From: millert <millert@openbsd.org>
Date: Fri, 22 Aug 2008 00:56:13 +0000 (+0000)
Subject: Replace the old algorithm that included the process id as part of the
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=ce0e8a64dee1d5a356806a42f79d5aadd2b7edd3;p=openbsd

Replace the old algorithm that included the process id as part of the
temporary file name with one that only uses random data.  OK deraadt@
---

diff --git a/lib/libc/stdio/mktemp.c b/lib/libc/stdio/mktemp.c
index e5a584ca6a0..e70b2427704 100644
--- a/lib/libc/stdio/mktemp.c
+++ b/lib/libc/stdio/mktemp.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: mktemp.c,v 1.22 2008/08/21 16:54:44 millert Exp $ */
+/*	$OpenBSD: mktemp.c,v 1.23 2008/08/22 00:56:13 millert Exp $ */
 /*
  * Copyright (c) 1987, 1993
  *	The Regents of the University of California.  All rights reserved.
@@ -82,43 +82,36 @@ mktemp(char *path)
 static int
 _gettemp(char *path, int *doopen, int domkdir, int slen)
 {
-	char *start, *trv, *suffp;
+	char *start, *cp, *ep;
 	struct stat sbuf;
-	int rval;
-	pid_t pid;
+	size_t len;
+	int r;
 
 	if (doopen && domkdir) {
 		errno = EINVAL;
 		return(0);
 	}
 
-	for (trv = path; *trv; ++trv)
-		;
-	trv -= slen;
-	suffp = trv;
-	--trv;
-	if (trv < path) {
+	len = strlen(path);
+	if (len == 0 || slen >= len) {
 		errno = EINVAL;
-		return (0);
-	}
-	pid = getpid();
-	while (trv >= path && *trv == 'X' && pid != 0) {
-		*trv-- = (pid % 10) + '0';
-		pid /= 10;
-	}
-	while (trv >= path && *trv == 'X') {
-		char c;
-
-		pid = arc4random_uniform(26+26);
-		if (pid < 26)
-			c = pid + 'A';
-		else
-			c = (pid - 26) + 'a';
-		*trv-- = c;
+		return(0);
 	}
-	start = trv + 1;
+	ep = path + len - slen;
+
+	for (start = ep; *--start == 'X';)
+		;
+	start++;
 
 	for (;;) {
+		for (cp = start; cp != ep; cp++) {
+			r = arc4random_uniform(26 + 26);
+			if (r < 26)
+				*cp = r + 'A';
+			else
+				*cp = (r - 26) + 'a';
+		}
+
 		if (doopen) {
 			if ((*doopen =
 			    open(path, O_CREAT|O_EXCL|O_RDWR, 0600)) >= 0)
@@ -132,28 +125,6 @@ _gettemp(char *path, int *doopen, int domkdir, int slen)
 				return(0);
 		} else if (lstat(path, &sbuf))
 			return(errno == ENOENT ? 1 : 0);
-
-		/* tricky little algorithm for backward compatibility */
-		for (trv = start;;) {
-			if (!*trv)
-				return (0);
-			if (*trv == 'Z') {
-				if (trv == suffp)
-					return (0);
-				*trv++ = 'a';
-			} else {
-				if (isdigit(*trv))
-					*trv = 'a';
-				else if (*trv == 'z')	/* inc from z to A */
-					*trv = 'A';
-				else {
-					if (trv == suffp)
-						return (0);
-					++*trv;
-				}
-				break;
-			}
-		}
 	}
 	/*NOTREACHED*/
 }