[PATCH] Fix for Bug 43895: Never let users save in /tmp by default

[Stephan Bergmann]

Just looking at the below function itself (so no idea about the larger 
context), I noted a few things:

On 03/19/2012 01:17 AM, Andrzej J. R. Hunt wrote:
> +void FileDialogHelper_Impl::verifyPath()
> +{
> +    struct stat aFileStat;
> +    const char* pFullPath = OUStringToOString( ( maPath.copy(7) + maFileName ),

copy(7) could be replaced with copy(RTL_CONSTASCII_LENGTH("file://")) to 
make it more obvious what's going on.

> +            osl_getThreadTextEncoding() ).getStr();

pFullPath points to delete memory now, as the OString temporary goes out 
of scope at the end of the statement.

> +    stat( pFullPath,&aFileStat );

See osl/file.hxx for LO's cross-platform stat abstraction facilities -- 
if they are not expressive enough for the problem at hand, this code 
would need to be properly ifdef'ed for POSIX (explicitly checking for 
/tmp indicates this is only a Unix-style problem and/or solution, anyway).

> +    // Check that the file has read only permission and is in /tmp -- this is
> +    //  the case if we have opened the file from the web with firefox only.
> +    if ( maPath.compareTo("file:///tmp",11) == 0&&
> +            ( aFileStat.st_mode&  (S_IRWXO + S_IRWXG + S_IRWXU) ) == S_IRUSR ) {
> +        maPath = SvtPathOptions().GetWorkPath();
> +        mxFileDlg->setDisplayDirectory( maPath );
> +    }
> +}

Sorry that this is just non-constructive drive-by comments for now...

Stephan