[Freewx-maint] Bug#775461: python-wxgtk3.0: wx.tools.img2py: insecure use of /tmp
Jakub Wilk
jwilk at debian.org
Thu Jan 15 21:35:39 UTC 2015
Package: python-wxgtk3.0
Version: 3.0.1.1+dfsg-2
Tags: security
This is how wx.tools.img2py uses temporary files (with boring parts
snipped):
tfname = tempfile.mktemp()
try:
ok, msg = convert(image_file, maskClr, None, tfname, wx.BITMAP_TYPE_PNG, ".png")
# ...
finally:
# ...
This is insecure, because mktemp() returns just a filename, without
creating the file on disk. From the documentation: "Use of this function
may introduce a security hole in your program. By the time you get
around to doing anything with the file name it returns, someone else may
have beaten you to the punch."
Unfortunately, we have embedded copies of this code in the archive:
https://codesearch.debian.net/search?q=tempfile.mktemp+path%3Aimg2py.py
--
Jakub Wilk
More information about the Freewx-maint
mailing list