admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-07 01:18:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #94 from BulkSecurityGeneratorProjectV2/fix/JLL/temporary_file_local_information_disclosure

Browse Source 
[SECURITY] Fix Temporary File Information Disclosure Vulnerability
This commit is contained in:
MaxKey 2022-11-21 21:08:15 +08:00 committed by GitHub
commit 1f86fb4a74
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
maxkey-common/src/main/java/org/maxkey/crypto/cert/NetUtil.java
View File

@ -31,6 +31,7 @@ import java.net.MalformedURLException;
import java.net.URI; import java.net.URI;
import java.net.URL; import java.net.URL;
import java.net.URLConnection; import java.net.URLConnection;
import java.nio.file.Files;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@ -140,7 +141,7 @@ public final class NetUtil
try try
{ {
tempFile = File.createTempFile("portecle", null); tempFile = Files.createTempFile("portecle",null).toFile();
out = new BufferedOutputStream(new FileOutputStream(tempFile)); out = new BufferedOutputStream(new FileOutputStream(tempFile));
byte[] buf = new byte[2048]; byte[] buf = new byte[2048];
int n; int n;