From: deraadt Date: Sat, 28 Dec 1996 02:33:10 +0000 (+0000) Subject: 95% of common uses of these are incorrect and insecure. correct use is X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=5cf55735242c985ac2bb63bb45a916eddaf36316;p=openbsd 95% of common uses of these are incorrect and insecure. correct use is incredibly rare. Time for some education! --- diff --git a/lib/libc/stdio/mktemp.c b/lib/libc/stdio/mktemp.c index c7642ee30ae..bc69c6f265f 100644 --- a/lib/libc/stdio/mktemp.c +++ b/lib/libc/stdio/mktemp.c @@ -32,7 +32,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static char rcsid[] = "$OpenBSD: mktemp.c,v 1.2 1996/08/19 08:32:55 tholo Exp $"; +static char rcsid[] = "$OpenBSD: mktemp.c,v 1.3 1996/12/28 02:33:10 deraadt Exp $"; #endif /* LIBC_SCCS and not lint */ #include @@ -54,13 +54,26 @@ mkstemp(path) return (_gettemp(path, &fd) ? fd : -1); } +char *_mktemp __P((char *)); + char * -mktemp(path) +_mktemp(path) char *path; { return(_gettemp(path, (int *)NULL) ? path : (char *)NULL); } +__warn_references(mktemp, + "warning: mktemp() possibly used unsafely; consider using mkstemp()"); + +char * +mktemp(path) + char *path; +{ + return(_mktemp(path)); +} + + static int _gettemp(path, doopen) char *path; diff --git a/lib/libc/stdio/tempnam.c b/lib/libc/stdio/tempnam.c index 9795696b8b0..1b49112933d 100644 --- a/lib/libc/stdio/tempnam.c +++ b/lib/libc/stdio/tempnam.c @@ -32,7 +32,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static char rcsid[] = "$OpenBSD: tempnam.c,v 1.4 1996/09/05 21:18:17 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: tempnam.c,v 1.5 1996/12/28 02:33:14 deraadt Exp $"; #endif /* LIBC_SCCS and not lint */ #include @@ -43,6 +43,11 @@ static char rcsid[] = "$OpenBSD: tempnam.c,v 1.4 1996/09/05 21:18:17 deraadt Exp #include #include +__warn_references(tempnam, + "warning: tempnam() possibly used unsafely; consider using mkstemp()"); + +extern char *_mktemp __P((char *)); + char * tempnam(dir, pfx) const char *dir, *pfx; @@ -59,25 +64,25 @@ tempnam(dir, pfx) if (issetugid() == 0 && (f = getenv("TMPDIR"))) { (void)snprintf(name, MAXPATHLEN, "%s%s%sXXXXXX", f, *(f + strlen(f) - 1) == '/'? "": "/", pfx); - if (f = mktemp(name)) + if (f = _mktemp(name)) return(f); } if (f = (char *)dir) { (void)snprintf(name, MAXPATHLEN, "%s%s%sXXXXXX", f, *(f + strlen(f) - 1) == '/'? "": "/", pfx); - if (f = mktemp(name)) + if (f = _mktemp(name)) return(f); } f = P_tmpdir; (void)snprintf(name, MAXPATHLEN, "%s%sXXXXXX", f, pfx); - if (f = mktemp(name)) + if (f = _mktemp(name)) return(f); f = _PATH_TMP; (void)snprintf(name, MAXPATHLEN, "%s%sXXXXXX", f, pfx); - if (f = mktemp(name)) + if (f = _mktemp(name)) return(f); sverrno = errno; diff --git a/lib/libc/stdio/tmpnam.c b/lib/libc/stdio/tmpnam.c index dba536067b3..15f68b02d9e 100644 --- a/lib/libc/stdio/tmpnam.c +++ b/lib/libc/stdio/tmpnam.c @@ -35,7 +35,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static char rcsid[] = "$OpenBSD: tmpnam.c,v 1.2 1996/08/19 08:33:10 tholo Exp $"; +static char rcsid[] = "$OpenBSD: tmpnam.c,v 1.3 1996/12/28 02:33:15 deraadt Exp $"; #endif /* LIBC_SCCS and not lint */ #include @@ -43,6 +43,11 @@ static char rcsid[] = "$OpenBSD: tmpnam.c,v 1.2 1996/08/19 08:33:10 tholo Exp $" #include #include +__warn_references(tmpnam, + "warning: tmpnam() possibly used unsafely; consider using mkstemp()"); + +extern char *_mktemp __P((char *)); + char * tmpnam(s) char *s; @@ -54,5 +59,5 @@ tmpnam(s) s = buf; (void)snprintf(s, L_tmpnam, "%stmp.%lu.XXXXXX", P_tmpdir, tmpcount); ++tmpcount; - return (mktemp(s)); + return (_mktemp(s)); }