-C Minor\sdoc\stypo\sfix\sreported\sin\s[forum:939d5864df|forum\spost\s939d5864df].
-D 2025-11-09T07:11:15.800
+C Fix\sthe\s".www"\scommand\sof\sthe\sCLI\sso\sthat\sit\sworks\son\sunix\ssystems\swith\nnewer\sweb\sbrowsers\sthat\sdo\snot\sallow\saccess\sto\sfiles\sin\s/tmp.
+D 2025-11-10T01:46:06.786
F .fossil-settings/binary-glob 61195414528fb3ea9693577e1980230d78a1f8b0a54c78cf1b9b24d0a409ed6a x
F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1
F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea
F src/resolve.c 5616fbcf3b833c7c705b24371828215ad0925d0c0073216c4f153348d5753f0a
F src/rowset.c 8432130e6c344b3401a8874c3cb49fefe6873fec593294de077afea2dce5ec97
F src/select.c ba9cd07ffa3277883c1986085f6ddc4320f4d35d5f212ab58df79a7ecc1a576a
-F src/shell.c.in 223e3703657f5e66c136521a32fc8cc9a7dbbe6b1ade6fd47457e78c38f33e6e
+F src/shell.c.in ceb0a9cc008ac82d8d2e6ef353db14a54bc40dfd60a8cfbb6bc98d071f538761
F src/sqlite.h.in 7403a952a8f1239de7525b73c4e3a0f9540ec0607ed24fec887f5832642d44b8
F src/sqlite3.rc 015537e6ac1eec6c7050e17b616c2ffe6f70fca241835a84a4f0d5937383c479
F src/sqlite3ext.h 7f236ca1b175ffe03316d974ef57df79b3938466c28d2f95caef5e08c57f3a52
F tool/warnings-clang.sh bbf6a1e685e534c92ec2bfba5b1745f34fb6f0bc2a362850723a9ee87c1b31a7
F tool/warnings.sh d924598cf2f55a4ecbc2aeb055c10bd5f48114793e7ba25f9585435da29e7e98
F tool/win/sqlite.vsix deb315d026cc8400325c5863eef847784a219a2f
-P 850b92b6347187d702736bf5a574b9b4a49854a33799875f24fc75c50a6bf908
-R 46289386d4eaab15ac455736694a428b
-U stephan
-Z 05ad1e73dd4c11c5b0a1505655a4e3db
+P a1f9c977b83fab11c54710070dbedfaea47195050946db74075bdd3ade97a4c8
+R 433947701e1e8d1dbfecf3626f6f1737
+U drh
+Z bf0d9abc0630918a2bdb7897b1798077
# Remove this line to create a well-formed Fossil manifest.
p->zTempFile = 0;
}
+/* Forward reference */
+static char *find_home_dir(int clearFlag);
+
/*
** Create a new temp file name with the given suffix.
+**
+** Because the classic temp folders like /tmp are no longer
+** accessible to web browsers, for security reasons, create the
+** temp file in the user's home directory.
*/
static void newTempFile(ShellState *p, const char *zSuffix){
- clearTempFile(p);
- sqlite3_free(p->zTempFile);
- p->zTempFile = 0;
- if( p->db ){
- sqlite3_file_control(p->db, 0, SQLITE_FCNTL_TEMPFILENAME, &p->zTempFile);
- }
- if( p->zTempFile==0 ){
- /* If p->db is an in-memory database then the TEMPFILENAME file-control
- ** will not work and we will need to fallback to guessing */
- char *zTemp;
- sqlite3_uint64 r;
- sqlite3_randomness(sizeof(r), &r);
- zTemp = getenv("TEMP");
- if( zTemp==0 ) zTemp = getenv("TMP");
- if( zTemp==0 ){
+ char *zHome; /* Home directory */
+ int i; /* Loop counter */
+ sqlite3_uint64 r = 0; /* Integer with 64 bits of randomness */
+ char zRand[32]; /* Text string with 160 bits of randomness */
#ifdef _WIN32
- zTemp = "\\tmp";
+ const char cDirSep = '\\';
#else
- zTemp = "/tmp";
+ const char cDirSep = '/';
#endif
- }
- p->zTempFile = sqlite3_mprintf("%s/temp%llx.%s", zTemp, r, zSuffix);
- }else{
- p->zTempFile = sqlite3_mprintf("%z.%s", p->zTempFile, zSuffix);
+
+ for(i=0; i<31; i++){
+ if( (i%12)==0 ) sqlite3_randomness(sizeof(r),&r);
+ zRand[i] = "0123456789abcdefghijklmnopqrstuvwxyz"[r%36];
+ r /= 36;
}
+ zRand[i] = 0;
+ clearTempFile(p);
+ sqlite3_free(p->zTempFile);
+ p->zTempFile = 0;
+ zHome = find_home_dir(0);
+ p->zTempFile = sqlite3_mprintf("%s%ctemp-%s.%s",
+ zHome,cDirSep,zRand,zSuffix);
shell_check_oom(p->zTempFile);
}
-
/*
** The implementation of SQL scalar function fkey_collate_clause(), used
** by the ".lint fkey-indexes" command. This scalar function is always
projects / thirdparty / sqlite.git / commitdiff
