[krbdev.mit.edu #3017] mktemp' is dangerous, better use `mkstemp' in kerberos code
sharma via RT
rt-comment at krbdev.mit.edu
Tue Apr 19 02:11:50 EDT 2005
Hi
I am developing some application using Kerberos SDK. While compiling our
application we get the following warning messages about mktemp api used in
Kerberos source code.
/home/srbpkg/srbpkg/kerberos/32/install/lib/libkrb5.a(cc_memory.o)(.text+0xf
73): In function `krb5_mcc_generate_new':
: the use of `mktemp' is dangerous, better use `mkstemp'
I greped mktemp keyword in Kerberos source code and found out that the APIs
is used in 3-4 location.
[srbkit at p125238 kerberos]$ grep -r --include=*.c mkstemp 32/krb5-1.4
krb5-1.4/src/lib/krb5/ccache/cc_file.c: ret = mkstemp(scratch);
krb5-1.4/src/util/db2/btree/bt_open.c: if ((fd = mkstemp(path)) != -1)
krb5-1.4/src/util/db2/clib/mkstemp.c:mkstemp(path)
krb5-1.4/src/util/fakedest/home/srbpkg/srbpkg/kerberos/32/install/lib/krb5/c
cache/cc_file.c: ret = mkstemp(scratch);
I hope you may try to fix this APIs usage.
Thanks
SAM SHARMA
More information about the krb5-bugs
mailing list