Use `File::getSourceName()` to avoid accidental leaks

diff --git a/wcfsetup/install/files/lib/data/file/File.class.php b/wcfsetup/install/files/lib/data/file/File.class.php
index a0442b08974297b505579d10cca2e601232d1480..79b9b820130cff2d77a758b539fbb59cb075faa2 100644 (file)
--- a/wcfsetup/install/files/lib/data/file/File.class.php
+++ b/wcfsetup/install/files/lib/data/file/File.class.php
@@ -30,7 +30,7 @@ class File extends DatabaseObject
     /** @var array<string, FileThumbnail> */
     private array $thumbnails = [];
 
-    public function getFilename(): string
+    public function getSourceFilename(): string
     {
         return \sprintf(
             '%d-%s.bin',
@@ -53,7 +53,7 @@ class File extends DatabaseObject
 
     public function getPathname(): string
     {
-        return $this->getPath() . $this->getFilename();
+        return $this->getPath() . $this->getSourceFilename();
     }
 
     public function getLink(): string

diff --git a/wcfsetup/install/files/lib/data/file/FileEditor.class.php b/wcfsetup/install/files/lib/data/file/FileEditor.class.php
index 66be3cc768fd98de1ccbb64bd75487d80241e7a2..73d5e2f86f298b4ad897023c97087911f3abc07e 100644 (file)
--- a/wcfsetup/install/files/lib/data/file/FileEditor.class.php
+++ b/wcfsetup/install/files/lib/data/file/FileEditor.class.php
@@ -59,7 +59,7 @@ class FileEditor extends DatabaseObjectEditor
 
         \rename(
             $pathname,
-            $filePath . $file->getFilename()
+            $filePath . $file->getSourceFilename()
         );
 
         return $file;