Bug 56565 - xsane - mktemp complaints
xsane - mktemp complaints
Product: Red Hat Linux
Classification: Retired
Component: xsane (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Tim Waugh
David Lawrence
Depends On:
  Show dependency treegraph
Reported: 2001-11-20 20:08 EST by Michal Jaegermann
Modified: 2007-04-18 12:38 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-12-11 09:35:48 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Michal Jaegermann 2001-11-20 20:08:33 EST
Description of Problem:

An xsane recompilation results, among other things, in the following

xsane-back-gtk.c:344: the use of `mktemp' is dangerous, better use

Yes, indeed!  BTW - wouldn't be nicer if xsane would use private
subdirectories in /tmp instead of dropping, and leaving, files
all over the place.
Comment 1 Tim Waugh 2001-11-21 12:16:54 EST
There are several places that are exploitable.  Analysing further.  Thanks for 
pointing it out.
Comment 2 Tim Waugh 2001-12-11 09:35:43 EST
It seems Oliver has gone ahead and released 0.82 before we'd agreed on a fix 
to this. :-/
Comment 3 Tim Waugh 2002-01-08 10:41:44 EST
Fixed by RHSA-2001:171,172.

Note You need to log in before you can comment on or make changes to this bug.