From: deraadt <deraadt@openbsd.org>
Date: Fri, 7 Feb 1997 13:01:24 +0000 (+0000)
Subject: pre-pad with random alphabetic letters instead of digit 0
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=d5c84baf947035528ecba8998bc059669b98b1b6;p=openbsd

pre-pad with random alphabetic letters instead of digit 0
---

diff --git a/lib/libc/stdio/mktemp.c b/lib/libc/stdio/mktemp.c
index 0d49e06b824..b1f7092bf0e 100644
--- a/lib/libc/stdio/mktemp.c
+++ b/lib/libc/stdio/mktemp.c
@@ -32,7 +32,7 @@
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static char rcsid[] = "$OpenBSD: mktemp.c,v 1.5 1997/01/20 07:46:56 graichen Exp $";
+static char rcsid[] = "$OpenBSD: mktemp.c,v 1.6 1997/02/07 13:01:24 deraadt Exp $";
 #endif /* LIBC_SCCS and not lint */
 
 #include <sys/types.h>
@@ -82,14 +82,26 @@ _gettemp(path, doopen)
 	extern int errno;
 	register char *start, *trv;
 	struct stat sbuf;
-	u_int pid;
+	int pid;
 
 	pid = getpid();
-	for (trv = path; *trv; ++trv);		/* extra X's get set to 0's */
-	while (*--trv == 'X') {
-		*trv = (pid % 10) + '0';
+	for (trv = path; *trv; ++trv)
+		;
+	--trv;
+	while (*trv == 'X' && pid != 0) {
+		*trv-- = (pid % 10) + '0';
 		pid /= 10;
 	}
+	while (*trv == 'X') {
+		char c;
+
+		pid = (arc4random() & 0xffff) % (26+26);
+		if (pid < 26)
+			c = pid + 'A';
+		else
+			c = (pid - 26) + 'a';
+		*trv-- = c;
+	}
 
 	/*
 	 * check the target directory; if you have six X's and it