OCAL fixes

2008-02-14 15:05:40 +00:00 · 2008-02-14 15:05:40 +00:00 · f9a699108c
commit f9a699108c
parent 1c67317ce0
3 changed files with 269 additions and 1 deletions
--- a/inkscape-0.46pre1-ocal1.patch
+++ b/inkscape-0.46pre1-ocal1.patch
@ -0,0 +1,139 @@
 This solves the insecure temporary file usage for clip art thumbnails,
 however in a totally crappy way -- leaves stale files in /tmp.
 Not much worse than original though, as it was also leaving the files in place.
 Lubomir Kundrak <lkundrak@redhat.com>
 diff -urp inkscape-0.45.1+0.46pre1.orig/src/ui/dialog/ocaldialogs.cpp inkscape-0.45.1+0.46pre1/src/ui/dialog/ocaldialogs.cpp
 --- inkscape-0.45.1+0.46pre1.orig/src/ui/dialog/ocaldialogs.cpp	2008-01-15 00:24:56.000000000 +0100
 +++ inkscape-0.45.1+0.46pre1/src/ui/dialog/ocaldialogs.cpp	2008-02-14 15:53:00.000000000 +0100
@@ -14,6 +14,8 @@
 # include <config.h>
 #endif
 +#include <stdlib.h>
 +
 #include "ocaldialogs.h"
 #include "filedialogimpl-gtkmm.h"
 #include "interface.h"
@@ -260,23 +262,35 @@ FileExportToOCALPasswordDialog::change_t
 void FileListViewText::on_cursor_changed()
 {
     // create file path
 -    myFilename = Glib::get_tmp_dir();
 -    myFilename.append(G_DIR_SEPARATOR_S);
     std::vector<Gtk::TreeModel::Path> pathlist;
     pathlist = this->get_selection()->get_selected_rows();
     std::vector<int> posArray(1);
     posArray = pathlist[0].get_indices();
 -    myFilename.append(get_text(posArray[0], 2));
 #ifdef WITH_GNOME_VFS
     gnome_vfs_init();
     GnomeVFSHandle    *from_handle = NULL;
 -    GnomeVFSHandle    *to_handle = NULL;
 +    int               to_fd = 0;
     GnomeVFSFileSize  bytes_read;
 -    GnomeVFSFileSize  bytes_written;
 +    size_t            bytes_written;
     GnomeVFSResult    result;
     guint8 buffer[8192];
 +    // create the temp file
 +    myFilename = Glib::get_tmp_dir();
 +    myFilename.append(G_DIR_SEPARATOR_S);
 +    myFilename.append("XXXXXX");
 +
 +    char tmpfn[strlen (myFilename.c_str ())+1];
 +    strcpy (tmpfn, myFilename.c_str ());
 +    to_fd = mkstemp (tmpfn);
 +    myFilename = tmpfn;
 +
 +    if (to_fd == -1) {
 +        sp_ui_error_dialog(_("Could not create temp file name with unique name."));
 +        return;
 +    }
 +
     //get file url
     Glib::ustring fileUrl = get_text(posArray[0], 1); //http url
@@ -290,51 +304,42 @@ void FileListViewText::on_cursor_changed
     if (!Glib::get_charset()) //If we are not utf8
         fileUrl = Glib::filename_to_utf8(fileUrl);
 -    // verifies if the file wasn't previously downloaded
 -    if(gnome_vfs_open(&to_handle, myFilename.c_str(), GNOME_VFS_OPEN_READ) == GNOME_VFS_ERROR_NOT_FOUND)
 -    {
 -        // open the temp file to receive
 -        result = gnome_vfs_open (&to_handle, myFilename.c_str(), GNOME_VFS_OPEN_WRITE);
 -        if (result == GNOME_VFS_ERROR_NOT_FOUND){
 -            result = gnome_vfs_create (&to_handle, myFilename.c_str(), GNOME_VFS_OPEN_WRITE, FALSE, GNOME_VFS_PERM_USER_ALL);
 +    result = gnome_vfs_open (&from_handle, fileUrl.c_str(), GNOME_VFS_OPEN_READ);
 +    if (result != GNOME_VFS_OK) {
 +        sp_ui_error_dialog(_("Could not find the file in Open Clip Art Library."));
 +        g_warning("%s", gnome_vfs_result_to_string(result));
 +        return;
 +    }
 +
 +    // copy the file
 +    while (1) {
 +
 +        result = gnome_vfs_read (from_handle, buffer, 8192, &bytes_read);
 +
 +        if ((result == GNOME_VFS_ERROR_EOF) &&(!bytes_read)){
 +            result = gnome_vfs_close (from_handle);
 +            break;
         }
 +
         if (result != GNOME_VFS_OK) {
 -            g_warning("Error creating temp file: %s", gnome_vfs_result_to_string(result));
 +            sp_ui_error_dialog(_("Error while downloading the file."));
 +            g_warning("%s", gnome_vfs_result_to_string(result));
             return;
         }
 -        result = gnome_vfs_open (&from_handle, fileUrl.c_str(), GNOME_VFS_OPEN_READ);
 -        if (result != GNOME_VFS_OK) {
 -            g_warning("Could not find the file in Open Clip Art Library.");
 +
 +        bytes_written = write (to_fd, buffer, (size_t)bytes_read);
 +
 +        if ((size_t)bytes_read != bytes_written){
 +            sp_ui_error_dialog(_("Error while downloading the file."));
 +            g_warning("Bytes read not equal to bytes written");
             return;
         }
 -        // copy the file
 -        while (1) {
 -            result = gnome_vfs_read (from_handle, buffer, 8192, &bytes_read);
 -            if ((result == GNOME_VFS_ERROR_EOF) &&(!bytes_read)){
 -                result = gnome_vfs_close (from_handle);
 -                result = gnome_vfs_close (to_handle);
 -                break;
 -            }
 -            if (result != GNOME_VFS_OK) {
 -                g_warning("%s", gnome_vfs_result_to_string(result));
 -                return;
 -            }
 -            result = gnome_vfs_write (to_handle, buffer, bytes_read, &bytes_written);
 -            if (result != GNOME_VFS_OK) {
 -                g_warning("%s", gnome_vfs_result_to_string(result));
 -                return;
 -            }
 -            if (bytes_read != bytes_written){
 -                g_warning("Bytes read not equal to bytes written");
 -                return;
 -            }
 -        }
 -    }
 -    else
 -    {
 -        gnome_vfs_close(to_handle);
 +
     }
 +
 +    close (to_fd);
     myPreview->showImage(myFilename);
 +    //unlink (myFilename.c_str ());
     myLabel->set_text(get_text(posArray[0], 4));
 #endif
 }
--- a/inkscape-0.46pre1-ocal2.patch
+++ b/inkscape-0.46pre1-ocal2.patch
@ -0,0 +1,120 @@
 Avoid use of temporary file for OCAL RSS feed as a fix for insecure temporary file usage.
 Add XML_PARSE_RECOVER, so that we don't fail in case of stupid errors in feed, such as
 undefined XML entities.
 Lubomir Kundrak <lkundrak@redhat.com>
 diff -urp inkscape-0.45.1+0.46pre1.orig/src/ui/dialog/ocaldialogs.cpp inkscape-0.45.1+0.46pre1/src/ui/dialog/ocaldialogs.cpp
 --- inkscape-0.45.1+0.46pre1.orig/src/ui/dialog/ocaldialogs.cpp	2008-01-15 00:24:56.000000000 +0100
 +++ inkscape-0.45.1+0.46pre1/src/ui/dialog/ocaldialogs.cpp	2008-02-14 15:54:22.000000000 +0100
@@ -359,6 +359,27 @@ Glib::ustring FileListViewText::getFilen
 }
 /**
 + * Read callback for xmlReadIO(), used below
 + */
 +static int vfs_read_callback (GnomeVFSHandle *handle, char* buf, int nb)
 +{
 +    GnomeVFSFileSize ndone;
 +    GnomeVFSResult    result;
 +
 +    result = gnome_vfs_read (handle, buf, nb, &ndone);
 +
 +    if (result == GNOME_VFS_OK) {
 +        return (int)ndone;
 +    } else {
 +        if (result != GNOME_VFS_ERROR_EOF) {
 +            sp_ui_error_dialog(_("Error while reading the Open Clip Art RSS feed"));
 +            g_warning("%s\n", gnome_vfs_result_to_string(result));
 +        }
 +        return -1;
 +    }
 +}
 +
 +/**
  * Callback for user input into searchTagEntry
  */
 void FileImportFromOCALDialog::searchTagEntryChangedCallback()
@@ -380,74 +401,30 @@ void FileImportFromOCALDialog::searchTag
 #ifdef WITH_GNOME_VFS
 -    // get the rss feed
 +    // open the rss feed
     gnome_vfs_init();
     GnomeVFSHandle    *from_handle = NULL;
 -    GnomeVFSHandle    *to_handle = NULL;
 -    GnomeVFSFileSize  bytes_read;
 -    GnomeVFSFileSize  bytes_written;
     GnomeVFSResult    result;
 -    guint8 buffer[8192];
 -
 -    // create the temp file name
 -    Glib::ustring fileName = Glib::get_tmp_dir ();
 -    fileName.append(G_DIR_SEPARATOR_S);
 -    fileName.append("ocalfeed.xml");
 -
 -    // open the temp file to receive
 -    result = gnome_vfs_open (&to_handle, fileName.c_str(), GNOME_VFS_OPEN_WRITE);
 -    if (result == GNOME_VFS_ERROR_NOT_FOUND){
 -        result = gnome_vfs_create (&to_handle, fileName.c_str(), GNOME_VFS_OPEN_WRITE, FALSE, GNOME_VFS_PERM_USER_ALL);
 -    }
 -    if (result != GNOME_VFS_OK) {
 -        g_warning("Error creating temp file: %s", gnome_vfs_result_to_string(result));
 -        return;
 -    }
 -    // open the rss feed
     result = gnome_vfs_open (&from_handle, uri.c_str(), GNOME_VFS_OPEN_READ);
     if (result != GNOME_VFS_OK) {
         sp_ui_error_dialog(_("Failed to receive the Open Clip Art Library RSS feed. Verify if the server name is correct in Configuration->Misc (e.g.: openclipart.org)"));
         return;
     }
 -    // copy the file
 -    while (1) {
 -
 -        result = gnome_vfs_read (from_handle, buffer, 8192, &bytes_read);
 -
 -        if ((result == GNOME_VFS_ERROR_EOF) &&(!bytes_read)){
 -            result = gnome_vfs_close (from_handle);
 -            result = gnome_vfs_close (to_handle);
 -            break;
 -        }
 -
 -        if (result != GNOME_VFS_OK) {
 -            g_warning("%s", gnome_vfs_result_to_string(result));
 -            return;
 -        }
 -        result = gnome_vfs_write (to_handle, buffer, bytes_read, &bytes_written);
 -        if (result != GNOME_VFS_OK) {
 -            g_warning("%s", gnome_vfs_result_to_string(result));
 -            return;
 -        }
 -
 -        if (bytes_read != bytes_written){
 -            g_warning("Bytes read not equal to bytes written");
 -            return;
 -        }
 -
 -    }
 -
     // create the resulting xml document tree
     // this initialize the library and test mistakes between compiled and shared library used
     LIBXML_TEST_VERSION 
     xmlDoc *doc = NULL;
     xmlNode *root_element = NULL;
 -    doc = xmlReadFile(fileName.c_str(), NULL, 0);
 +
 +    doc = xmlReadIO ((xmlInputReadCallback) vfs_read_callback,
 +        (xmlInputCloseCallback) gnome_vfs_close, from_handle, uri.c_str(), NULL,
 +        XML_PARSE_RECOVER);
     if (doc == NULL) {
 -        g_warning("Failed to parse %s\n", fileName.c_str());
 -    return;
 +        sp_ui_error_dialog(_("Server supplied malformed Clip Art feed"));
 +        g_warning("Failed to parse %s\n", uri.c_str());
 +        return;
     }
     // get the root element node
--- a/inkscape.spec
+++ b/inkscape.spec
@ -1,6 +1,6 @@
 Name:           inkscape
 Version:        0.45.1+0.46pre1
-Release:        3%{?dist}
+Release:        4%{?dist}
 Summary:        Vector-based drawing program using SVG
 Group:          Applications/Productivity
@ -11,6 +11,9 @@ Patch0:         inkscape-16571-cxxinclude.patch
 Patch1:         inkscape-0.45.1-desktop.patch
 Patch2:         inkscape-0.46pre1-gcc43.patch
 Patch3:         inkscape-0.46pre1-vectors.patch
 Patch4:         inkscape-0.46pre1-ocal1.patch
 Patch5:         inkscape-0.46pre1-ocal2.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:  atk-devel
@ -66,6 +69,8 @@ C and C++, using the Gtk+ toolkit and optionally some Gnome libraries.
 %patch1 -p1 -b .desktop
 %patch2 -p1 -b .gcc43
 %patch3 -p1 -b .vectors
 %patch4 -p1 -b .ocal1
 %patch5 -p1 -b .ocal2
 find -type f -regex '.*\.\(cpp\|h\)' -perm +111 -exec chmod -x {} ';'
 find share/extensions/ -type f -regex '.*\.py' -perm +111 -exec chmod -x {} ';'
 dos2unix share/extensions/*.py
@ -125,6 +130,10 @@ update-desktop-database %{_datadir}/applications > /dev/null 2>&1 || :
 %changelog
 * Thu Feb 14 2008 Lubomir Kundrak <lkundrak@redhat.com> - 0.45.1+0.46pre1-4
 - Tolerate recoverable errors in OCAL feeds
 - Fix OCAL insecure temporary file usage (#432807)
 * Wed Feb 13 2008 Lubomir Kundrak <lkundrak@redhat.com> - 0.45.1+0.46pre1-3
 - Fix crash when adding text objects (#432220)