Date: Sat, 4 Nov 2000 17:00:17 -0800 From: Kris Kennaway <kris@FreeBSD.ORG> To: Kris Kennaway <kris@citusc.usc.edu> Cc: audit@FreeBSD.ORG, peter.jeremy@alcatel.com.au Subject: Re: mktemp() patch, again Message-ID: <20001104170017.B10006@citusc17.usc.edu> In-Reply-To: <20001104145247.A9161@citusc17.usc.edu>; from kris@citusc.usc.edu on Sat, Nov 04, 2000 at 02:52:47PM -0800 References: <20001104145247.A9161@citusc17.usc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
green took my crack pipe away from me (pid isn't used to hold pids any
more, don't make it a pid_t :-). I also updated what appears to be
another bitrotten comment.
Kris
Index: stdio/mktemp.c
===================================================================
RCS file: /mnt/ncvs/src/lib/libc/stdio/mktemp.c,v
retrieving revision 1.19
diff -u -r1.19 mktemp.c
--- stdio/mktemp.c 2000/01/27 23:06:46 1.19
+++ stdio/mktemp.c 2000/11/05 00:50:24
@@ -45,6 +45,7 @@
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
+#include <string.h>
#include <ctype.h>
#include <unistd.h>
@@ -52,6 +53,9 @@
static int _gettemp __P((char *, int *, int, int));
+static const unsigned char padchar[] =
+"0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+
int
mkstemps(path, slen)
char *path;
@@ -103,8 +107,10 @@
int slen;
{
register char *start, *trv, *suffp;
+ char *pad;
struct stat sbuf;
- int pid, rval;
+ int rval;
+ uint32_t rand;
if (doopen && domkdir) {
errno = EINVAL;
@@ -120,26 +126,16 @@
errno = EINVAL;
return (0);
}
- pid = getpid();
- while (*trv == 'X' && pid != 0) {
- *trv-- = (pid % 10) + '0';
- pid /= 10;
- }
- while (*trv == 'X') {
- char c;
- pid = (arc4random() & 0xffff) % (26+26);
- if (pid < 26)
- c = pid + 'A';
- else
- c = (pid - 26) + 'a';
- *trv-- = c;
+ /* Fill space with random characters */
+ while (*trv == 'X') {
+ rand = arc4random() % (sizeof(padchar) - 1);
+ *trv-- = padchar[rand];
}
start = trv + 1;
/*
- * check the target directory; if you have six X's and it
- * doesn't exist this runs for a *very* long time.
+ * check the target directory.
*/
if (doopen || domkdir) {
for (;; --trv) {
@@ -175,19 +171,15 @@
} else if (lstat(path, &sbuf))
return(errno == ENOENT ? 1 : 0);
- /* tricky little algorithm for backward compatibility */
+ /* If we have a collision, cycle through the space of filenames */
for (trv = start;;) {
if (*trv == '\0' || trv == suffp)
return(0);
- if (*trv == 'Z')
- *trv++ = 'a';
+ pad = strchr(padchar, *trv);
+ if (pad == NULL || !*++pad)
+ *trv++ = padchar[0];
else {
- if (isdigit((unsigned char)*trv))
- *trv = 'a';
- else if (*trv == 'z') /* inc from z to A */
- *trv = 'A';
- else
- ++*trv;
+ *trv++ = *pad;
break;
}
}
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjoEsSEACgkQWry0BWjoQKUVvwCg9G4gOekbsqeeClIe7Kwrw3zs
kyMAnRfbQbCfStpUweSiiYVcMCDDruUj
=CK2T
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001104170017.B10006>