Login
Login

Mkstemp

{{Short description|Thread-safe POSIX function for creating a temporary file}}

{{lowercase}}

In computing, mkstemp is a POSIX function for creating a temporary file (a computer file which usually ceases to exist when the program, which opened the file, closes it or terminates). It accepts an argument that determines the location of the temporary file, and the prefix of its generated filename. After mkstemp was added to the Single UNIX Specification, the function tmpnam() was deprecated, because the latter carried the risk that a temporary file with the same name could be created by another thread or process within the time from when the caller obtains the temporary filename and attempts to create it. mkstemp does not suffer from this problem.

Usage

=Inclusion=

; C

  1. include // per IEEE Std 1003.1, 2004
  2. include // for "legacy" systems

; C++

  1. include // per IEEE Std 1003.1, 2004
  2. include // for "legacy" systems

=Declaration=

int mkstemp(char* template);

=Requirements=

  • The parameter template must be a modifiable, null-terminated character array.
  • The contents of template must be in the format of a valid file path, with six trailing 'X's.
  • The parameter template must not have been used in a previous invocation of mkstemp.

=Semantics=

  • The trailing 'X's in template are overwritten to generate a unique file name for the resulting temporary file.
  • The function reports a valid file descriptor to a temporary file on success; on failure, it reports -1.

= Example =

The following code is an example of the usage of mkstemp; the local variable filename is modified by mkstemp and will contain the path to the new file:

  1. include

void example()

{

char filename[] = "/tmp/prefXXXXXX";

mkstemp(filename);

}

Error conditions

It is unspecified if mkstemp sets errno, and what values of errno are set, in the event of failure.

Mechanism

The mkstemp function generates a filename according to the supplied argument for the template, and attempts to create it. It repeats this process until a file has been successfully created. After this, it opens the file and returns the file descriptor to the caller, with the data buffer that was passed to the function with the template now containing the new filename. The file can be deleted immediately after the mkstemp call returns to prevent other processes from opening it, but the file can still be used because the calling process will still have a valid file descriptor. Older versions of mkstemp created the file with an umask of 0666, resulting in the temporary files being readable and writable to all users, and thus presenting a security vulnerability; this is mitigated by setting the umask manually before calling mkstemp. Newer versions of the function create the file with the umask 600, so that only the owner of the file may read from and write to it.

See also

References

{{reflist|refs=

[http://www.opengroup.org/onlinepubs/009695399/functions/mkstemp.html mkstemp] by OpenGroup

{{Cite web

|url=http://pubs.opengroup.org/onlinepubs/9699919799/functions/tempnam.html

|title=tempnam

|publisher=OpenGroup

|work=Open Group Base Specifications

|edition=Issue 7

|year=2018

}}

{{cite book

| last1=Stevens | first1=W. Richard | author1-link=W. Richard Stevens

| last2=Rago | first2=Stephen A. | author2-link=Stephen A. Rago

| work=Advanced Programming in the Unix Environment

| year=2013

| publisher=Addison-Wesley | isbn=9780321638007

| title=Temporary Files | chapter=Standard Library Functions

| page=169

}}

{{cite book

| last1=Viega | first1=John | author1-link=John Viega

| last2=Messier |first2=Matt

| title=Secure Programming Cookbook for C and C++

| year=2003

| publisher=O'Reilly Media | isbn=9780596003944

| chapter=Temporary files on Unix

| page=66

}}

{{cite journal

| last1=Chen | first1=Hao

| last2=Dean | first2=Drew

| last3=Wagner | first3=David A. | author3-link=David A. Wagner

| journal=Network and Distributed System Security Symposium

| volume=4

| year=2004

| publisher=Internet Society

| url=http://seclab.cs.ucdavis.edu/papers/Hao-Chen-papers/ndss04.pdf | access-date=2019-05-18

| archive-url=https://web.archive.org/web/20151008061927/http://seclab.cs.ucdavis.edu/papers/Hao-Chen-papers/ndss04.pdf | archive-date=2015-10-08 | url-status=live

| title=Model Checking One Million Lines of C Code

}}

{{cite web

| last1=Drepper | first1=Ulrich | author1-link=Ulrich Drepper

| title=Defensive Programming for Red Hat Enterprise Linux (and What To Do If Something Goes Wrong)

| date=2009-04-08

| page=7

| s2cid=239879

| url=http://pdfs.semanticscholar.org/c613/325c8cb647f0e94fe2be85ce34060e30d313.pdf

| access-date=2019-05-18

| archive-url=https://web.archive.org/web/20190305044042/http://pdfs.semanticscholar.org/c613/325c8cb647f0e94fe2be85ce34060e30d313.pdf | archive-date=2019-03-05 | url-status=dead

}}

{{cite book

| last1=Seacord | first1=Robert C. | author1-link=Robert C. Seacord

| work=The CERT C Coding Standard

| date=2014-04-25

| edition=2

| publisher=Addison-Wesley | isbn=9780133805291

| title=STR30-C. Do not attempt to modify string literals | chapter=Characters and Strings (STR)

| page=203

}}

}}

Category:Unix file system-related software

Category:C POSIX library