diff options
author | 2014-04-20 23:51:20 +0800 | |
---|---|---|
committer | 2014-04-27 12:26:21 +0800 | |
commit | c0989dce2d882c94eb3183e7b94402ba53534abb (patch) | |
tree | 65173abe5188984a86fda6e221e4d9128c0ee0de /builtin_set_color.cpp | |
parent | 8412c867a501e3a68e55fef6215e86d3ac9f617b (diff) |
use mktemp(1) to generate temporary file names
Fix for CVE-2014-2906.
Closes a race condition in funced which would allow execution of
arbitrary code; closes a race condition in psub which would allow
alternation of the data stream.
Note that `psub -f` does not work (#1040); a fix should be committed
separately for ease of maintenance.
Diffstat (limited to 'builtin_set_color.cpp')
0 files changed, 0 insertions, 0 deletions