[Freewx-maint] Bug#775461: python-wxgtk3.0: wx.tools.img2py: insecure use of /tmp
Olly Betts
olly at survex.com
Tue Jan 20 21:48:57 UTC 2015
On Thu, Jan 15, 2015 at 10:35:39PM +0100, Jakub Wilk wrote:
> This is how wx.tools.img2py uses temporary files (with boring parts
> snipped):
>
> tfname = tempfile.mktemp()
> try:
> ok, msg = convert(image_file, maskClr, None, tfname, wx.BITMAP_TYPE_PNG, ".png")
> # ...
> finally:
> # ...
I've come up with a patch (attached), but I'm not really a Python
programmer, so I'd appreciate a review to make sure I'm not doing
something dumb.
Cheers,
Olly
-------------- next part --------------
A non-text attachment was scrubbed...
Name: wxpython3-eliminate-mktemp.patch
Type: text/x-diff
Size: 5331 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/freewx-maint/attachments/20150121/f5bd667c/attachment.patch>
More information about the Freewx-maint
mailing list