From 5e9967fc1ffb086d8a9c9c8314039b57e0471f10 Mon Sep 17 00:00:00 2001
From: Aaron Crane <arc@cpan.org>
Date: Sat, 5 May 2012 14:30:52 +0100
Subject: [PATCH] Don't cache results from last file examined

- The filename was stored in a fixed-size buffer, which seems to be a rich
  source of security vulnerabilities

- The cache would incorrectly report no change when using a single temporary
  filename, with contents that vary over time

- It's of value only in very restricted situations: the only code that could
  take advantage of the cache is something that's repeatedly loading the
  same file, without loading any other files in between

Given the latter point, it doesn't seem worth fixing the first two issues.
---
 Image-EXIF.xs | 12 +-----------
 1 file changed, 1 insertion(+), 11 deletions(-)

diff --git a/Image-EXIF.xs b/Image-EXIF.xs
index 2733a22..96c0d4e 100644
--- a/Image-EXIF.xs
+++ b/Image-EXIF.xs
@@ -14,26 +14,16 @@ unsigned short dumplvl = 0;
 static int
 read_data(char *name)
 {
-    static char prev_name[1024] = "";
-
     int mark, first = 0;
     unsigned int len, rlen;
     unsigned char *exifbuf = NULL;
+    FILE *fp = fopen(name, "rb");
 
-    FILE *fp;
-
-    if (strcmp(name, prev_name) == 0)
-        return 0;
-
-    fp = fopen(name, "rb");
     if (!fp) {
-        prev_name[0] = '\0';
         exifdie((const char *)strerror(errno));
         return 2;
     }
 
-    strcpy(prev_name, name);
-
     while (jpegscan(fp, &mark, &len, !(first++))) {
         if (mark != JPEG_M_APP1) {
             if (fseek(fp, len, SEEK_CUR)) {