You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@lucenenet.apache.org by ni...@apache.org on 2022/11/01 20:57:01 UTC

[lucenenet] branch master updated (ada899027 -> c076e40b1)

This is an automated email from the ASF dual-hosted git repository.

nightowl888 pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/lucenenet.git


    from ada899027 Removed .NET Core 3.1 tests and lucene-cli support for it.  (#735)
     new 4166765d3 Lucene.Net.Support.IO.FileSupport::GetFileIOExceptionHResult(): Avoid Path.GetTempFileName() because it is not secure. https://rules.sonarsource.com/csharp/RSPEC-5445
     new c076e40b1 Lucene.Net.Search.Suggest.Fst.ExternalRefSorter: Changed temp path generation to use FileSupport.CreateTempFile() with named prefix and extension because it more closely matches Lucene and makes the files more easily identifiable.

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 src/Lucene.Net.Suggest/Suggest/Fst/ExternalRefSorter.cs | 7 ++++---
 src/Lucene.Net/Support/IO/FileSupport.cs                | 2 +-
 2 files changed, 5 insertions(+), 4 deletions(-)

[lucenenet] 01/02: Lucene.Net.Support.IO.FileSupport::GetFileIOExceptionHResult(): Avoid Path.GetTempFileName() because it is not secure. https://rules.sonarsource.com/csharp/RSPEC-5445

Posted by ni...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

nightowl888 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/lucenenet.git

commit 4166765d327c03aa19aa080409f4900305b66321
Author: Shad Storhaug <sh...@shadstorhaug.com>
AuthorDate: Tue Nov 1 00:50:11 2022 +0700

    Lucene.Net.Support.IO.FileSupport::GetFileIOExceptionHResult(): Avoid Path.GetTempFileName() because it is not secure. https://rules.sonarsource.com/csharp/RSPEC-5445
---
 src/Lucene.Net/Support/IO/FileSupport.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Lucene.Net/Support/IO/FileSupport.cs b/src/Lucene.Net/Support/IO/FileSupport.cs
index 90294dbe1..4832179b9 100644
--- a/src/Lucene.Net/Support/IO/FileSupport.cs
+++ b/src/Lucene.Net/Support/IO/FileSupport.cs
@@ -60,7 +60,7 @@ namespace Lucene.Net.Support.IO
             try
             {
                 // This could throw, but we don't care about this HResult value.
-                fileName = Path.GetTempFileName();
+                fileName = Path.Combine(Path.GetTempPath(), Path.GetRandomFileName()); // LUCENENET NOTE: Path.GetTempFileName() is considered insecure because the filename can be guessed https://rules.sonarsource.com/csharp/RSPEC-5445
             }
             catch
             {

[lucenenet] 02/02: Lucene.Net.Search.Suggest.Fst.ExternalRefSorter: Changed temp path generation to use FileSupport.CreateTempFile() with named prefix and extension because it more closely matches Lucene and makes the files more easily identifiable.

Posted by ni...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

nightowl888 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/lucenenet.git

commit c076e40b14d4c20e6fdfee4e28d0b3332cf6d0ce
Author: Shad Storhaug <sh...@shadstorhaug.com>
AuthorDate: Tue Nov 1 00:58:59 2022 +0700

    Lucene.Net.Search.Suggest.Fst.ExternalRefSorter: Changed temp path generation to use FileSupport.CreateTempFile() with named prefix and extension because it more closely matches Lucene and makes the files more easily identifiable.
---
 src/Lucene.Net.Suggest/Suggest/Fst/ExternalRefSorter.cs | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/Lucene.Net.Suggest/Suggest/Fst/ExternalRefSorter.cs b/src/Lucene.Net.Suggest/Suggest/Fst/ExternalRefSorter.cs
index 3767604cf..4c6ae6559 100644
--- a/src/Lucene.Net.Suggest/Suggest/Fst/ExternalRefSorter.cs
+++ b/src/Lucene.Net.Suggest/Suggest/Fst/ExternalRefSorter.cs
@@ -1,4 +1,5 @@
-using Lucene.Net.Util;
+using Lucene.Net.Support.IO;
+using Lucene.Net.Util;
 using System;
 using System.IO;
 
@@ -39,7 +40,7 @@ namespace Lucene.Net.Search.Suggest.Fst
         public ExternalRefSorter(OfflineSorter sort)
         {
             this.sort = sort;
-            this.input = new FileInfo(Path.Combine(Path.GetTempPath(), Path.GetRandomFileName()));
+            this.input = FileSupport.CreateTempFile("RefSorter-", ".raw", OfflineSorter.GetDefaultTempDir());
             this.writer = new OfflineSorter.ByteSequencesWriter(input);
         }
 
@@ -58,7 +59,7 @@ namespace Lucene.Net.Search.Suggest.Fst
             {
                 CloseWriter();
 
-                sorted = new FileInfo(Path.Combine(Path.GetTempPath(), Path.GetRandomFileName()));
+                sorted = FileSupport.CreateTempFile("RefSorter-", ".sorted", OfflineSorter.GetDefaultTempDir());
                 sort.Sort(input, sorted);
 
                 input.Delete();