I found a problem in the error handling of a file open. When the
CreateAttFile method of the Sanitizer.pm module opens a file using
IO::File->new() -- there is no checking if the call actually succeeded.
How do I know this? Cause I'm a silly bugger who had his /tmp directory
accidentally set to mode 755 instead of 1777.
Anyway. I'm not gonna make a big post about a small bug in an otherwise
neat piece of software. I'm not much of a perl programmer, and didn't
much get into looking at the code's convention of error handling. What
I did do is conjure up this patch:
diff -urN anomy/bin/Anomy/Sanitizer.pm anomy-henry/bin/Anomy/Sanitizer.pm
--- anomy/bin/Anomy/Sanitizer.pm 2003-05-09 16:59:51.000000000 +0000
+++ anomy-henry/bin/Anomy/Sanitizer.pm 2003-05-22 02:47:28.000000000 +0000
@@ -1037,6 +1037,10 @@
while (($cnt++ < 5) &&
(!defined ($fh = IO::File->new($$fn, O_CREAT|O_EXCL|O_RDWR))));
+ if (!defined $fh)
+ die "Can't open temporary file!";
Keep up the good work, guys.
-- Henrý Þór Baldursson <firstname.lastname@example.org> FRISK Software International
Attachments: + http://mailtools.anomy.net/archives/anomy-list//a7/83/ecc3a8a/01.signature.asc