This repost from http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28310 in request of gcc maintainers to report this bug to glib. - - - While compiling binutils-2.17 from (Debian) sources, gcc reports following: bucomm.o: In function `make_tempname': /usr/src/net/deb/src/binutils-2.17/binutils/bucomm.c:426: warning: the use\ of `mktemp' is dangerous, better use `mkstemp' The proper fix is to use `mkdtemp' in the code, but the error message does not tell this. The developers may mistakenly disregard this message when they think "Oh, I create directories and `mkstemp' cannot create directories, so the warning does not apply to this code". SUGGESTION a) Add to the manual page, mkstemp.1, that this function works for files only. Add Crosss reference to mkdtemp and vice versa (from mkdtemp => mkstemp.1) b) Implement better checking in gcc to differtiate directories from files when displaying warning about use of mktemp function. OR mention both mkstemp and mkdtemp in the warning message if the parser cannot know which is the case - - - Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/dash Kernel: Linux 2.6.16-2-686 Locale: LANG=C, LC_CTYPE=C (charmap=ISO-8859-1) (ignored: LC_ALL set to en_US) Versions of packages gcc depends on: ii cpp 4:4.1.1-3 The GNU C preprocessor (cpp) ii gcc-4.1 4.1.1-7 The GNU C compiler Versions of packages gcc recommends: ii libc6-dev [libc-dev] 2.3.6-15 GNU C Library: Development Librar\ i
The man pages have nothing to do with glibc. Do whatever you want. I don't intend to change the message since if a programmer cannot figure out that mkdtemp should be used mentioning both functions will only further complicate things. If anything, it's an issue with the man pages.
(In reply to Ulrich Drepper from comment #1) > If anything, it's an issue with the man pages. Fixed in http://git.kernel.org/cgit/docs/man-pages/man-pages.git/commit/?id=9b44ad2028b6ae5ede880314e87c8b976e69b19a
I think it's time to reconsider this feature request.
This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GNU C Library master sources". The branch, master has been updated via 64d9cfd90e8f24815f5c99dc994ea0dacf773304 (commit) from fff289f358ee26bb4cdd70f72f4b1b0e1a7d07a1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=64d9cfd90e8f24815f5c99dc994ea0dacf773304 commit 64d9cfd90e8f24815f5c99dc994ea0dacf773304 Author: Gleb Fotengauer-Malinovskiy <glebfm@altlinux.org> Date: Sun Aug 9 11:11:36 2015 +0200 Mention mkdtemp as another secure alternative to mktemp [BZ #2898] * misc/mktemp.c: Add mkdtemp to the link_warning message. Based on patch by Aurelien Jarno. ----------------------------------------------------------------------- Summary of changes: ChangeLog | 6 ++++++ NEWS | 8 ++++---- misc/mktemp.c | 3 ++- 3 files changed, 12 insertions(+), 5 deletions(-)
Fixed in master.