This is an automated email from the ASF dual-hosted git repository. nightowl888 pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/lucenenet.git
commit 4166765d327c03aa19aa080409f4900305b66321 Author: Shad Storhaug <[email protected]> AuthorDate: Tue Nov 1 00:50:11 2022 +0700 Lucene.Net.Support.IO.FileSupport::GetFileIOExceptionHResult(): Avoid Path.GetTempFileName() because it is not secure. https://rules.sonarsource.com/csharp/RSPEC-5445 --- src/Lucene.Net/Support/IO/FileSupport.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Lucene.Net/Support/IO/FileSupport.cs b/src/Lucene.Net/Support/IO/FileSupport.cs index 90294dbe1..4832179b9 100644 --- a/src/Lucene.Net/Support/IO/FileSupport.cs +++ b/src/Lucene.Net/Support/IO/FileSupport.cs @@ -60,7 +60,7 @@ namespace Lucene.Net.Support.IO try { // This could throw, but we don't care about this HResult value. - fileName = Path.GetTempFileName(); + fileName = Path.Combine(Path.GetTempPath(), Path.GetRandomFileName()); // LUCENENET NOTE: Path.GetTempFileName() is considered insecure because the filename can be guessed https://rules.sonarsource.com/csharp/RSPEC-5445 } catch {
