On Wed, 2011-01-05 at 22:50 +0100, Karel Zak wrote:
> On Wed, Jan 05, 2011 at 04:41:02PM -0300, Davidlohr Bueso wrote:
> > > > + sprintf(tmp, "%s-XXXXXX", command->name);
> > > > + if (-1 == (fd = mkstemp(tmp))) {
> > > > fprintf (stderr, "Unable to create a unique filename\t%s\n",
> > > > ERRSTRING);
> > > > exit (1);
> > > > }
> > > > + /* we don't use this file really */
> > > > + close(fd);
> > > > + unlink(tmp);
> > > > + free(tmp);
>
> BTW, the tmpnam() is dangerous, because (man tmpnam):
>
> possible that between the time that tmpnam() returns a pathname,
> and the time that the program opens it, another program might create
> that pathname using open(2), or create it as a symbolic link.
>
> Your code with mkstemp() + close() + unlink() does exactly the same
> mistake. The mkstemp() function is secure because it returns file
> descriptor, the filename should not be used after close().
Nice catch.
>
> > > Sorry, but I don't understand this change at all. The temporary file
> > > in the original code was used for the fifo. It seems that in your code
> > > the command->name is uninitialized and your tmp file is unused. Right?
> > >
> > The way I see it, the original code doesn't use the string created by
>
> It uses the string, tmpnam() copies the path to command->name.
Ok, I should have double checked this then, my bad. Looks like there is
no direct way of "atomically" creating a random name fifo, unlink
regular files.
>
> > tmpnam (from the manpage I assume that it doesn't create the file,
> > unlike mkstemp, but only returns the file's name):
> >
> > if (tmpnam (command->name) == NULL)
> > {
> > fprintf (stderr, "Unable to create a unique filename\t%s
> > \n",
> > ERRSTRING);
> > exit (1);
> > }
>
> Karel
>
--
To unsubscribe from this list: send the line "unsubscribe util-linux" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
