Mercurial > hg > forks > UniversalIndentGUI

changeset 698:3499ddb0f61f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Made the used log file be more secure against link file hacks. Also it is now in the global or local temp directory depending on whether in portable mode or not. git-svn-id: svn://svn.code.sf.net/p/universalindent/code/trunk@967 59b1889a-e5ac-428c-b0c7-476e01d41282
author thomas_-_s <thomas_-_s@59b1889a-e5ac-428c-b0c7-476e01d41282>
date Tue, 02 Jun 2009 14:34:36 +0000
parents 1f787d19e5c9
children 90002ae3ddc9
files src/UiGuiLogger.cpp src/UiGuiLoggerDialog.ui
diffstat 2 files changed, 33 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/src/UiGuiLogger.cpp	Tue Jun 02 13:02:20 2009 +0000
+++ b/src/UiGuiLogger.cpp	Tue Jun 02 14:34:36 2009 +0000
@@ -50,11 +50,38 @@
 
     // On different systems it may be that "QDir::tempPath()" ends with a "/" or not. So check this.
     // Remove any trailing slashes.
-    QString tempPath = QDir::tempPath();
+    QString tempPath = QFileInfo( SettingsPaths::getTempPath() ).absolutePath();
     while ( tempPath.right(1) == "/" ) {
         tempPath.chop(1);
     }
-    logFile.setFileName( tempPath + "/UiGUI_log.html" );
+
+    // To make the temporary log file invulnerable against file symbolic link hacks
+    // append the current date and time up to milliseconds to its name and a random character.
+    QString logFileName = "UiGUI_log_" + QDateTime::currentDateTime().toString("yyyyMMdd");
+    logFileName += "-" + QDateTime::currentDateTime().toString("hhmmsszzz");
+    // By random decide whether to append a number or an upper or lower case character.
+    qsrand( time(NULL) );
+    unsigned char randomChar;
+    switch ( qrand() % 3 ) {
+        // Append a number from 0 to 9.
+        case 0:
+            randomChar = qrand() % 10 + '0';
+            break;
+        // Append a upper case characer between A and Z.
+        case 1:
+            randomChar = qrand() % 26 + 'A';
+            break;
+        // Append a lower case characer between a and z.
+        default:
+            randomChar = qrand() % 26 + 'a';
+            break;
+    }
+    logFileName += "_" + QString(randomChar) + ".html";
+
+    logFile.setFileName( tempPath + "/" + logFileName );
+
+    // Set the tooltip of the open log file folder button to show the unique name of the log file.
+    openLogFileFolderToolButton->setToolTip( openLogFileFolderToolButton->toolTip() + " (" + logFileName + ")" );
 
     connect( openLogFileFolderToolButton, SIGNAL(clicked()), this, SLOT(openLogFileFolder()) );
 
--- a/src/UiGuiLoggerDialog.ui	Tue Jun 02 13:02:20 2009 +0000
+++ b/src/UiGuiLoggerDialog.ui	Tue Jun 02 14:34:36 2009 +0000
@@ -51,7 +51,10 @@
      <item>
       <widget class="QToolButton" name="openLogFileFolderToolButton">
        <property name="toolTip">
-        <string>Open folder containing log file. (UiGUI_log.html)</string>
+        <string>Open folder containing log file.</string>
+       </property>
+       <property name="statusTip">
+        <string>Open folder containing log file.</string>
        </property>
        <property name="icon">
         <iconset resource="../resources/Icons.qrc">