From 15a8787685b9e138adf01cd1e85dead4209dc1ce Mon Sep 17 00:00:00 2001
From: Theo de Raadt <deraadt@cvs.openbsd.org>
Date: Sat, 28 Dec 1996 02:33:16 +0000
Subject: 95% of common uses of these are incorrect and insecure. correct use
 is incredibly rare. Time for some education!

---
 lib/libc/stdio/tempnam.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

(limited to 'lib/libc/stdio/tempnam.c')

diff --git a/lib/libc/stdio/tempnam.c b/lib/libc/stdio/tempnam.c
index 9795696b8b0..1b49112933d 100644
--- a/lib/libc/stdio/tempnam.c
+++ b/lib/libc/stdio/tempnam.c
@@ -32,7 +32,7 @@
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static char rcsid[] = "$OpenBSD: tempnam.c,v 1.4 1996/09/05 21:18:17 deraadt Exp $";
+static char rcsid[] = "$OpenBSD: tempnam.c,v 1.5 1996/12/28 02:33:14 deraadt Exp $";
 #endif /* LIBC_SCCS and not lint */
 
 #include <sys/param.h>
@@ -43,6 +43,11 @@ static char rcsid[] = "$OpenBSD: tempnam.c,v 1.4 1996/09/05 21:18:17 deraadt Exp
 #include <unistd.h>
 #include <paths.h>
 
+__warn_references(tempnam,
+    "warning: tempnam() possibly used unsafely; consider using mkstemp()");
+
+extern char *_mktemp __P((char *));
+
 char *
 tempnam(dir, pfx)
 	const char *dir, *pfx;
@@ -59,25 +64,25 @@ tempnam(dir, pfx)
 	if (issetugid() == 0 && (f = getenv("TMPDIR"))) {
 		(void)snprintf(name, MAXPATHLEN, "%s%s%sXXXXXX", f,
 		    *(f + strlen(f) - 1) == '/'? "": "/", pfx);
-		if (f = mktemp(name))
+		if (f = _mktemp(name))
 			return(f);
 	}
 
 	if (f = (char *)dir) {
 		(void)snprintf(name, MAXPATHLEN, "%s%s%sXXXXXX", f,
 		    *(f + strlen(f) - 1) == '/'? "": "/", pfx);
-		if (f = mktemp(name))
+		if (f = _mktemp(name))
 			return(f);
 	}
 
 	f = P_tmpdir;
 	(void)snprintf(name, MAXPATHLEN, "%s%sXXXXXX", f, pfx);
-	if (f = mktemp(name))
+	if (f = _mktemp(name))
 		return(f);
 
 	f = _PATH_TMP;
 	(void)snprintf(name, MAXPATHLEN, "%s%sXXXXXX", f, pfx);
-	if (f = mktemp(name))
+	if (f = _mktemp(name))
 		return(f);
 
 	sverrno = errno;
-- 
cgit v1.2.3