Take care of your TEMP folder!
-
The ghosts of the past won't let me rest. My former boss informed me that our project web page "was broken. At least, it is not listed as a malware site on Google". Well, last thing happened to us last year after a hacker attack (see http://www.codeproject.com/Messages/4323984/Analysing-an-obfuscated-malware-script.aspx[^]). Since that project was my best piece of work (seriously, not in the satirical meaning of the rest of this post, and despite the code shown below), I immediately looked into it: the home page loaded smoothly. Nothing wrong. The next pages also. So, what was wrong? I tried an aspx page. Worked. Next aspx page, and here it was:
Error: Access violation. File exists. at
strFileName = System.IO.Path.GetTempFileNameThe page creates an image dynamically, based on user input. The image is written into Graphics folder of the web site. After the web site was moved to a different server, the clean-up process for that folder failed due to a lack of access rights. But that was long ago. I looked into that folder, and it was empty. But wait, that line mentioned in the error message does something different! Before the temporary image file is created, I ask Windows to give me a file name. I created such a superb function for that purpose:
Public Function getTempFileName(Optional ByVal Extension As String = "tmp") As String
Dim strFileName As String'system temp file name strFileName = System.IO.Path.GetTempFileName 'file name only strFileName = strFileName.Substring(System.IO.Path.GetTempPath.Length) 'default extension is "tmp", if we want a different one, we must exchange it If Extension <> "tmp" Then strFileName = strFileName.Substring(0, strFileName.Length - 3) & Extension End If 'done Return strFileNameEnd Function
Overwhelmed by the beauty of this piece of code (it will surely be honored as the proper solution to that problem in many VB and aspx fora throughout the web soon), you'll likely not see how this function can fail. Also I had to take a look into Microsoft's documentation: Not only does
System.IO.Path.GetTempFileNamereturn the full path for a temporary file, it does al -
The ghosts of the past won't let me rest. My former boss informed me that our project web page "was broken. At least, it is not listed as a malware site on Google". Well, last thing happened to us last year after a hacker attack (see http://www.codeproject.com/Messages/4323984/Analysing-an-obfuscated-malware-script.aspx[^]). Since that project was my best piece of work (seriously, not in the satirical meaning of the rest of this post, and despite the code shown below), I immediately looked into it: the home page loaded smoothly. Nothing wrong. The next pages also. So, what was wrong? I tried an aspx page. Worked. Next aspx page, and here it was:
Error: Access violation. File exists. at
strFileName = System.IO.Path.GetTempFileNameThe page creates an image dynamically, based on user input. The image is written into Graphics folder of the web site. After the web site was moved to a different server, the clean-up process for that folder failed due to a lack of access rights. But that was long ago. I looked into that folder, and it was empty. But wait, that line mentioned in the error message does something different! Before the temporary image file is created, I ask Windows to give me a file name. I created such a superb function for that purpose:
Public Function getTempFileName(Optional ByVal Extension As String = "tmp") As String
Dim strFileName As String'system temp file name strFileName = System.IO.Path.GetTempFileName 'file name only strFileName = strFileName.Substring(System.IO.Path.GetTempPath.Length) 'default extension is "tmp", if we want a different one, we must exchange it If Extension <> "tmp" Then strFileName = strFileName.Substring(0, strFileName.Length - 3) & Extension End If 'done Return strFileNameEnd Function
Overwhelmed by the beauty of this piece of code (it will surely be honored as the proper solution to that problem in many VB and aspx fora throughout the web soon), you'll likely not see how this function can fail. Also I had to take a look into Microsoft's documentation: Not only does
System.IO.Path.GetTempFileNamereturn the full path for a temporary file, it does alOh.. it's considered a standard practice to delete the temp file after use... so, i'll say it's coding fault! Please, no offence :laugh: I don't rely on the get temp file though, I have my own random naming algorithm, kept locked highly in my hard drive with several layers of ultra military grade encryption! ! ;)
-
The ghosts of the past won't let me rest. My former boss informed me that our project web page "was broken. At least, it is not listed as a malware site on Google". Well, last thing happened to us last year after a hacker attack (see http://www.codeproject.com/Messages/4323984/Analysing-an-obfuscated-malware-script.aspx[^]). Since that project was my best piece of work (seriously, not in the satirical meaning of the rest of this post, and despite the code shown below), I immediately looked into it: the home page loaded smoothly. Nothing wrong. The next pages also. So, what was wrong? I tried an aspx page. Worked. Next aspx page, and here it was:
Error: Access violation. File exists. at
strFileName = System.IO.Path.GetTempFileNameThe page creates an image dynamically, based on user input. The image is written into Graphics folder of the web site. After the web site was moved to a different server, the clean-up process for that folder failed due to a lack of access rights. But that was long ago. I looked into that folder, and it was empty. But wait, that line mentioned in the error message does something different! Before the temporary image file is created, I ask Windows to give me a file name. I created such a superb function for that purpose:
Public Function getTempFileName(Optional ByVal Extension As String = "tmp") As String
Dim strFileName As String'system temp file name strFileName = System.IO.Path.GetTempFileName 'file name only strFileName = strFileName.Substring(System.IO.Path.GetTempPath.Length) 'default extension is "tmp", if we want a different one, we must exchange it If Extension <> "tmp" Then strFileName = strFileName.Substring(0, strFileName.Length - 3) & Extension End If 'done Return strFileNameEnd Function
Overwhelmed by the beauty of this piece of code (it will surely be honored as the proper solution to that problem in many VB and aspx fora throughout the web soon), you'll likely not see how this function can fail. Also I had to take a look into Microsoft's documentation: Not only does
System.IO.Path.GetTempFileNamereturn the full path for a temporary file, it does alBernhard Hiller wrote:
Well, last thing happened to us last year after a hacker attack (see http://www.codeproject.com/Messages/4323984/Analysing-an-obfuscated-malware-script.aspx[^]).
The hacker has a brilliant idea, i'm thinking to leverage it into a javascript ofuscator! :laugh:
-
Bernhard Hiller wrote:
Well, last thing happened to us last year after a hacker attack (see http://www.codeproject.com/Messages/4323984/Analysing-an-obfuscated-malware-script.aspx[^]).
The hacker has a brilliant idea, i'm thinking to leverage it into a javascript ofuscator! :laugh:
-
The ghosts of the past won't let me rest. My former boss informed me that our project web page "was broken. At least, it is not listed as a malware site on Google". Well, last thing happened to us last year after a hacker attack (see http://www.codeproject.com/Messages/4323984/Analysing-an-obfuscated-malware-script.aspx[^]). Since that project was my best piece of work (seriously, not in the satirical meaning of the rest of this post, and despite the code shown below), I immediately looked into it: the home page loaded smoothly. Nothing wrong. The next pages also. So, what was wrong? I tried an aspx page. Worked. Next aspx page, and here it was:
Error: Access violation. File exists. at
strFileName = System.IO.Path.GetTempFileNameThe page creates an image dynamically, based on user input. The image is written into Graphics folder of the web site. After the web site was moved to a different server, the clean-up process for that folder failed due to a lack of access rights. But that was long ago. I looked into that folder, and it was empty. But wait, that line mentioned in the error message does something different! Before the temporary image file is created, I ask Windows to give me a file name. I created such a superb function for that purpose:
Public Function getTempFileName(Optional ByVal Extension As String = "tmp") As String
Dim strFileName As String'system temp file name strFileName = System.IO.Path.GetTempFileName 'file name only strFileName = strFileName.Substring(System.IO.Path.GetTempPath.Length) 'default extension is "tmp", if we want a different one, we must exchange it If Extension <> "tmp" Then strFileName = strFileName.Substring(0, strFileName.Length - 3) & Extension End If 'done Return strFileNameEnd Function
Overwhelmed by the beauty of this piece of code (it will surely be honored as the proper solution to that problem in many VB and aspx fora throughout the web soon), you'll likely not see how this function can fail. Also I had to take a look into Microsoft's documentation: Not only does
System.IO.Path.GetTempFileNamereturn the full path for a temporary file, it does alOh, yuck! Substring! :wtf: system.io.path.getfilenamewithoutextension[^]
-
Amitosh Swain wrote:
i'm thinking to leverage it into a javascript ofuscator!
Uhm, so... the next "hacker's script" will be yours... or maybe this one was! <hides his IP under the desk>
Greetings - Jacek
Jacek Gajek wrote:
Uhm, so... the next "hacker's script" will be yours... or maybe this one was
I'm not that good at breaking anything... anything means anything...
-
Oh, yuck! Substring! :wtf: system.io.path.getfilenamewithoutextension[^]
Better yet, just use System.IO.Path.ChangeExtension. But making faulty code more readable does seem pointless. ;P
-
Oh, yuck! Substring! :wtf: system.io.path.getfilenamewithoutextension[^]
Yeah, two times substring instead of the functions of System.IO.Path - 9 years ago I did not know them. But you see: you'd fix the substrings, not the failure. The beauty of this gem prevents you from really fixing the problem (e.g.
strFileName = Guid.NewGuid().ToString() & "." & Extension) -
The ghosts of the past won't let me rest. My former boss informed me that our project web page "was broken. At least, it is not listed as a malware site on Google". Well, last thing happened to us last year after a hacker attack (see http://www.codeproject.com/Messages/4323984/Analysing-an-obfuscated-malware-script.aspx[^]). Since that project was my best piece of work (seriously, not in the satirical meaning of the rest of this post, and despite the code shown below), I immediately looked into it: the home page loaded smoothly. Nothing wrong. The next pages also. So, what was wrong? I tried an aspx page. Worked. Next aspx page, and here it was:
Error: Access violation. File exists. at
strFileName = System.IO.Path.GetTempFileNameThe page creates an image dynamically, based on user input. The image is written into Graphics folder of the web site. After the web site was moved to a different server, the clean-up process for that folder failed due to a lack of access rights. But that was long ago. I looked into that folder, and it was empty. But wait, that line mentioned in the error message does something different! Before the temporary image file is created, I ask Windows to give me a file name. I created such a superb function for that purpose:
Public Function getTempFileName(Optional ByVal Extension As String = "tmp") As String
Dim strFileName As String'system temp file name strFileName = System.IO.Path.GetTempFileName 'file name only strFileName = strFileName.Substring(System.IO.Path.GetTempPath.Length) 'default extension is "tmp", if we want a different one, we must exchange it If Extension <> "tmp" Then strFileName = strFileName.Substring(0, strFileName.Length - 3) & Extension End If 'done Return strFileNameEnd Function
Overwhelmed by the beauty of this piece of code (it will surely be honored as the proper solution to that problem in many VB and aspx fora throughout the web soon), you'll likely not see how this function can fail. Also I had to take a look into Microsoft's documentation: Not only does
System.IO.Path.GetTempFileNamereturn the full path for a temporary file, it does alThis one's a lesson in why reading the documentation can be helpful. GetTempFileName states that it creates the file ... somewhat annoying if you want to create a temporary file with a different name (extension), but I guess their point is that the name doesn't matter as it's only temporary.
-
The ghosts of the past won't let me rest. My former boss informed me that our project web page "was broken. At least, it is not listed as a malware site on Google". Well, last thing happened to us last year after a hacker attack (see http://www.codeproject.com/Messages/4323984/Analysing-an-obfuscated-malware-script.aspx[^]). Since that project was my best piece of work (seriously, not in the satirical meaning of the rest of this post, and despite the code shown below), I immediately looked into it: the home page loaded smoothly. Nothing wrong. The next pages also. So, what was wrong? I tried an aspx page. Worked. Next aspx page, and here it was:
Error: Access violation. File exists. at
strFileName = System.IO.Path.GetTempFileNameThe page creates an image dynamically, based on user input. The image is written into Graphics folder of the web site. After the web site was moved to a different server, the clean-up process for that folder failed due to a lack of access rights. But that was long ago. I looked into that folder, and it was empty. But wait, that line mentioned in the error message does something different! Before the temporary image file is created, I ask Windows to give me a file name. I created such a superb function for that purpose:
Public Function getTempFileName(Optional ByVal Extension As String = "tmp") As String
Dim strFileName As String'system temp file name strFileName = System.IO.Path.GetTempFileName 'file name only strFileName = strFileName.Substring(System.IO.Path.GetTempPath.Length) 'default extension is "tmp", if we want a different one, we must exchange it If Extension <> "tmp" Then strFileName = strFileName.Substring(0, strFileName.Length - 3) & Extension End If 'done Return strFileNameEnd Function
Overwhelmed by the beauty of this piece of code (it will surely be honored as the proper solution to that problem in many VB and aspx fora throughout the web soon), you'll likely not see how this function can fail. Also I had to take a look into Microsoft's documentation: Not only does
System.IO.Path.GetTempFileNamereturn the full path for a temporary file, it does alIf you just want to generate a random filename without creating a file, try Path.GetRandomFileName[^] instead.
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
