summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog3
-rw-r--r--src/imlib.c3
2 files changed, 5 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index 5178b6b..2d656ba 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,9 @@ git HEAD
* Add --zoom fill as equivalent for --auto-zoom
* Add --zoom max (zooming like in --bg-max)
* --menu-style is now deprecated
+ * Use wget --no-clobber to prevent TOCTTOU-based hole allowing a
+ well-informed attacker to rewrite arbitrary user files. An attacker can
+ still use it to _create_ arbitrary files.
Wed, 26 Jan 2011 21:07:19 +0100 Daniel Friesel <derf@finalrewind.org>
diff --git a/src/imlib.c b/src/imlib.c
index 01384d1..b251cac 100644
--- a/src/imlib.c
+++ b/src/imlib.c
@@ -453,7 +453,8 @@ char *feh_http_load_image(char *url)
if (!opt.verbose)
quiet = estrdup("-q");
- execlp("wget", "wget", "--cache=off", "-O", tmpname, url, quiet, NULL);
+ execlp("wget", "wget", "--no-clobber", "--cache=off",
+ "-O", tmpname, url, quiet, NULL);
eprintf("url: Is 'wget' installed? Failed to exec wget:");
} else {
waitpid(pid, &status, 0);