author | erik <erik> | 2007-01-26 21:43:58 (UTC) |
---|---|---|
committer | erik <erik> | 2007-01-26 21:43:58 (UTC) |
commit | 3cd37427b5c5f26f62cff583fbde914467ddafe3 (patch) (unidiff) | |
tree | 664a2c1cf2198b69f94e9aa683133a3d92c98511 | |
parent | f77da1ae08512b02a3c50a124f823ed77e53dd64 (diff) | |
download | opie-3cd37427b5c5f26f62cff583fbde914467ddafe3.zip opie-3cd37427b5c5f26f62cff583fbde914467ddafe3.tar.gz opie-3cd37427b5c5f26f62cff583fbde914467ddafe3.tar.bz2 |
Both files in this commit exhibit the wrong way to use temporary files.
For TEHistory.cpp, it uses tmpfile() which produces a file which has a
name that can be guessed.
For vmemo.cpp, it uses tmpname() which only creates a predictable string.
Both uses have been switched to using mkstemp() wrapped around umask(). This
produces a much less predictable file that also has guaranteed restrictive
permissions.
I went a little farther in vmemo because it calls out to the shell using
system to 'mv' the new file. That is kinda wasteful so I switched it to use
rename instead.
-rw-r--r-- | core/applets/vmemo/vmemo.cpp | 73 | ||||
-rw-r--r-- | noncore/apps/opie-console/TEHistory.cpp | 27 |
2 files changed, 72 insertions, 28 deletions
diff --git a/core/applets/vmemo/vmemo.cpp b/core/applets/vmemo/vmemo.cpp index 8ba1eb7..1a8f154 100644 --- a/core/applets/vmemo/vmemo.cpp +++ b/core/applets/vmemo/vmemo.cpp | |||
@@ -324,52 +324,75 @@ bool VMemo::startRecording() { | |||
324 | 324 | ||
325 | useAlerts = config.readBoolEntry("Alert",1); | 325 | useAlerts = config.readBoolEntry("Alert",1); |
326 | if(useAlerts) { | 326 | if(useAlerts) { |
327 | msgLabel = new QLabel( 0, "alertLabel" ); | 327 | msgLabel = new QLabel( 0, "alertLabel" ); |
328 | msgLabel->setText( tr("<B><P><font size=+2>VMemo-Recording</font></B><p>%1</p>").arg("vm_"+ date)); | 328 | msgLabel->setText( tr("<B><P><font size=+2>VMemo-Recording</font></B><p>%1</p>").arg("vm_"+ date)); |
329 | msgLabel->show(); | 329 | msgLabel->show(); |
330 | } | 330 | } |
331 | 331 | ||
332 | // open tmp file here | 332 | // open tmp file here |
333 | char *pointer; | 333 | char *tmpFilePath = 0; |
334 | pointer=tmpnam(NULL); | 334 | char *tmpDir = getenv("TMPDIR"); |
335 | odebug << "Opening tmp file " << pointer << "" << oendl; | 335 | if (tmpDir && *tmpDir != '\0') { |
336 | tmpFilePath = new char[strlen(tmpDir) + strlen("/vmemo-wav-XXXXXX") + 1]; | ||
337 | strcpy(tmpFilePath, tmpDir); | ||
338 | free(tmpDir); | ||
339 | } else { | ||
340 | tmpFilePath = new char[strlen("/tmp/vmemo-wav-XXXXXX") + 1]; | ||
341 | strcpy(tmpFilePath, "/tmp"); | ||
342 | } | ||
343 | strcat(tmpFilePath, "/vmemo-wav-XXXXXX"); | ||
344 | mode_t currUmask = umask(S_IRWXO | S_IRWXG); | ||
345 | int tmpFd = mkstemp(tmpFilePath); | ||
346 | umask(currUmask); | ||
347 | if (tmpFd == -1) { | ||
348 | owarn << "Could not open temp file with template " << tmpFilePath | ||
349 | << oendl; | ||
350 | delete [] tmpFilePath; | ||
351 | return false; | ||
352 | } else | ||
353 | odebug << "Opened temp file " << tmpFilePath << "" << oendl; | ||
354 | |||
355 | close(tmpFd); | ||
336 | 356 | ||
337 | if(openWAV(pointer ) == -1) { | 357 | if(openWAV(tmpFilePath ) == -1) { |
338 | 358 | ||
339 | QString err("Could not open the temp file\n"); | 359 | QString err("Could not open the temp file\n"); |
340 | err += fileName; | 360 | err += fileName; |
341 | QMessageBox::critical(0, "vmemo", err, "Abort"); | 361 | QMessageBox::critical(0, "vmemo", err, "Abort"); |
342 | ::close(dsp); | 362 | ::close(dsp); |
343 | return false; | 363 | return false; |
344 | } | 364 | } |
345 | if( record() ) { | 365 | if( record() ) { |
346 | 366 | ||
347 | QString cmd; | 367 | if( fileName.find(".wav",0,true) == -1) |
348 | if( fileName.find(".wav",0,true) == -1) | 368 | fileName += ".wav"; |
349 | fileName += ".wav"; | ||
350 | 369 | ||
351 | cmd.sprintf("mv %s "+fileName, pointer); | 370 | int retVal = rename(tmpFilePath, fileName.local8Bit()); |
352 | // move tmp file to regular file here | 371 | if (retVal == -1) { |
353 | 372 | owarn << "Could not move " << tmpFilePath << " to " << fileName | |
354 | system(cmd.latin1()); | 373 | << oendl; |
355 | 374 | delete [] tmpFilePath; | |
356 | QArray<int> cats(1); | 375 | return false; |
357 | cats[0] = config.readNumEntry("Category", 0); | 376 | } |
358 | 377 | delete [] tmpFilePath; | |
359 | QString dlName("vm_"); | 378 | |
360 | dlName += date; | 379 | QArray<int> cats(1); |
361 | DocLnk l; | 380 | cats[0] = config.readNumEntry("Category", 0); |
362 | l.setFile(fileName); | 381 | |
363 | l.setName(dlName); | 382 | QString dlName("vm_"); |
364 | l.setType("audio/x-wav"); | 383 | dlName += date; |
365 | l.setCategories(cats); | 384 | DocLnk l; |
366 | l.writeLink(); | 385 | l.setFile(fileName); |
367 | return true; | 386 | l.setName(dlName); |
387 | l.setType("audio/x-wav"); | ||
388 | l.setCategories(cats); | ||
389 | l.writeLink(); | ||
390 | return true; | ||
368 | } else | 391 | } else |
369 | return false; | 392 | return false; |
370 | 393 | ||
371 | } | 394 | } |
372 | 395 | ||
373 | void VMemo::stopRecording() { | 396 | void VMemo::stopRecording() { |
374 | // show(); | 397 | // show(); |
375 | odebug << "Stopped recording" << oendl; | 398 | odebug << "Stopped recording" << oendl; |
diff --git a/noncore/apps/opie-console/TEHistory.cpp b/noncore/apps/opie-console/TEHistory.cpp index 317ce57..e2be42a 100644 --- a/noncore/apps/opie-console/TEHistory.cpp +++ b/noncore/apps/opie-console/TEHistory.cpp | |||
@@ -16,16 +16,17 @@ | |||
16 | /* */ | 16 | /* */ |
17 | /* -------------------------------------------------------------------------- */ | 17 | /* -------------------------------------------------------------------------- */ |
18 | 18 | ||
19 | #include "TEHistory.h" | 19 | #include "TEHistory.h" |
20 | #include <stdlib.h> | 20 | #include <stdlib.h> |
21 | #include <assert.h> | 21 | #include <assert.h> |
22 | #include <stdio.h> | 22 | #include <stdio.h> |
23 | #include <sys/types.h> | 23 | #include <sys/types.h> |
24 | #include <sys/stat.h> | ||
24 | #include <unistd.h> | 25 | #include <unistd.h> |
25 | #include <errno.h> | 26 | #include <errno.h> |
26 | 27 | ||
27 | #define HERE printf("%s(%d): here\n",__FILE__,__LINE__) | 28 | #define HERE printf("%s(%d): here\n",__FILE__,__LINE__) |
28 | 29 | ||
29 | /* | 30 | /* |
30 | An arbitrary long scroll. | 31 | An arbitrary long scroll. |
31 | 32 | ||
@@ -91,19 +92,39 @@ HistoryBuffer::~HistoryBuffer() | |||
91 | void HistoryBuffer::setScroll(bool on) | 92 | void HistoryBuffer::setScroll(bool on) |
92 | { | 93 | { |
93 | if (on == hasScroll()) return; | 94 | if (on == hasScroll()) return; |
94 | 95 | ||
95 | if (on) | 96 | if (on) |
96 | { | 97 | { |
97 | assert( ion < 0 ); | 98 | assert( ion < 0 ); |
98 | assert( length == 0); | 99 | assert( length == 0); |
99 | FILE* tmp = tmpfile(); if (!tmp) { perror("konsole: cannot open temp file.\n"); return; } | 100 | char* tmpDir = getenv("TMPDIR"); |
100 | ion = dup(fileno(tmp)); if (ion<0) perror("konsole: cannot dup temp file.\n"); | 101 | char* tmpFilePath = 0; |
101 | fclose(tmp); | 102 | if (tmpDir && *tmpDir != '\0') { |
103 | tmpFilePath = new char[strlen(tmpDir) + strlen("/opie-console-HistoryBuffer-XXXXXX") + 1]; | ||
104 | strcpy(tmpFilePath, tmpDir); | ||
105 | free(tmpDir); | ||
106 | } else { | ||
107 | tmpFilePath = new char[strlen("/tmp/opie-console-HistoryBuffer-XXXXXX") + 1]; | ||
108 | strcpy(tmpFilePath, "/tmp"); | ||
109 | } | ||
110 | strcat(tmpFilePath, "/opie-console-HistoryBuffer-XXXXXX"); | ||
111 | mode_t currUmask = umask(S_IRWXO | S_IRWXG); | ||
112 | int tmpfd = mkstemp(tmpFilePath); | ||
113 | delete [] tmpFilePath; | ||
114 | umask(currUmask); | ||
115 | if (tmpfd == -1) { | ||
116 | perror("konsole: cannot open temp file.\n"); | ||
117 | return; | ||
118 | } | ||
119 | ion = dup(tmpfd); | ||
120 | if (ion<0) | ||
121 | perror("konsole: cannot dup temp file.\n"); | ||
122 | close(tmpfd); | ||
102 | } | 123 | } |
103 | else | 124 | else |
104 | { | 125 | { |
105 | assert( ion >= 0 ); | 126 | assert( ion >= 0 ); |
106 | close(ion); | 127 | close(ion); |
107 | ion = -1; | 128 | ion = -1; |
108 | length = 0; | 129 | length = 0; |
109 | } | 130 | } |