From 62139e4161b28f4db5b7b1cd830e8d58be4f96e5 Mon Sep 17 00:00:00 2001 From: "pixeebot[bot]" <104101892+pixeebot[bot]@users.noreply.github.com> Date: Tue, 25 Mar 2025 17:50:26 +0000 Subject: [PATCH] Hardening suggestions for Stirling-PDF / enterpriseStuff (#3244) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit I've reviewed the recently opened PR ([3241 - Security fixes, enterprise stuff and more](https://github.com/Stirling-Tools/Stirling-PDF/pull/3241)) and have identified some area(s) that could benefit from additional hardening measures. These changes should help prevent potential security vulnerabilities and improve overall code quality. Thank you for your consideration! 🧚🤖 Powered by Pixeebot [Feedback](https://ask.pixee.ai/feedback) | [Community](https://pixee-community.slack.com/signup#/domain-signup) | [Docs](https://docs.pixee.ai/) ![](https://d1zaessa2hpsmj.cloudfront.net/pixel/v1/track?writeKey=2PI43jNm7atYvAuK7rJUz3Kcd6A&event=PR_HARDENING%7CStirling-Tools%2FStirling-PDF%7Cdfd567b803641d60be14c58dae67802e726ece1c) Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com> --- .../stirling/software/SPDF/controller/api/MergeController.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/stirling/software/SPDF/controller/api/MergeController.java b/src/main/java/stirling/software/SPDF/controller/api/MergeController.java index bd2731b7e..473411f18 100644 --- a/src/main/java/stirling/software/SPDF/controller/api/MergeController.java +++ b/src/main/java/stirling/software/SPDF/controller/api/MergeController.java @@ -148,7 +148,7 @@ public class MergeController { mergerUtility.addSource(tempFile); // Add source file to the merger utility } - mergedTempFile = File.createTempFile("merged-", ".pdf"); + mergedTempFile = Files.createTempFile("merged-", ".pdf").toFile(); mergerUtility.setDestinationFileName(mergedTempFile.getAbsolutePath()); mergerUtility.mergeDocuments(