diff options
| author | Frédéric Buclin <LpSolit@gmail.com> | 2011-08-04 22:21:30 +0200 |
|---|---|---|
| committer | Frédéric Buclin <LpSolit@gmail.com> | 2011-08-04 22:21:30 +0200 |
| commit | 10e5c4a1c297d0c7a22f866b9941ac71f70d0dd6 (patch) | |
| tree | 70a082f755f9db383bb339bb1b55e0c3eb0b85a7 | |
| parent | 5d70d16f37a866852e6a48ec9fefe3664a6a9a55 (diff) | |
| download | bugzilla-10e5c4a1c297d0c7a22f866b9941ac71f70d0dd6.tar.gz bugzilla-10e5c4a1c297d0c7a22f866b9941ac71f70d0dd6.tar.xz | |
Bug 660502: (CVE-2011-2977) [SECURITY] Temporary files for uploaded attachments are not deleted on Windows
r=glob a=LpSolit
| -rw-r--r-- | Bugzilla/Attachment.pm | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/Bugzilla/Attachment.pm b/Bugzilla/Attachment.pm index c0ea6ca0d..7cd350dde 100644 --- a/Bugzilla/Attachment.pm +++ b/Bugzilla/Attachment.pm @@ -795,7 +795,10 @@ sub create { # If we have a filehandle, we need its content to store it in the DB. elsif (ref $data) { local $/; - $data = <$data>; + # Store the content in a temp variable while we close the FH. + my $tmp = <$data>; + close $data; + $data = $tmp; } my $sth = $dbh->prepare("INSERT INTO attach_data |