Bug#606559: boxbackup-server: Handling of "get" command broken due to bug in temp file name creation.

Thu, 09 Dec 2010 20:09:21 -0800 


Subject: boxbackup-server: Handling of "get" command broken due to bug in temp 
file name creation.
Package: boxbackup-server
Version: 0.11~rc2-6
Severity: important

*** Please type your report below this line ***

The server has a bug in how it constructs the name of a temporary file used
when restoring old/non-current versions of files.  (Whether or not the bug
manifests itself depends on whether or not the server has write privileges
in the directory where the file ends up.)

Appended is a patch to fix the problem, which was introduced into the
upstream source around 4 years ago (although at that point it only
affected the build for windows).

-mm
================================
--- boxbackup-0.11~rc2/bin/bbstored/BackupCommands.cpp  2008-01-28 
19:58:25.000000000 -0500
+++ boxbackup-0.11~rc2-fixed/bin/bbstored/BackupCommands.cpp    2010-12-09 
18:15:04.000000000 -0500
@@ -402,11 +402,10 @@
                        std::auto_ptr<IOStream> 
diff2(rContext.OpenObject(patchID));

                        // Choose a temporary filename for the result of the 
combination
-                       std::ostringstream fs(rContext.GetStoreRoot());
-                       fs << ".recombinetemp.";
-                       fs << p;
-                       std::string tempFn(fs.str());
-                       tempFn = 
RaidFileController::DiscSetPathToFileSystemPath(rContext.GetStoreDiscSet(), 
tempFn, p + 16);
+                       std::ostringstream fs;
+                       fs << rContext.GetStoreRoot() << ".recombinetemp." << p;
+                       std::string tempFn = 
RaidFileController::DiscSetPathToFileSystemPath(rContext.GetStoreDiscSet(),
+                                                                               
             fs.str(), p + 16);

                        // Open the temporary file
                        std::auto_ptr<IOStream> combined;
================================

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages boxbackup-server depends on:
ii  adduser                 3.112            add and remove users and groups
ii  debconf [debconf-2.0]   1.5.33           Debian configuration management sy
ii  gawk                    1:3.1.7.dfsg-5   GNU awk, a pattern scanning and pr
ii  libc6                   2.11.2-2         Embedded GNU C Library: Shared lib
ii  libgcc1                 1:4.4.5-8        GCC support library
ii  libssl0.9.8             0.9.8o-3         SSL shared libraries
ii  libstdc++6              4.4.5-8          The GNU Standard C++ Library v3
ii  openssl                 0.9.8o-1         Secure Socket Layer (SSL) binary a
ii  perl                    5.10.1-14        Larry Wall's Practical Extraction
ii  ucf                     3.0025           Update Configuration File: preserv
ii  zlib1g                  1:1.2.3.4.dfsg-3 compression library - runtime

boxbackup-server recommends no packages.

boxbackup-server suggests no packages.

-- debconf information excluded



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to