TMPFILE(3) | Library Functions Manual | TMPFILE(3) |
tempnam
, tmpfile
,
tmpnam
—
#include <stdio.h>
FILE *
tmpfile
(void);
char *
tmpnam
(char
*str);
char *
tempnam
(const
char *tmpdir, const char
*prefix);
tmpfile
() function returns a pointer to a stream
associated with a file descriptor returned by the routine
mkstemp(3). The created file is
unlinked before tmpfile
() returns, causing the file to
be automatically deleted when the last reference to it is closed. The file is
opened with the access value ‘w+
’.
The tmpnam
() function returns a pointer to
a file name, in the P_tmpdir
directory, which did
not reference an existing file at some indeterminate point in the past.
P_tmpdir
is defined in the include file
<stdio.h>
. If the argument
s is non-NULL
, the file name
is copied to the buffer it references. Otherwise, the file name is copied to
a static buffer. In either case, tmpnam
() returns a
pointer to the file name.
The buffer referenced by s is expected to be
at least L_tmpnam
bytes in length.
L_tmpnam
is defined in the include file
<stdio.h>
.
The tempnam
() function is similar to
tmpnam
(), but provides the ability to specify the
directory which will contain the temporary file and the file name
prefix.
The environment variable TMPDIR
(if set),
the argument tmpdir (if
non-NULL
), the directory
P_tmpdir
, and the directory
/tmp are tried, in the listed order, as directories
in which to store the temporary file.
The argument prefix, if
non-NULL
, is used to specify a file name prefix,
which will be the first part of the created file name.
tempnam
() allocates memory in which to store the
file name; the returned pointer may be used as a subsequent argument to
free(3).
tmpfile
() function returns a pointer to an open file
stream on success, and a NULL
pointer on error.
The tmpnam
() and
tempnam
() functions return a pointer to a file name
on success, and a NULL
pointer on error.
tmpfile
() function may fail and set the global
variable errno for any of the errors specified for the
library functions fdopen(3) or
mkstemp(3).
The tmpnam
() function may fail and set
errno for any of the errors specified for the library
function mktemp(3).
The tempnam
() function may fail and set
errno for any of the errors specified for the library
functions malloc(3) or
mktemp(3).
tmpfile
() and tmpnam
()
functions conform to ANSI X3.159-1989
(“ANSI C89”). All described functions also conform
to IEEE Std 1003.1-2001 (“POSIX.1”),
albeit the tempnam
() and
tmpnam
() functions have been marked as obsolete in the
IEEE Std 1003.1-2008 (“POSIX.1”)
revision.
tmpnam
(), tempnam
(), or
mktemp(3). Subsequently, the
program calls open(2) or
fopen(3) and erroneously opens a
file (or symbolic link, or fifo or other device) that the attacker has placed
in the expected file location. Hence
mkstemp(3) is recommended,
since it atomically creates the file.
Second, most historic implementations provide only a limited number of possible temporary file names (usually 26) before file names will start being recycled. Third, the AT&T System V UNIX implementations of these functions (and of mktemp(3)) use the access(2) system call to determine whether or not the temporary file may be created. This has obvious ramifications for setuid or setgid programs, complicating the portable use of these interfaces in such programs. Finally, there is no specification of the permissions with which the temporary files are created.
This implementation of tmpfile
() does not
have these flaws, and that of tmpnam
() and
tempnam
() only have the first limitation, but
portable software cannot depend on that. In particular, the
tmpfile
() interface should not be used in software
expected to be used on other systems if there is any possibility that the
user does not wish the temporary file to be publicly readable and
writable.
A link-time warning will be issued if
tmpnam
() or tempnam
() is
used, and advises the use of mkstemp
() instead.
April 30, 2010 | NetBSD 9.2 |