95% of common uses of these are incorrect and insecure. correct use is

incredibly rare. Time for some education!

diff --git a/lib/libc/stdio/mktemp.c b/lib/libc/stdio/mktemp.c
index c7642ee..bc69c6f 100644 (file)
--- a/lib/libc/stdio/mktemp.c
+++ b/lib/libc/stdio/mktemp.c
@@ -32,7 +32,7 @@
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static char rcsid[] = "$OpenBSD: mktemp.c,v 1.2 1996/08/19 08:32:55 tholo Exp $";
+static char rcsid[] = "$OpenBSD: mktemp.c,v 1.3 1996/12/28 02:33:10 deraadt Exp $";
 #endif /* LIBC_SCCS and not lint */
 
 #include <sys/types.h>
@@ -54,13 +54,26 @@ mkstemp(path)
        return (_gettemp(path, &fd) ? fd : -1);
 }
 
+char *_mktemp __P((char *));
+
 char *
-mktemp(path)
+_mktemp(path)
        char *path;
 {
        return(_gettemp(path, (int *)NULL) ? path : (char *)NULL);
 }
 
+__warn_references(mktemp,
+    "warning: mktemp() possibly used unsafely; consider using mkstemp()");
+
+char *
+mktemp(path)
+       char *path;
+{
+       return(_mktemp(path));
+}
+
+
 static int
 _gettemp(path, doopen)
        char *path;

diff --git a/lib/libc/stdio/tempnam.c b/lib/libc/stdio/tempnam.c
index 9795696..1b49112 100644 (file)
--- a/lib/libc/stdio/tempnam.c
+++ b/lib/libc/stdio/tempnam.c
@@ -32,7 +32,7 @@
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static char rcsid[] = "$OpenBSD: tempnam.c,v 1.4 1996/09/05 21:18:17 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: tempnam.c,v 1.5 1996/12/28 02:33:14 deraadt Exp $";
 #endif /* LIBC_SCCS and not lint */
 
 #include <sys/param.h>
@@ -43,6 +43,11 @@ static char rcsid[] = "$OpenBSD: tempnam.c,v 1.4 1996/09/05 21:18:17 deraadt Exp
 #include <unistd.h>
 #include <paths.h>
 
+__warn_references(tempnam,
+    "warning: tempnam() possibly used unsafely; consider using mkstemp()");
+
+extern char *_mktemp __P((char *));
+
 char *
 tempnam(dir, pfx)
        const char *dir, *pfx;
@@ -59,25 +64,25 @@ tempnam(dir, pfx)
        if (issetugid() == 0 && (f = getenv("TMPDIR"))) {
                (void)snprintf(name, MAXPATHLEN, "%s%s%sXXXXXX", f,
                    *(f + strlen(f) - 1) == '/'? "": "/", pfx);
-               if (f = mktemp(name))
+               if (f = _mktemp(name))
                        return(f);
        }
 
        if (f = (char *)dir) {
                (void)snprintf(name, MAXPATHLEN, "%s%s%sXXXXXX", f,
                    *(f + strlen(f) - 1) == '/'? "": "/", pfx);
-               if (f = mktemp(name))
+               if (f = _mktemp(name))
                        return(f);
        }
 
        f = P_tmpdir;
        (void)snprintf(name, MAXPATHLEN, "%s%sXXXXXX", f, pfx);
-       if (f = mktemp(name))
+       if (f = _mktemp(name))
                return(f);
 
        f = _PATH_TMP;
        (void)snprintf(name, MAXPATHLEN, "%s%sXXXXXX", f, pfx);
-       if (f = mktemp(name))
+       if (f = _mktemp(name))
                return(f);
 
        sverrno = errno;

diff --git a/lib/libc/stdio/tmpnam.c b/lib/libc/stdio/tmpnam.c
index dba5360..15f68b0 100644 (file)
--- a/lib/libc/stdio/tmpnam.c
+++ b/lib/libc/stdio/tmpnam.c
@@ -35,7 +35,7 @@
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static char rcsid[] = "$OpenBSD: tmpnam.c,v 1.2 1996/08/19 08:33:10 tholo Exp $";
+static char rcsid[] = "$OpenBSD: tmpnam.c,v 1.3 1996/12/28 02:33:15 deraadt Exp $";
 #endif /* LIBC_SCCS and not lint */
 
 #include <sys/types.h>
@@ -43,6 +43,11 @@ static char rcsid[] = "$OpenBSD: tmpnam.c,v 1.2 1996/08/19 08:33:10 tholo Exp $"
 #include <stdio.h>
 #include <unistd.h>
 
+__warn_references(tmpnam,
+    "warning: tmpnam() possibly used unsafely; consider using mkstemp()");
+
+extern char *_mktemp __P((char *));
+
 char *
 tmpnam(s)
        char *s;
@@ -54,5 +59,5 @@ tmpnam(s)
                s = buf;
        (void)snprintf(s, L_tmpnam, "%stmp.%lu.XXXXXX", P_tmpdir, tmpcount);
        ++tmpcount;
-       return (mktemp(s));
+       return (_mktemp(s));
 }