...
The fopen_s() function defined in ISO/IEC TR 24731-2006 is designed to improve * the security of the fopen() function. However, like fopen(), fopen_s() provides no mechanism to determine if an existing file has been opened for writing or a new file has been created. The code below contains the same TOCTOU race condition as in Non-Compliant Code Example 1.
...
| Code Block | ||
|---|---|---|
| ||
...
int fd = open(file_name, O_CREAT | O_EXCL | O_WRONLY, new_file_mode);
if (fd == -1) {
/* Handle Error */
}
...
|
Care should be observed when using O_EXCL with remote file systems as it does not work with NFS version 2. NFS version 3 added support for O_EXCL mode in open(); see IETF RFC 1813 Callaghan 95, in particular the EXCLUSIVE value to the mode argument of CREATE.
Compliant Solution: fdopen() (POSIX)
...