From 144dbd6af0961e2a926014e5451778b29a062126 Mon Sep 17 00:00:00 2001
From: Pratiksha Sankhe <sankhepratiksha3@gmail.com>
Date: Tue, 29 Oct 2024 00:00:40 +0530
Subject: [PATCH] fixing vulnerability

Signed-off-by: Pratiksha Sankhe <sankhepratiksha3@gmail.com>
---
 .../api/elixircloud/csh/controllers.py             | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/cloud_storage_handler/api/elixircloud/csh/controllers.py b/cloud_storage_handler/api/elixircloud/csh/controllers.py
index 79ba02b..7750d81 100644
--- a/cloud_storage_handler/api/elixircloud/csh/controllers.py
+++ b/cloud_storage_handler/api/elixircloud/csh/controllers.py
@@ -3,6 +3,7 @@
 import hashlib
 import logging
 import os
+import tempfile
 import uuid
 from http import HTTPStatus
 
@@ -11,6 +12,8 @@
 
 logger = logging.getLogger(__name__)
 
+TUS_UPLOAD_DIR = tempfile.gettempdir()
+
 
 def home():
     """Endpoint to return a welcome message."""
@@ -19,16 +22,13 @@ def home():
     ), HTTPStatus.OK
 
 
-TUS_UPLOAD_DIR = "/tmp/tus_uploads"
-
-
 def compute_file_hash(file_path):
-    """Compute MD5 hash of the file."""
-    hash_md5 = hashlib.md5()
+    """Compute SHA-256 hash of the file."""
+    hash_sha256 = hashlib.sha256()
     with open(file_path, "rb") as f:
         for chunk in iter(lambda: f.read(4096), b""):
-            hash_md5.update(chunk)
-    return hash_md5.hexdigest()
+            hash_sha256.update(chunk)
+    return hash_sha256.hexdigest()
 
 
 def initiate_upload():