	{	88	{
88	setScroll(FALSE);	89	setScroll(FALSE);
89	}	90	}
90		91
91	void HistoryBuffer::setScroll(bool on)	92	void HistoryBuffer::setScroll(bool on)
92	{	93	{
93	if (on == hasScroll()) return;	94	if (on == hasScroll()) return;
94		95
95	if (on)	96	if (on)
96	{	97	{
97	assert( ion < 0 );	98	assert( ion < 0 );
98	assert( length == 0);	99	assert( length == 0);
99	FILE* tmp = tmpfile(); if (!tmp) { perror("konsole: cannot open temp file.\n"); return; }	100	char* tmpDir = getenv("TMPDIR");
100	ion = dup(fileno(tmp)); if (ion<0) perror("konsole: cannot dup temp file.\n");	101	char* tmpFilePath = 0;
101	fclose(tmp);	102	if (tmpDir && *tmpDir != '\0') {
		103	tmpFilePath = new char[strlen(tmpDir) + strlen("/opie-console-HistoryBuffer-XXXXXX") + 1];
		104	strcpy(tmpFilePath, tmpDir);
		105	free(tmpDir);
		106	} else {
		107	tmpFilePath = new char[strlen("/tmp/opie-console-HistoryBuffer-XXXXXX") + 1];
		108	strcpy(tmpFilePath, "/tmp");
		109	}
		110	strcat(tmpFilePath, "/opie-console-HistoryBuffer-XXXXXX");
		111	mode_t currUmask = umask(S_IRWXO \| S_IRWXG);
		112	int tmpfd = mkstemp(tmpFilePath);
		113	delete [] tmpFilePath;
		114	umask(currUmask);
		115	if (tmpfd == -1) {
		116	perror("konsole: cannot open temp file.\n");
		117	return;
		118	}
		119	ion = dup(tmpfd);
		120	if (ion<0)
		121	perror("konsole: cannot dup temp file.\n");
		122	close(tmpfd);
102	}	123	}
103	else	124	else
104	{	125	{
105	assert( ion >= 0 );	126	assert( ion >= 0 );
106	close(ion);	127	close(ion);
107	ion = -1;	128	ion = -1;
108	length = 0;	129	length = 0;
109	}	130	}
110	}	131	}
111		132
112	bool HistoryBuffer::hasScroll()	133	bool HistoryBuffer::hasScroll()
113	{	134	{
114	return ion >= 0;	135	return ion >= 0;
115	}	136	}
116		137
117	void HistoryBuffer::add(const unsigned char* bytes, int len)	138	void HistoryBuffer::add(const unsigned char* bytes, int len)
118	{ int rc;	139	{ int rc;
119	assert(hasScroll());	140	assert(hasScroll());
120	rc = lseek(ion,length,SEEK_SET); if (rc < 0) { perror("HistoryBuffer::add.seek"); setScroll(FALSE); return; }	141	rc = lseek(ion,length,SEEK_SET); if (rc < 0) { perror("HistoryBuffer::add.seek"); setScroll(FALSE); return; }
121	rc = write(ion,bytes,len); if (rc < 0) { perror("HistoryBuffer::add.write"); setScroll(FALSE); return; }	142	rc = write(ion,bytes,len); if (rc < 0) { perror("HistoryBuffer::add.write"); setScroll(FALSE); return; }
122	length += rc;	143	length += rc;
123	}	144	}
124		145
125	void HistoryBuffer::get(unsigned char* bytes, int len, int loc)	146	void HistoryBuffer::get(unsigned char* bytes, int len, int loc)