**
** \legal
** Copyright (c) 2002-2005 Robert B. Quattlebaum Jr., Adrian Bentley
+** Copyright (c) 2007 Chris Moore
**
** This package is free software; you can redistribute it and/or
** modify it under the terms of the GNU General Public License as
pclose(file);
string command;
-
+
if(filename.find("psd")!=String::npos)
command=strprintf("convert \"%s\" -flatten \"png32:%s\"\n",filename.c_str(),temp_file.c_str());
else
string output="png32:"+temp_file;
pid_t pid = fork();
-
+
if (pid == -1) {
return false;
}
-
+
if (pid == 0){
// Child process
if(filename.find("psd")!=String::npos)
return true;
#else
-
+
#error This code contains tempfile and arbitrary shell command execution vulnerabilities
-
+
if(file)
pclose(file);