mkstemp
In computing, mkstemp
is a POSIX function for creating a temporary file (a computer file which usually ceases to exist when the program, which opened the file, closes it or terminates).[1] It accepts an argument that determines the location of the temporary file, and the prefix of its generated filename.[1] After mkstemp
was added to the Single UNIX Specification, the function tempnam()
was deprecated,[1] because the latter carried the risk that a temporary file with the same name could be created by another thread or process within the time from when the caller obtains the temporary filename and attempts to create it.[2] mkstemp
does not suffer from this problem.[3]
Usage
Inclusion
- C
#include <stdlib.h> // per IEEE Std 1003.1, 2004
#include <unistd.h> // for "legacy" systems
- C++
#include <cstdlib> // per IEEE Std 1003.1, 2004
#include <unistd.h> // for "legacy" systems
</sousyntaxhighlightrce>
===Declaration===
<code>int mkstemp(char* template);</code>
===Requirements===
* The parameter <code>template</code> must be a modifiable, null-terminated character array.
* The contents of <code>template</code> must be in the format of a valid [[Path (computing)|file path]], with six trailing 'X's.
* The parameter <code>template</code> must not have been used in a previous invocation of <code>mkstemp</code>.
===Semantics===
* The trailing 'X's in <code>template</code> are overwritten to generate a unique [[Path (computing)|file name]] for the resulting temporary file.
* The function reports a valid [[file descriptor]] to a [[temporary file]] on success; on failure, it reports <code>-1</code>.
=== Example ===
The following code is an example of the usage of <code>mkstemp</code>; the local variable <code>filename</code> is modified by <code>mkstemp</code> and will contain the path to the new file:<ref name="Seacord2014"/>
<syntaxhighlight lang="c">
#include <stdlib.h>
void example()
{
char filename[] = "/tmp/prefXXXXXX";
mkstemp(filename);
}
Error conditions
It is unspecified if mkstemp
sets errno, and what values of errno are set, in the event of failure.[1]
Mechanism
The mkstemp
function generates a filename according to the supplied argument for the template, and attempts to create it. It repeats this process until a file has been successfully created.[4] After this, it opens the file and returns the file descriptor to the caller,[5] with the data buffer that was passed to the function with the template now containing the new filename.[6] The file can be deleted immediately after the mkstemp
call returns to prevent other processes from opening it, but the file can still be used because the calling process will still have a valid file descriptor.[4] Older versions of mkstemp
created the file with an umask of 0666, resulting in the temporary files being readable and writable to all users, and thus presenting a security vulnerability; this is mitigated by setting the umask manually before calling mkstemp
.[5] Newer versions of the function create the file with the umask 600, so that only the owner of the file may read from and write to it.[6]
See also
References
- mkstemp by OpenGroup
- "tempnam". Open Group Base Specifications (Issue 7 ed.). OpenGroup. 2018.
- Stevens, W. Richard; Rago, Stephen A. (2013). "Standard Library Functions". Temporary Files. Advanced Programming in the Unix Environment. Addison-Wesley. p. 169. ISBN 9780321638007.
- Viega, John; Messier, Matt (2003). "Access Control". Temporary files on Unix. Secure Programming Cookbook for C and C++. O'Reilly Media. p. 66. ISBN 9780596003944.
- Chen, Hao; Dean, Drew; Wagner, David A. (2004). "Model Checking One Million Lines of C Code" (PDF). Network and Distributed System Security Symposium. Internet Society. 4. Archived (PDF) from the original on 2015-10-08. Retrieved 2019-05-18.
- Drepper, Ulrich (2009-04-08). "Defensive Programming for Red Hat Enterprise Linux (and What To Do If Something Goes Wrong)" (PDF): 7. S2CID 239879. Archived (PDF) from the original on 2019-03-05. Retrieved 2019-05-18. Cite journal requires
|journal=
(help) - Seacord, Robert C. (2014-04-25). "Characters and Strings (STR)". STR30-C. Do not attempt to modify string literals. The CERT C Coding Standard (2 ed.). Addison-Wesley. p. 203. ISBN 9780133805291.