[PATCH] Warn when using mktemp
Brooks Moses
brooks@codesourcery.com
Fri Mar 13 20:49:00 GMT 2009
Corinna Vinschen wrote, at 3/13/2009 10:53 AM:
> the below patch just adds a compile time warning when an application
> is about to use the mktemp function, which is considered dangerous
> (to quote from the Linux man page: "Never use mktemp()" :))
[...]
> -char * _EXFUN(mktemp,(char *));
> +char * _EXFUN(mktemp,(char *)) _ATTRIBUTE ((warning ("the use of `mktemp' is da
> +ngerous, better use `mkstemp'")));
> #endif
I don't mean to be disagreeable, but it's not clear to me why it's
meaningfully dangerous in many cases where Newlib would be used. In any
case, the mktemp documentation should be updated to clearly explain why
it's dangerous, so as not to leave users confused. Doing a Google
search on "mktemp mkstemp dangerous" mostly finds mailing-list threads
of people who are annoyed by the warning.
(Apple's Darwin manpage seems to have a good explanation, FWIW:
http://developer.apple.com/DOCUMENTATION/Darwin/Reference/ManPages/man3/mktemp.3.html)
Pedantically, also, that error message should use a semicolon rather
than a comma, and I think "use `mkstemp' instead" is a bit less
colloquial as a phrasing than "better use `mkstemp'".
- Brooks
More information about the Newlib
mailing list