current/SOURCES/hplip-CVE-2011-2722.patch

diff -up hplip-3.11.7/prnt/hpijs/hpcupsfax.cpp.CVE-2011-2722 hplip-3.11.7/prnt/hpijs/hpcupsfax.cpp
--- hplip-3.11.7/prnt/hpijs/hpcupsfax.cpp.CVE-2011-2722 2011-07-29 10:21:37.404874641 +0100
+++ hplip-3.11.7/prnt/hpijs/hpcupsfax.cpp       2011-07-29 10:28:10.071298117 +0100
@@ -625,8 +625,15 @@ int send_data_to_stdout(int fromFD)
     fp = NULL;
     if (iLogLevel & SAVE_PCL_FILE)
     {
-        fp = fopen ("/tmp/hpcupsfax.out", "w");
-        system ("chmod 666 /tmp/hpcupsfax.out");
+       int fd;
+
+       unlink ("/tmp/hpcupsfax.out");
+       fd = open ("/tmp/hpcupsfax.out", O_WRONLY | O_CREAT | O_EXCL,
+                  S_IRUSR | S_IWUSR | S_IRGRP);
+       if (fd != -1)
+       {
+           fp = fdopen (fd, "w");
+       }
     }
     
     while ((len = read (fromFD, pTmp, iSize)) > 0)
1	diff -up hplip-3.11.7/prnt/hpijs/hpcupsfax.cpp.CVE-2011-2722 hplip-3.11.7/prnt/hpijs/hpcupsfax.cpp
2	--- hplip-3.11.7/prnt/hpijs/hpcupsfax.cpp.CVE-2011-2722 2011-07-29 10:21:37.404874641 +0100
3	+++ hplip-3.11.7/prnt/hpijs/hpcupsfax.cpp 2011-07-29 10:28:10.071298117 +0100
4	@@ -625,8 +625,15 @@ int send_data_to_stdout(int fromFD)
5	fp = NULL;
6	if (iLogLevel & SAVE_PCL_FILE)
7	{
8	- fp = fopen ("/tmp/hpcupsfax.out", "w");
9	- system ("chmod 666 /tmp/hpcupsfax.out");
10	+ int fd;
11	+
12	+ unlink ("/tmp/hpcupsfax.out");
13	+ fd = open ("/tmp/hpcupsfax.out", O_WRONLY \| O_CREAT \| O_EXCL,
14	+ S_IRUSR \| S_IWUSR \| S_IRGRP);
15	+ if (fd != -1)
16	+ {
17	+ fp = fdopen (fd, "w");
18	+ }
19	}
20
21	while ((len = read (fromFD, pTmp, iSize)) > 0)