[AD] Maybe bug in pack_fopen_chunk

[ Thread Index | Date Index | More lists.liballeg.org/allegro-developers Archives ]


In pack_fopen_chunk, file.c, line 2007 there is a bit of code involving tmpnam:
====
       /* note: since the filename creation and the opening are not
         * an atomic operation, this is not secure
         */
        tmpnam_string = tmpnam(NULL);
        tmp_name = _AL_MALLOC_ATOMIC(strlen(tmp_dir) +
strlen(tmpnam_string) + 2);
        sprintf(tmp_name, "%s/%s", tmp_dir, tmpnam_string);

        if (tmp_name) {
#ifndef ALLEGRO_MPW
           tmp_fd = open(tmp_name, O_RDWR | O_BINARY | O_CREAT |
O_EXCL, OPEN_PERMS);
#else
           tmp_fd = _al_open(tmp_name, O_RDWR | O_BINARY | O_CREAT | O_EXCL);
#endif
        }
====
tmp_dir has already been set up (to /tmp or whatever)
On OSX (and as far as I can tell from the manpages, on Linux too),
tmpnam() already supplies the path to the temporary file, (I get
something like '/var/tmp/tmp.0.nvWJmI') so the final value of tmp_name
is something like '/tmp//var/tmp/tmp.0.nvWJmI'. This is a non-existent
path and open() fails.

Please can someone confirm that on Linux, tmpnam provides a path?

Looking at the wider context, those lines are only used if
HAVE_MKSTEMP is not defined (mkstemp() is a much better way to do it,
and most systems I think have mkstemp) so there is a second bug -
namely OSX should define HAVE_MKSTEMP. I'll look into that one.

Pete




Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/