Bug 56565 - xsane - mktemp complaints
Summary: xsane - mktemp complaints
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: xsane
Version: 7.2
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Tim Waugh
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-11-21 01:08 UTC by Michal Jaegermann
Modified: 2007-04-18 16:38 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2001-12-11 14:35:48 UTC
Embargoed:

Attachments (Terms of Use)

Description Michal Jaegermann 2001-11-21 01:08:33 UTC 
Description of Problem:

An xsane recompilation results, among other things, in the following
warning:

xsane-back-gtk.c:344: the use of `mktemp' is dangerous, better use
`mkstemp'

Yes, indeed!  BTW - wouldn't be nicer if xsane would use private
subdirectories in /tmp instead of dropping, and leaving, files
all over the place.
Comment 1 Tim Waugh 2001-11-21 17:16:54 UTC 
There are several places that are exploitable.  Analysing further.  Thanks for 
pointing it out.
Comment 2 Tim Waugh 2001-12-11 14:35:43 UTC 
It seems Oliver has gone ahead and released 0.82 before we'd agreed on a fix 
to this. :-/
Comment 3 Tim Waugh 2002-01-08 15:41:44 UTC 
Fixed by RHSA-2001:171,172.
Note You need to log in before you can comment on or make changes to this bug.