Subject: boxbackup-server: Handling of "get" command broken due to bug in temp file name creation. Package: boxbackup-server Version: 0.11~rc2-6 Severity: important
*** Please type your report below this line *** The server has a bug in how it constructs the name of a temporary file used when restoring old/non-current versions of files. (Whether or not the bug manifests itself depends on whether or not the server has write privileges in the directory where the file ends up.) Appended is a patch to fix the problem, which was introduced into the upstream source around 4 years ago (although at that point it only affected the build for windows). -mm ================================ --- boxbackup-0.11~rc2/bin/bbstored/BackupCommands.cpp 2008-01-28 19:58:25.000000000 -0500 +++ boxbackup-0.11~rc2-fixed/bin/bbstored/BackupCommands.cpp 2010-12-09 18:15:04.000000000 -0500 @@ -402,11 +402,10 @@ std::auto_ptr<IOStream> diff2(rContext.OpenObject(patchID)); // Choose a temporary filename for the result of the combination - std::ostringstream fs(rContext.GetStoreRoot()); - fs << ".recombinetemp."; - fs << p; - std::string tempFn(fs.str()); - tempFn = RaidFileController::DiscSetPathToFileSystemPath(rContext.GetStoreDiscSet(), tempFn, p + 16); + std::ostringstream fs; + fs << rContext.GetStoreRoot() << ".recombinetemp." << p; + std::string tempFn = RaidFileController::DiscSetPathToFileSystemPath(rContext.GetStoreDiscSet(), + fs.str(), p + 16); // Open the temporary file std::auto_ptr<IOStream> combined; ================================ -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages boxbackup-server depends on: ii adduser 3.112 add and remove users and groups ii debconf [debconf-2.0] 1.5.33 Debian configuration management sy ii gawk 1:3.1.7.dfsg-5 GNU awk, a pattern scanning and pr ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib ii libgcc1 1:4.4.5-8 GCC support library ii libssl0.9.8 0.9.8o-3 SSL shared libraries ii libstdc++6 4.4.5-8 The GNU Standard C++ Library v3 ii openssl 0.9.8o-1 Secure Socket Layer (SSL) binary a ii perl 5.10.1-14 Larry Wall's Practical Extraction ii ucf 3.0025 Update Configuration File: preserv ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime boxbackup-server recommends no packages. boxbackup-server suggests no packages. -- debconf information excluded -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org