TMPFILE(3) OpenBSD Programmer's Manual TMPFILE(3)
tempnam, tmpfile, tmpnam - temporary file routines
tempnam(const char *tmpdir, const char *prefix);
The tmpfile() function returns a pointer to a stream associated with a
file descriptor returned by the routine mkstemp(3). The created file is
unlinked before tmpfile() returns, causing the file to be automatically
deleted when the last reference to it is closed. Since mkstemp(3)
creates the file with mode S_IRUSR | S_IWUSR, after the unlink, fchown(2)
and umask(2) are used to set the file mode to the expected value. The
file is opened with the access value `w+'.
The tmpnam() function returns a pointer to a file name, in the P_tmpdir
directory, which did not reference an existing file at some indeterminate
point in the past. P_tmpdir is defined in the include file <stdio.h>.
If the argument str is non-null, the file name is copied to the buffer it
references. Otherwise, the file name is copied to a static buffer. In
either case, tmpnam() returns a pointer to the file name.
The buffer referenced by str is expected to be at least L_tmpnam bytes in
length. L_tmpnam is defined in the include file <stdio.h>.
The tempnam() function is similar to tmpnam(), but provides the ability
to specify the directory which will contain the temporary file and the
file name prefix.
The environment variable TMPDIR (if set), the argument tmpdir (if non-
null), the directory P_tmpdir, and the directory /tmp are tried, in the
listed order, as directories in which to store the temporary file.
The argument prefix, if non-null, is used to specify a file name prefix,
which will be the first part of the created file name. tempnam()
allocates memory in which to store the file name; the returned pointer
may be used as a subsequent argument to free(3).
The tmpfile() function returns a pointer to an open file stream on
success, and a null pointer on error.
The tmpnam() and tempnam() functions return a pointer to a file name on
success, and a null pointer on error.
TMPDIR [tempnam() only] If set, the directory in which the temporary
file is stored. TMPDIR is ignored for processes for which
issetugid(2) is true.
The tmpfile() function may fail and set the global variable errno for any
of the errors specified for the library functions fdopen(3) or
The tmpnam() function may fail and set errno for any of the errors
specified for the library function mktemp(3).
The tempnam() function may fail and set errno for any of the errors
specified for the library functions malloc(3) or mktemp(3).
issetugid(2), mkstemp(3), mktemp(3)
The tmpfile() and tmpnam() functions conform to ANSI X3.159-1989
tmpnam() and tempnam() are provided for System V and ANSI compatibility
only. These interfaces are typically not used in safe ways. The
mkstemp(3) interface is strongly preferred.
There are four important problems with these interfaces (as well as with
the historic mktemp(3) interface). First, there is an obvious race
between file name selection and file creation and deletion: the program
is typically written to call tmpnam(), tmpname(), or mktemp(3).
Subsequently, the program calls open(2) or fopen(3) and erroneously opens
a file (or symbolic link, or FIFO or other device) that the attacker has
placed in the expected file location. Hence mkstemp(3) is recommended,
since it atomically creates the file.
Second, most historic implementations provide only a limited number of
possible temporary file names (usually 26) before file names will start
being recycled. Third, the System V implementations of these functions
(and of mktemp(3)) use the access(2) function to determine whether or not
the temporary file may be created. This has obvious ramifications for
daemons or setuid/setgid programs, complicating the portable use of these
interfaces in such programs. Finally, there is no specification of the
permissions with which the temporary files are created.
This implementation does not have these flaws, but portable software
cannot depend on that.
For these reasons, ld(1) will output a warning message whenever it links
code that uses the functions tmpnam() or tempnam().
OpenBSD 5.1 May 31, 2007 OpenBSD 5.1
[Unix Hosting |
[Engineering & Automation |
Software Development |