tags 612033 +patch
thanks
What do you guys think of this patch?
I chose not to use mkstemp, because there is no requirement that
mkstemp return a file descriptor that is secure, random, or
unpredictable. mkstemp is only required to provide a filename that is
unique.
-Brandon
--- eve.c 2010-03-25 13:27:32.000000000 -0700
+++ eve.c.new 2011-02-05 21:17:59.334912247 -0800
@@ -40,6 +40,8 @@
#include <curl/types.h>
#include <curl/easy.h>
+#include <glib.h>
+
#include <time.h>
#define MAXCHARS 4
@@ -334,10 +336,35 @@
return skill;
}
+static char * make_base64_file_str()
+{
+ FILE * random = fopen("/dev/random", "r");
+ guchar * data = malloc(20 * sizeof(guchar));
+ fread(data, 1, 8, random);
+ fclose(random);
+ gchar * base64_str = g_base64_encode(data, 8);
+ free(data);
+
+ char * pch;
+ while ((pch = strchr((const char *) base64_str, '/')) != NULL)
+ *pch = '_';
+
+ return base64_str;
+}
+
+char * get_random_tmp_filename()
+{
+ char * filename = malloc(200 * sizeof(char));
+ char * random_str = make_base64_file_str();
+ sprintf(filename, "/tmp/conky-%s", random_str);
+ g_free(random_str);
+ return filename;
+}
+
static char *eve(char *userid, char *apikey, char *charid)
{
Character *chr = NULL;
- const char *skillfile = "/tmp/.cesf";
+ char *skillfile;
int i = 0;
char *output = 0;
char *timel = 0;
@@ -397,7 +424,9 @@
output = (char *)malloc(200 * sizeof(char));
timel = formatTime(&chr->ends);
+ skillfile = get_random_tmp_filename();
skill = getSkillname(skillfile, chr->skill);
+ free(skillfile);
chr->skillname = strdup(skill);
