openGauss-third_party/dependency/libcurl/18-CVE-2022-32207_2.patch

commit 959e4d225aefa45d2e569b7f4751963930504c6a
Author: Daniel Stenberg <daniel@haxx.se>
Date:   Wed May 25 10:09:53 2022 +0200

    [Backport] altsvc: use Curl_fopen()
    
    Offering: RTOS
    CVE: CVE-2022-32207
    Reference: upstream_commit_id=fab970a5d19c1faa2052239ec1e2602b892cbeb2
    
    DTS/AR: DTS2022062910035
    type: LTS
    reason: fix CVE-2022-32207 for curl.
    weblink:https://github.com/curl/curl/commit/fab970a5d19c1faa2052239ec1e2602b892cbeb2
    
    Signed-off-by: laiyuanyuan <laiyuanyuan.lai@huawei.com>

diff --git a/lib/altsvc.c b/lib/altsvc.c
index 36acc3a5e..b20f49ba4 100644
--- a/lib/altsvc.c
+++ b/lib/altsvc.c
@@ -34,7 +34,7 @@
 #include "parsedate.h"
 #include "sendf.h"
 #include "warnless.h"
-#include "rand.h"
+#include "fopen.h"
 #include "rename.h"
 
 /* The last 3 #include files should be in this order */
@@ -329,8 +329,7 @@ CURLcode Curl_altsvc_save(struct Curl_easy *data,
   struct Curl_llist_element *n;
   CURLcode result = CURLE_OK;
   FILE *out;
-  char *tempstore;
-  unsigned char randsuffix[9];
+  char *tempstore = NULL;
 
   if(!altsvc)
     /* no cache activated */
@@ -344,17 +343,8 @@ CURLcode Curl_altsvc_save(struct Curl_easy *data,
     /* marked as read-only, no file or zero length file name */
     return CURLE_OK;
 
-  if(Curl_rand_hex(data, randsuffix, sizeof(randsuffix)))
-    return CURLE_FAILED_INIT;
-
-  tempstore = aprintf("%s.%s.tmp", file, randsuffix);
-  if(!tempstore)
-    return CURLE_OUT_OF_MEMORY;
-
-  out = fopen(tempstore, FOPEN_WRITETEXT);
-  if(!out)
-    result = CURLE_WRITE_ERROR;
-  else {
+  result = Curl_fopen(data, file, &out, &tempstore);
+  if(!result) {
     fputs("# Your alt-svc cache. https://curl.se/docs/alt-svc.html\n"
           "# This file was generated by libcurl! Edit at your own risk.\n",
           out);
@@ -366,10 +356,10 @@ CURLcode Curl_altsvc_save(struct Curl_easy *data,
         break;
     }
     fclose(out);
-    if(!result && Curl_rename(tempstore, file))
+    if(!result && tempstore && Curl_rename(tempstore, file))
       result = CURLE_WRITE_ERROR;
 
-    if(result)
+    if(result && tempstore)
       unlink(tempstore);
   }
   free(tempstore);