You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@lucenenet.apache.org by ni...@apache.org on 2022/10/14 14:28:17 UTC

[lucenenet] branch master updated: fix: Fixed use of insecure 'Path.GetTempFileName' in ExternalRefSorter.cs (#651)

This is an automated email from the ASF dual-hosted git repository.

nightowl888 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/lucenenet.git


The following commit(s) were added to refs/heads/master by this push:
     new 5988c7733 fix: Fixed use of insecure 'Path.GetTempFileName' in ExternalRefSorter.cs (#651)
5988c7733 is described below

commit 5988c77330dbf13346419a2aaf4a1dcfa8b48b08
Author: Nikolaj Brask-Nielsen <ni...@gmail.com>
AuthorDate: Fri Oct 14 16:28:11 2022 +0200

    fix: Fixed use of insecure 'Path.GetTempFileName' in ExternalRefSorter.cs (#651)
    
    Fixes:
    https://sonarcloud.io/project/issues?resolved=false&types=VULNERABILITY&id=nikcio_lucenenet&open=AYPAuQCxhbfJOGLOobvQ
    
    https://sonarcloud.io/project/issues?resolved=false&types=VULNERABILITY&id=nikcio_lucenenet&open=AYPAuQCxhbfJOGLOobvR
---
 src/Lucene.Net.Suggest/Suggest/Fst/ExternalRefSorter.cs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Lucene.Net.Suggest/Suggest/Fst/ExternalRefSorter.cs b/src/Lucene.Net.Suggest/Suggest/Fst/ExternalRefSorter.cs
index 2ca89af89..3767604cf 100644
--- a/src/Lucene.Net.Suggest/Suggest/Fst/ExternalRefSorter.cs
+++ b/src/Lucene.Net.Suggest/Suggest/Fst/ExternalRefSorter.cs
@@ -39,7 +39,7 @@ namespace Lucene.Net.Search.Suggest.Fst
         public ExternalRefSorter(OfflineSorter sort)
         {
             this.sort = sort;
-            this.input = new FileInfo(Path.GetTempFileName());
+            this.input = new FileInfo(Path.Combine(Path.GetTempPath(), Path.GetRandomFileName()));
             this.writer = new OfflineSorter.ByteSequencesWriter(input);
         }
 
@@ -58,7 +58,7 @@ namespace Lucene.Net.Search.Suggest.Fst
             {
                 CloseWriter();
 
-                sorted = new FileInfo(Path.GetTempFileName());
+                sorted = new FileInfo(Path.Combine(Path.GetTempPath(), Path.GetRandomFileName()));
                 sort.Sort(input, sorted);
 
                 input.Delete();