Ed Kasky wrote: > At 06:07 AM Monday, 12/31/2007, you wrote -=> > >> Chris wrote: >> >>> Saw this link at SANS today, anything to it? >>> >>> http://seclists.org/fulldisclosure/2007/Dec/0625.html >>> >>> Or is this a rehash of something already known about >>> >> I'm attaching a patch for it, so you can patch and rebuild your version. >> >> >> --- libclamav/others.c (revision 3475) >> +++ libclamav/others.c (working copy) >> @@ -492,7 +492,7 @@ >> if(!*name) >> return CL_EMEM; >> >> - *fd = open(*name, O_RDWR|O_CREAT|O_TRUNC|O_BINARY, S_IRWXU); >> + *fd = open(*name, O_RDWR|O_CREAT|O_TRUNC|O_BINARY|O_EXCL, S_IRWXU); >> if(*fd == -1) { >> cli_errmsg("cli_gentempfd: Can't create temporary file %s: >> %s\n", *name, strerror(errno)); >> free(*name); >> > > FYI - > > When applying this patch, I get the following: > > "patch: **** malformed patch at line 4: if(!*name)" > > Ed >
I don't have problems here. Which version are you using? Note you can just manually add | O_EXCL The patch was just for convenience. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
