X-Git-Url: https://pd.if.org/git/?p=pdclib;a=blobdiff_plain;f=platform%2Fposix%2Ffunctions%2Fstdio%2Ftmpfile.c;h=07b18ceec9bd769f751ea48eed38a7f194b79ad4;hp=29750d46b2a7757cf785c10fa9756dfc98503622;hb=da0f3f353d417fed71f358a48d5d5394145e460d;hpb=a18343e497615802f47e0f6876b5bed73af674e0 diff --git a/platform/posix/functions/stdio/tmpfile.c b/platform/posix/functions/stdio/tmpfile.c index 29750d4..07b18ce 100644 --- a/platform/posix/functions/stdio/tmpfile.c +++ b/platform/posix/functions/stdio/tmpfile.c @@ -1,5 +1,3 @@ -/* $Id$ */ - /* tmpfile( void ) This file is part of the Public Domain C Library (PDCLib). @@ -13,82 +11,71 @@ #include #include #include - -#include <_PDCLIB_glue.h> - -#include -#include -#include +#include "_PDCLIB_glue.h" #include +#ifdef __linux__ +/* get O_CLOEXEC without sys/types.h being awful */ +#include +int open(const char *fname, int flags, ...); +#else +#include +#endif -extern struct _PDCLIB_file_t * _PDCLIB_filelist; +extern const _PDCLIB_fileops_t _PDCLIB_fileops; -/* This is an example implementation of tmpfile() fit for use with POSIX - kernels. -*/ -struct _PDCLIB_file_t * tmpfile( void ) +FILE* _PDCLIB_nothrow tmpfile( void ) { - FILE * rc; - /* This is the chosen way to get high-quality randomness. Replace as - appropriate. - */ - FILE * randomsource = fopen( "/proc/sys/kernel/random/uuid", "rb" ); - char filename[ L_tmpnam ]; - _PDCLIB_fd_t fd; - if ( randomsource == NULL ) + + /* Good quality random source */ + int urandom = open( "/dev/urandom", O_RDONLY | O_CLOEXEC ); + if(urandom == -1) { + // TODO: errno! return NULL; } + + int fd; + char filename[ L_tmpnam ]; for ( ;; ) { - /* Get a filename candidate. What constitutes a valid filename and - where temporary files are usually located is platform-dependent, - which is one reason why this function is located in the platform - overlay. The other reason is that a *good* implementation should - use high-quality randomness instead of a pseudo-random sequence to - generate the filename candidate, which is *also* platform-dependent. - */ - unsigned int random; - fscanf( randomsource, "%u", &random ); - sprintf( filename, "/tmp/%u.tmp", random ); + long long randnum; + if( read(urandom, &randnum, sizeof randnum ) != sizeof randnum ) + { + // TODO: errno! + close( urandom ); + return NULL; + } + + sprintf( filename, "/tmp/%llx.tmp", randnum ); /* Check if file of this name exists. Note that fopen() is a very weak check, which does not take e.g. access permissions into account (file might exist but not readable). Replace with something more appropriate. */ - fd = open( filename, O_CREAT | O_EXCL | O_RDWR, S_IRUSR | S_IWUSR ); + fd = open( filename, O_CREAT | O_EXCL | O_RDWR, 0600 ); if ( fd != -1 ) { break; } - close( fd ); } - fclose( randomsource ); - /* See fopen(). */ - if ( ( rc = calloc( 1, sizeof( struct _PDCLIB_file_t ) + _PDCLIB_UNGETCBUFSIZE + L_tmpnam + BUFSIZ ) ) == NULL ) + close( urandom ); + + FILE* rc = _PDCLIB_fvopen(((_PDCLIB_fd_t){ .sval = fd}), &_PDCLIB_fileops, + _PDCLIB_FWRITE | _PDCLIB_FRW | + _PDCLIB_DELONCLOSE, filename); + if( rc == NULL ) { - /* No memory to set up FILE structure */ close( fd ); return NULL; } - rc->status = _PDCLIB_filemode( "wb+" ) | _IOLBF | _PDCLIB_DELONCLOSE; - rc->handle = fd; - rc->ungetbuf = (unsigned char *)rc + sizeof( struct _PDCLIB_file_t ); - rc->filename = (char *)rc->ungetbuf + _PDCLIB_UNGETCBUFSIZE; - rc->buffer = rc->filename + L_tmpnam; - strcpy( rc->filename, filename ); - rc->bufsize = BUFSIZ; - rc->bufidx = 0; - rc->ungetidx = 0; - rc->next = _PDCLIB_filelist; - _PDCLIB_filelist = rc; + return rc; } #endif #ifdef TEST -#include <_PDCLIB_test.h> +#include "_PDCLIB_test.h" #include int main( void )