summaryrefslogtreecommitdiffstats
path: root/unix
diff options
context:
space:
mode:
authorhobbs <hobbs>2001-08-07 00:42:45 (GMT)
committerhobbs <hobbs>2001-08-07 00:42:45 (GMT)
commit5407c8b540a11d9f614a59d44c701cb67aede86e (patch)
treecb183d4c8145e987b5a691512499ca1c7f51b397 /unix
parent2fdc0fc681d2ffe92f526959cf8910e66bc0c2e6 (diff)
downloadtcl-5407c8b540a11d9f614a59d44c701cb67aede86e.zip
tcl-5407c8b540a11d9f614a59d44c701cb67aede86e.tar.gz
tcl-5407c8b540a11d9f614a59d44c701cb67aede86e.tar.bz2
* unix/tclUnixPipe.c (TclpCreateTempFile): fixed use of tmpnam,
which is dangerous. [Patch: #442636] (lim) The use of tmpnam in TclpTempFileName must still be changed.
Diffstat (limited to 'unix')
-rw-r--r--unix/tclUnixPipe.c21
1 files changed, 14 insertions, 7 deletions
diff --git a/unix/tclUnixPipe.c b/unix/tclUnixPipe.c
index 9da1b11..964b3b1 100644
--- a/unix/tclUnixPipe.c
+++ b/unix/tclUnixPipe.c
@@ -10,7 +10,7 @@
* See the file "license.terms" for information on usage and redistribution
* of this file, and for a DISCLAIMER OF ALL WARRANTIES.
*
- * RCS: @(#) $Id: tclUnixPipe.c,v 1.13 2001/07/31 19:12:08 vincentdarley Exp $
+ * RCS: @(#) $Id: tclUnixPipe.c,v 1.14 2001/08/07 00:42:45 hobbs Exp $
*/
#include "tclInt.h"
@@ -186,19 +186,20 @@ TclFile
TclpCreateTempFile(contents)
CONST char *contents; /* String to write into temp file, or NULL. */
{
- char fileName[L_tmpnam], *native;
+ char fileName[L_tmpnam + 9], *native;
Tcl_DString dstring;
int fd;
/*
- * Linux says we should use mkstemp, but Solaris prefers tmpnam.
* We should also check against making more then TMP_MAX of these.
*/
- if (tmpnam(fileName) == NULL) { /* INTL: Native. */
- return NULL;
+ strcpy(fileName, P_tmpdir); /* INTL: Native. */
+ if (fileName[strlen(fileName) - 1] != '/') {
+ strcat(fileName, "/"); /* INTL: Native. */
}
- fd = open(fileName, O_RDWR|O_CREAT|O_EXCL, 0666); /* INTL: Native. */
+ strcat(fileName, "tclXXXXXX");
+ fd = mkstemp(fileName); /* INTL: Native. */
if (fd == -1) {
return NULL;
}
@@ -238,7 +239,13 @@ Tcl_Obj*
TclpTempFileName()
{
char fileName[L_tmpnam];
-
+
+ /*
+ * tmpnam should not be used (see [Patch: #442636]), but mkstemp
+ * doesn't provide just the filename. The use of this will have
+ * to reconcile that conflict.
+ */
+
if (tmpnam(fileName) == NULL) { /* INTL: Native. */
return NULL;
}