[vlc-devel] [PATCH v2 0/13] mkstemp [WIP - some help needed]
jnqnfe at gmail.com
Tue Oct 6 22:27:19 CEST 2020
On Tue, 2020-10-06 at 17:01 +0200, Alexandre Janniaux wrote:
> On Tue, Oct 06, 2020 at 06:55:29AM +0100, Lyndon Brown wrote:
> > This patch series addresses the mistaken previous submission of
> > incomplete work solving the security warnings around use of
> > tempnam(),
> > and furthermore the temp path issues with existing use of
> > mkstemp().
> > - Adds helper for getting the correct platform-specific temp
> > directory.
> > - Puts it to use with existing use of vlc_mkstemp().
> > - Adds a further helper to de-duplicate and simplify code.
> > - Puts that to use.
> > - Converts use of insecure tempnam() function to use these
> > helpers.
> > [Help needed]: It's currently marked WIP because:
> > - The config_GetTempPath() function in the first commit needs
> > filling
> > in for win-uap. It would be helpful if someone already familiar
> > with
> > the code for that platform could do this.
> > - I've tested compiling on Linux, but needs testing on other
> > platforms
> > (can others please help with that (or help me setup CI)).
> > - Possibly needs some runtime testing of the code paths making use
> > of
> > the new helpers before it'll be accepted, so need to figure out
> > suitable tests to provoke their use, or construct a suitable
> > artificial
> > use.
> > patches attached (including zip), previews to follow, tree:
> > https://code.videolan.org/jnqnfe/vlc/-/tree/mkstemp
> For CI, you can just fork the code.videolan.org/videolan/vlc repo.
> If you cannot fork, you probably want to ask on #videolan on IRC.
I imported from the github repo I'd been using for ages. The CI/CD page
is just a 'getting started' one. I'd obviously like to just duplicate
the official set.
I seem to recall there being a gitlab config file in the repo which for
some reason had not gotten processed as part of the import. I figured
that there was a way to get that fixed rather than try to delete the
repo and recreate via the fork option to see if that worked.
If deleting and re-forking works and is the simplest solution though,
I'll give that a try in a bit. It would be great if it sorts it out.
> Alexandre Janniaux
> vlc-devel mailing list
> To unsubscribe or modify your subscription options:
More information about the vlc-devel