70 lines
1.5 KiB
Diff
70 lines
1.5 KiB
Diff
Index: b/lib/routines.c
|
|
===================================================================
|
|
--- a/lib/routines.c
|
|
+++ b/lib/routines.c
|
|
@@ -242,3 +242,50 @@
|
|
/* Don't complain if you can't unlink. Who cares of a tmp file? */
|
|
unlink (filename);
|
|
}
|
|
+
|
|
+/*
|
|
+ * Securely generate a temp file, and make sure it gets
|
|
+ * deleted upon exit.
|
|
+ */
|
|
+static char ** tempfiles;
|
|
+static unsigned ntempfiles;
|
|
+
|
|
+static void
|
|
+cleanup_tempfiles()
|
|
+{
|
|
+ while (ntempfiles--)
|
|
+ unlink(tempfiles[ntempfiles]);
|
|
+}
|
|
+
|
|
+char *
|
|
+safe_tempnam(const char *pfx)
|
|
+{
|
|
+ char *dirname, *filename;
|
|
+ int fd;
|
|
+
|
|
+ if (!(dirname = getenv("TMPDIR")))
|
|
+ dirname = "/tmp";
|
|
+
|
|
+ tempfiles = (char **) realloc(tempfiles,
|
|
+ (ntempfiles+1) * sizeof(char *));
|
|
+ if (tempfiles == NULL)
|
|
+ return NULL;
|
|
+
|
|
+ filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX"));
|
|
+ if (!filename)
|
|
+ return NULL;
|
|
+
|
|
+ sprintf(filename, "%s/%sXXXXXX", dirname, pfx);
|
|
+
|
|
+ if ((fd = mkstemp(filename)) < 0) {
|
|
+ free(filename);
|
|
+ return NULL;
|
|
+ }
|
|
+ close(fd);
|
|
+
|
|
+ if (ntempfiles == 0)
|
|
+ atexit(cleanup_tempfiles);
|
|
+ tempfiles[ntempfiles++] = filename;
|
|
+
|
|
+ return filename;
|
|
+}
|
|
Index: b/lib/routines.h
|
|
===================================================================
|
|
--- a/lib/routines.h
|
|
+++ b/lib/routines.h
|
|
@@ -255,7 +255,8 @@
|
|
/* If _STR_ is not defined, give it a tempname in _TMPDIR_ */
|
|
#define tempname_ensure(Str) \
|
|
do { \
|
|
- (Str) = (Str) ? (Str) : tempnam (NULL, "a2_"); \
|
|
+ (Str) = (Str) ? (Str) : safe_tempnam("a2_"); \
|
|
} while (0)
|
|
+char * safe_tempnam(const char *);
|
|
|
|
#endif
|