...
| Code Block |
|---|
|
char temp_file_namefilename[L_tmpnam];
if (tmpnam(temp_file_namefilename)) {
/* temp_file_name may refer to an existing file */
t_file = fopen(temp_file_namefilename,"wb+");
if (!t_file) {
/* Handle Error */
}
}
|
...
| Code Block |
|---|
|
char temp_namefilename[] = "/tmp/temp-XXXXXX";
if (mktemp(temp_namefilename) == NULL) {
/* Handle Error */
}
/* A TOCTOU race condition exists here */
if ((fd = open(temp_namefilename, O_WRONLY | O_CREAT | O_EXCL | O_TRUNC, 0600)) == -1) {
/* Handle Error */
}
|
...
| Code Block |
|---|
char template[] = "/tmp/fileXXXXXXtemp-XXXXXX";
if ((fd = mkstemp(template)) == -1) {
/* handleHandle error conditionError */
}
|
The mkstemp() algorithm for selecting filenames has proven to be immune to attacks.
| Code Block |
|---|
|
char sfn[15] = "/tmp/ed.temp-XXXXXX";
FILE *sfp;
int fd = -1;
if ((fd = mkstemp(sfn)) == -1) {
|| (sfp/* = fdopen(fd, "Handle Error */
}
Â
if (sfp = fdopen(fd, "w+")) == NULL) {
if (fd != -1) {
unlink(sfn);
close(fd);
} else }{
/* handle error condition */
}
unlink(sfn); /* unlink immediately to allow name to be recycled*/
/* use temporary file */
fclose(sfp); /* note thisalso closes fd */
}Â
|
| Wiki Markup |
|---|
The Open Group Base Specification Issue 6 \[[Open Group 04|AA. C References#Open Group 04]\] does not specify the permissions the file is created with, so these are [implementation-defined|BB. Definitions#implementation-defined behavior]. However, Issue 7 (that is, POSIX.1-2008) specifies them as {{S_IRUSR\|S_IWUSR}} (0600). |
...
