Page History

...

This noncompliant code example invokes the File.createTempFile() method, which generates a unique temporary file name based on two parameters, a prefix and an extension. This is the only method from Java 6 and earlier that is designed to produce unique file names, although the names produced can be easily predicted. A random number generator can be used to produce the prefix if a random file name is required.

Wiki MarkupThis example also uses the {{deleteOnExit()}} method to ensure that the temporary file is deleted when the Java Virtual Machine (JVM) terminates. However, according to the Java API \ [[API 2006|AA. References#API 06] \] Class {{File}}, method {{deleteOnExit()}} documentation,

Deletion will be attempted only for normal termination of the virtual machine, as defined by the Java Language Specification. Once deletion has been requested, it is not possible to cancel the request. This method should consequently be used with care.
Note: this method should not be used for file-locking, as the resulting protocol cannot be made to work reliably.

Wiki MarkupConsequently, the file is not deleted if the JVM terminates unexpectedly. A longstanding bug on Windows-based systems reported as [Bug ID: 4171239|http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4171239] \ [[SDN 2008|AA. References#SDN 08] \] causes JVMs to fail to delete a file when {{deleteOnExit()}} is invoked before the associated stream or {{RandomAccessFile}} is closed.

Code Block

bgColor	#FFcccc

class TempFile {
  public static void main(String[] args) throws IOException{
    File f = File.createTempFile("tempnam",".tmp");
    FileOutputStream fop = null;
    try {
      fop = new FileOutputStream(f);
      String str = "Data";
      fop.write(str.getBytes());
      fop.flush();
    } finally {
      // Stream/file still open; file will
      // not be deleted on Windows systems
      f.deleteOnExit(); // Delete the file when the JVM terminates

      if (fop != null) {
        try {
          fop.close();
        } catch (IOException x) {
          // handle error
        }
      }
    }
  }
}

...

CERT C Secure Coding Standard	FIO43-C. Do not create temporary files in shared directories
CERT C++ Secure Coding Standard	FIO43-CPP. Do not create temporary files in shared directories
MITRE CWE	CWE-377. Insecure temporary file
	CWE-459. Incomplete cleanup

Bibliography

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="89531e3d-9008-4471-9c0f-44ec28472ffa"><ac:plain-text-body><![CDATA[	[ [API 2006AA. References#API 06] ]	Class `File`, methods `createTempFile`, `delete`, `deleteOnExit`]]></ac:plain-text-body></ac:structured-macro>
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f0aa5284-b0ef-4e59-949f-adecc6d8db75"><ac:plain-text-body><! [CDATA[ [[Darwin 2004AA. References#Darwin 04] ]	11.5, Creating a Transient File	]]></ac:plain-text-body></ac:structured-macro>	<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f0ac1a0c-7fd0-451b-9057-ea76cebcaa55"><ac:plain-text-body><![CDATA[
[[J2SE 2011AA. References#J2SE 11] ]
]]></ac:plain-text-body></ac:structured-macro>	<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b09e0bba-7a41-41de-a2df-033bc9c08a4a"><ac:plain-text-body><![CDATA [ [[SDN 2008AA. References#SDN 08] ]	Bug IDs 4171239, 4405521, 4635827, 4631820	]]></ac:plain-text-body></ac:structured-macro>
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="95f0e028-3e71-4f96-9be3-8db953081da8"><ac:plain-text-body><! [CDATA[ [[Secunia 2008AA. References#Secunia 08] ]	[Secunia Advisory 20132http://secunia.com/advisories/ 20132/] ]]></ac:plain-text-body></ac:structured-macro>

...

12. Input Output (FIO)

Space shortcuts

Page tree

Versions Compared

Old Version 86

New Version 87

Key

Bibliography