From b094634799abe02324c2ef686c0fa5805bc7780a Mon Sep 17 00:00:00 2001
From: "pixeebot[bot]" <104101892+pixeebot[bot]@users.noreply.github.com>
Date: Thu, 31 Oct 2024 16:17:23 -0400
Subject: [PATCH] Hardening suggestions for Stirling-PDF / fix-sig-logo (#2144)

Modernize and secure temp file creation

Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
---
 .../SPDF/controller/api/security/CertSignController.java       | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/java/stirling/software/SPDF/controller/api/security/CertSignController.java b/src/main/java/stirling/software/SPDF/controller/api/security/CertSignController.java
index 0c43be2a..27262feb 100644
--- a/src/main/java/stirling/software/SPDF/controller/api/security/CertSignController.java
+++ b/src/main/java/stirling/software/SPDF/controller/api/security/CertSignController.java
@@ -8,6 +8,7 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.OutputStream;
+import java.nio.file.Files;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
@@ -104,7 +105,7 @@ public class CertSignController {
             super(keystore, pin);
             ClassPathResource resource = new ClassPathResource("static/images/signature.png");
             try (InputStream is = resource.getInputStream()) {
-                logoFile = File.createTempFile("signature", ".png");
+                logoFile = Files.createTempFile("signature", ".png").toFile();
                 FileUtils.copyInputStreamToFile(is, logoFile);
             } catch (IOException e) {
                 logger.error("Failed to load image signature file");