File CVE-2014-3421.patch of Package emacs.3898

Based on revno: 117066
revision-id: address@hidden
parent: address@hidden
fixes bug: http://bugs.debian.org/747100
committer: Glenn Morris <address@hidden>
branch nick: emacs-24
timestamp: Mon 2014-05-05 20:50:51 -0700
message:
  * gnus-fun.el (gnus-grab-cam-face): Do not use predictable temp-file name.
modified:
  lisp/gnus/ChangeLog            changelog-20091113204419-o5vbwnq5f7feedwu-1433
  lisp/gnus/gnus-fun.el          gnusfun.el-20091113204419-o5vbwnq5f7feedwu-3243

--- lisp/gnus/gnus-fun.el
+++ lisp/gnus/gnus-fun.el	2014-05-08 11:52:32.362735285 +0000
@@ -250,20 +250,21 @@ colors of the displayed X-Faces."
   (interactive)
   (shell-command "xawtv-remote snap ppm")
   (let ((file nil)
+       (tempfile (make-temp-file "gnus-face-" nil ".ppm"))
 	result)
     (while (null (setq file (directory-files "/tftpboot/sparky/tmp"
 					     t "snap.*ppm")))
       (sleep-for 1))
     (setq file (car file))
     (shell-command
-     (format "pnmcut -left 110 -top 30 -width 144 -height 144 '%s' | pnmscale -width 48 -height 48 | ppmtopgm > /tmp/gnus.face.ppm"
-	     file))
+     (format "pnmcut -left 110 -top 30 -width 144 -height 144 '%s' | pnmscale -width 48 -height 48 | ppmtopgm >> %s"
+            file tempfile))
     (let ((gnus-convert-image-to-face-command
 	   (format "cat '%%s' | ppmquant %%d | ppmchange %s | pnmtopng"
 		   (gnus-fun-ppm-change-string))))
-      (setq result (gnus-face-from-file "/tmp/gnus.face.ppm")))
+      (setq result (gnus-face-from-file tempfile)))
     (delete-file file)
-    ;;(delete-file "/tmp/gnus.face.ppm")
+    ;;(delete-file tempfile)    ; FIXME why are we not deleting it?!
     result))
 
 (defun gnus-fun-ppm-change-string ()
openSUSE Build Service is sponsored by