#914 Warning: the use of `tmpnam' is dangerous, better use `mkstemp'
Metadata
| Property | Value |
|---|---|
| Reported by | Patrick Leidenberger (mailings.pl@gmail.com) |
| Reported at | May 12, 2011 05:34 |
| Type | Bug Report |
| Version | Git (pre2.4) [autotools] |
| Operating System | Unspecified / All |
| Last edited by | Patrick Leidenberger (mailings.pl@gmail.com) |
| Last edited at | May 12, 2011 06:16 |
| Closed by | Patrick Leidenberger (mailings.pl@gmail.com) |
| Closed at | May 12, 2011 06:16 |
| Closed in version | Unknown |
| Resolution | Duplicate |
| Comment | Hi Christian, thanks for the tip with #912 (closed). I missed, that there is already a discussion ongoing. |
Description
Hi all,
compiling my code, which uses the dgfparser, I got the warning:
warning: the use of tmpnam' is dangerous, better use mkstemp'
from the compiler.
This warning is related to:
io/file/dgfparser/dgfparser.cc:1082: char buffer[ L_tmpnam ]; // supply buffer to make it thread safe
io/file/dgfparser/dgfparser.cc:1083: return std::string( std::tmpnam( buffer ) );
and as far as I see, Martin introduced this in rev 7326.
Because I didn't know tmpnam I googled it and found some controverse discusstions:
[http://bytes.com/topic/c/answers/222683-tmpnam]: Race conditions: tmpnam() generates a file name that is not in use at the moment of the call, but there's no guarantee that some other program might not create such a file two nanoseconds later, before you get a chance to use the name tmpnam() built for you.
Security holes: It's at least conceivable that the race condition mentioned above could be exploited as part of a penetration of privilege barriers.
[http://www.cygwin.com/ml/libc-alpha/2000-11/msg00184.html]
No, you can use tmpnam' safely by opening the returned file name with O_CREAT|O_EXCL. This is similar to what mkstemp' does internally.
I've seen applications that do this for portability reasons, as
`mkstemp' is not universally supported.
Can you please comment on your change and whats its impact?
My system: Standart Ubuntu 10.10 x64 with g++ (Ubuntu/Linaro 4.4.4-14ubuntu5) 4.4.5
Have a nice day Patrick