From owner-freebsd-audit  Mon Nov 20  1:53: 9 2000
Delivered-To: freebsd-audit@freebsd.org
Received: from trinity.skynet.be (trinity.skynet.be [195.238.2.38])
	by hub.freebsd.org (Postfix) with ESMTP id AEC1737B4C5
	for <audit@FreeBSD.ORG>; Mon, 20 Nov 2000 01:53:04 -0800 (PST)
Received: from [195.238.1.121] (brad.techos.skynet.be [195.238.1.121])
	by trinity.skynet.be (Postfix) with ESMTP id 534EF181F8
	for <audit@FreeBSD.ORG>; Mon, 20 Nov 2000 10:53:03 +0100 (MET)
Mime-Version: 1.0
X-Sender: blk@pop.skynet.be
Message-Id: <v04220807b63ea24a1d11@[195.238.1.121]>
Date: Mon, 20 Nov 2000 10:53:27 +0100
To: FreeBSD audit mailing list <audit@FreeBSD.ORG>
From: Brad Knowles <blk@skynet.be>
Subject: Possible unsafe uses of mktemp() found during "make
 buildworld"...
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Folks,

	I don't know if this is interesting at all or not, but I recently 
discovered a number of "warning: mktemp() possibly used unsafely; 
consider using mkstemp()" type errors during a recent "make 
buildworld", and I thought it might be of use to provide that 
information here.


	The command I ran to generate the output (under bash) is:

		$ cd /usr/src
		$ make update
		$ make buildworld > /var/log/make.buildworld 2>&1 &

	To pull the mkstemp warnings out, the command pipeline that I 
finally settled on is:

		$ cd /var/log
		$ grep -i mkstemp\(\) make.buildworld | cut -f 1 -d ' ' | sort -u

	The output is:

		bucomm.o(.text+0x35b):
		choose-temp.o(.text+0x13e):
		crunchgen.o(.text+0x204):
		ctm_pass2.o(.text+0x7fa):
		eval.o(.text+0x417):
		indxbib.o(.text+0x40b):
		main.o(.text+0x33a):
		mk-amd-map.o(.text+0x575):
		mount_portal.o(.text+0xeb):
		patch.o(.text+0xc8):
		printjob.o(.text+0xf1):
		quit.o(.text+0xb76):
		rcsedit.o(.text+0x1936):
		rcsfnms.o(.text+0xd0):
		sdiff.o(.text+0x10c7):
		tables.o(.text+0x348):
		texindex.o(.text+0xbd):
		xlint.o(.text+0x4b2):
		xstr.o(.text+0xbe):
		yppasswdd_server.o(.text+0xba9):

	Without the `sort -u` at the end, on my FreeBSD 4.2-BETA machine 
(cvsupped this past Saturday evening), this runs to 49 lines of 
output.


	I know that mktemp() can be safely used, but I was surprised at 
the number of times that this warning showed up during a "make 
buildworld".  I was especially surprised the first time I noticed 
this, when I had directed stdout to a file, but saw all these 
unexpected warnings pop up.


	Anyway, if this isn't useful, please let me know.  I just thought 
that it was rather unsettling, and that perhaps folks on this list 
might be interested.

--
   These are my opinions -- not to be taken as official Skynet policy
======================================================================
Brad Knowles, <blk@skynet.be>                || Belgacom Skynet SA/NV
Systems Architect, Mail/News/FTP/Proxy Admin || Rue Colonel Bourg, 124
Phone/Fax: +32-2-706.13.11/12.49             || B-1140 Brussels
http://www.skynet.be                         || Belgium

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
     -Benjamin Franklin, Historical Review of Pennsylvania.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message