Description: Prevent arbitrary file overwrite for the user running Bokken.
 An attacker on a multi-user system can overwrite an arbitrary file owned
 by the user running bokken by creating a symlink named /tmp/graph.dot.
Author: David Martínez Moreno <ender@debian.org>
Bug-Debian: http://bugs.debian.org/651931
Origin: upstream, http://inguma.eu/projects/bokken/repository/revisions/56894084b0ec
Forwarded: not-needed
Reviewed-By: David Martínez Moreno <ender@debian.org>
Last-Update: 2011-12-14

--- bokken-1.5.orig/ui/radare_core.py
+++ bokken-1.5/ui/radare_core.py
@@ -370,7 +370,7 @@ class Core():
         #if not self.dot:
         #print "[*] Get callgraph"
         self.update_progress_bar("Loading callgraph", 0.4)
-        file = tempfile.gettempdir() + os.sep + 'graph.dot'
+        file = tempfile.NamedTemporaryFile()
 
         if self.graph_layout == 'flow':
             cmd = 'ag '
@@ -381,20 +381,19 @@ class Core():
             sct = False
             for section in self.execsections:
                 if '.text' in section:
-                    self.core.cmd0(cmd + 'section..text > ' + file)
+                    self.core.cmd0(cmd + 'section..text > ' + file.name)
                     sct = False
                     break
                 else:
                     sct = True
             if sct:
-                self.core.cmd0(cmd + 'section' + self.execsections[0][0] +' > ' + file)
-            #self.core.cmd_str('aga > ' + file)
+                self.core.cmd0(cmd + 'section' + self.execsections[0][0] +' > ' + file.name)
+            #self.core.cmd_str('aga > ' + file.name)
         else:
-            self.core.cmd0(cmd + addr + ' > ' + file)
-        f = open(file, 'r')
+            self.core.cmd0(cmd + addr + ' > ' + file.name)
+        f = open(file.name, 'r')
         self.dot = f.read()
         f.close()
-        os.unlink(file)
         return self.dot
 
     def get_file_info(self):
