This patch fixes an issues where temporary files were created in an insecure
way.

It was first intruduced in version 3.8.3-7 and fixes
http://bugs.debian.org/438540
--- a/src/tag_file.cpp
+++ b/src/tag_file.cpp
@@ -242,8 +242,8 @@
     strcpy(sTempFile, filename.c_str());
     strcat(sTempFile, sTmpSuffix.c_str());
 
-#if ((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
-    // This section is for Windows folk && gcc 3.x folk
+#if !defined(HAVE_MKSTEMP)
+    // This section is for Windows folk
     fstream tmpOut;
     createFile(sTempFile, tmpOut);
 
@@ -257,7 +257,7 @@
       tmpOut.write((char *)tmpBuffer, nBytes);
     }
 
-#else //((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
+#else //!defined(HAVE_MKSTEMP)
 
     // else we gotta make a temp file, copy the tag into it, copy the
     // rest of the old file after the tag, delete the old file, rename
@@ -270,7 +270,7 @@
       //ID3_THROW_DESC(ID3E_NoFile, "couldn't open temp file");
     }
 
-    ofstream tmpOut(fd);
+    ofstream tmpOut(sTempFile);
     if (!tmpOut)
     {
       tmpOut.close();
@@ -285,14 +285,14 @@
     uchar tmpBuffer[BUFSIZ];
     while (file)
     {
-      file.read(tmpBuffer, BUFSIZ);
+      file.read((char *)tmpBuffer, BUFSIZ);
       size_t nBytes = file.gcount();
-      tmpOut.write(tmpBuffer, nBytes);
+      tmpOut.write((char *)tmpBuffer, nBytes);
     }
 
     close(fd); //closes the file
 
-#endif ////((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
+#endif ////!defined(HAVE_MKSTEMP)
 
     tmpOut.close();
     file.close();
' method='get' action='/guix/log/gnu/packages/llvm.scm'>
<input type='hidden' name='id' value='9b6d058ce134b8f0693e7d87c5612757c572db5e'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/commit/?id=9b6d058ce134b8f0693e7d87c5612757c572db5e'>root</a>/<a href='/guix/commit/gnu?id=9b6d058ce134b8f0693e7d87c5612757c572db5e'>gnu</a>/<a href='/guix/commit/gnu/packages?id=9b6d058ce134b8f0693e7d87c5612757c572db5e'>packages</a>/<a href='/guix/commit/gnu/packages/llvm.scm?id=9b6d058ce134b8f0693e7d87c5612757c572db5e'>llvm.scm</a></div><div class='content'><div class='cgit-panel'><b>diff options</b><form method='get'><input type='hidden' name='id' value='9b6d058ce134b8f0693e7d87c5612757c572db5e'/><table><tr><td colspan='2'/></tr><tr><td class='label'>context:</td><td class='ctrl'><select name='context' onchange='this.form.submit();'><option value='1'>1</option><option value='2'>2</option><option value='3' selected='selected'>3</option><option value='4'>4</option><option value='5'>5</option><option value='6'>6</option><option value='7'>7</option><option value='8'>8</option><option value='9'>9</option><option value='10'>10</option><option value='15'>15</option><option value='20'>20</option><option value='25'>25</option><option value='30'>30</option><option value='35'>35</option><option value='40'>40</option></select></td></tr><tr><td class='label'>space:</td><td class='ctrl'><select name='ignorews' onchange='this.form.submit();'><option value='0' selected='selected'>include</option><option value='1'>ignore</option></select></td></tr><tr><td class='label'>mode:</td><td class='ctrl'><select name='dt' onchange='this.form.submit();'><option value='0' selected='selected'>unified</option><option value='1'>ssdiff</option><option value='2'>stat only</option></select></td></tr><tr><td/><td class='ctrl'><noscript><input type='submit' value='reload'/></noscript></td></tr></table></form></div><table summary='commit info' class='commit-info'>
<tr><th>author</th><td>宋文武 &lt;iyzsong@member.fsf.org&gt;</td><td class='right'>2023-07-30 07:29:37 +0800</td></tr>
<tr><th>committer</th><td>宋文武 &lt;iyzsong@member.fsf.org&gt;</td><td class='right'>2023-08-03 17:38:10 +0800</td></tr>
<tr><th>commit</th><td colspan='2' class='oid'><a href='/guix/commit/gnu/packages/llvm.scm?id=9b6d058ce134b8f0693e7d87c5612757c572db5e'>9b6d058ce134b8f0693e7d87c5612757c572db5e</a> (<a href='/guix/patch/gnu/packages/llvm.scm?id=9b6d058ce134b8f0693e7d87c5612757c572db5e'>patch</a>)</td></tr>
<tr><th>tree</th><td colspan='2' class='oid'><a href='/guix/tree/?id=9b6d058ce134b8f0693e7d87c5612757c572db5e'>64a089cfb3b2a9cd062e0798e6c45a58063d08bf</a> /<a href='/guix/tree/gnu/packages/llvm.scm?id=9b6d058ce134b8f0693e7d87c5612757c572db5e'>gnu/packages/llvm.scm</a></td></tr>
<tr><th>parent</th><td colspan='2' class='oid'><a href='/guix/commit/gnu/packages/llvm.scm?id=567a2c755268629f48d79fb67d908f53c6e1295a'>567a2c755268629f48d79fb67d908f53c6e1295a</a> (<a href='/guix/diff/gnu/packages/llvm.scm?id=9b6d058ce134b8f0693e7d87c5612757c572db5e&amp;id2=567a2c755268629f48d79fb67d908f53c6e1295a'>diff</a>)</td></tr><tr><th>download</th><td colspan='2' class='oid'><a href='/guix/snapshot/guix-9b6d058ce134b8f0693e7d87c5612757c572db5e.tar.gz'>guix-9b6d058ce134b8f0693e7d87c5612757c572db5e.tar.gz</a><br/><a href='/guix/snapshot/guix-9b6d058ce134b8f0693e7d87c5612757c572db5e.zip'>guix-9b6d058ce134b8f0693e7d87c5612757c572db5e.zip</a><br/></td></tr></table>
<div class='commit-subject'>gnu: filelight: Update to 23.04.3.</div><div class='commit-msg'>* gnu/packages/kde-utils.scm (filelight): Update to 23.04.3.
</div><div class='diffstat-header'><a href='/guix/diff/?id=9b6d058ce134b8f0693e7d87c5612757c572db5e'>Diffstat</a> (limited to 'gnu/packages/llvm.scm')</div><table summary='diffstat' class='diffstat'></table><div class='diffstat-summary'>0 files changed, 0 insertions, 0 deletions</div><table summary='diff' class='diff'><tr><td></td></tr></table></div> <!-- class=content -->
                         <div class=footer>generated by
                             <a href="https://git.zx2c4.com/cgit/about/">
                                 cgit
                             </a>
                         </div>
                        </div> <!-- id=cgit -->
</body>
</html>