mkstemp
In computing, mkstemp is a POSIX function for creating a temporary file (a computer file which usually ceases to exist when the program, which opened the file, closes it or terminates).[1] It accepts an argument that determines the location of the temporary file, and the prefix of its generated filename.[1] After mkstemp was added to the Single UNIX Specification, the function tmpnam() was deprecated,[1] because the latter carried the risk that a temporary file with the same name could be created by another thread or process within the time from when the caller obtains the temporary filename and attempts to create it.[2] mkstemp does not suffer from this problem.[3]
Usage
Inclusion
- C
#include <stdlib.h> // per IEEE Std 1003.1, 2004
#include <unistd.h> // for "legacy" systems
- C++
#include <cstdlib>  // per IEEE Std 1003.1, 2004
#include <unistd.h> // for "legacy" systems
Declaration
int mkstemp(char* template);
Requirements
- The parameter templatemust be a modifiable, null-terminated character array.
- The contents of templatemust be in the format of a valid file path, with six trailing 'X's.
- The parameter templatemust not have been used in a previous invocation ofmkstemp.
Semantics
- The trailing 'X's in templateare overwritten to generate a unique file name for the resulting temporary file.
- The function reports a valid file descriptor to a temporary file on success; on failure, it reports -1.
Example
The following code is an example of the usage of mkstemp; the local variable filename is modified by mkstemp and will contain the path to the new file:[4]
#include <stdlib.h>
void example()
{
    char filename[] = "/tmp/prefXXXXXX";
    int fd = mkstemp(filename);
}
Error conditions
It is unspecified if mkstemp sets errno, and what values of errno are set, in the event of failure.[1]
Mechanism
The mkstemp function generates a filename according to the supplied argument for the template, and attempts to create it. It repeats this process until a file has been successfully created.[5] After this, it opens the file and returns the file descriptor to the caller,[6] with the data buffer that was passed to the function with the template now containing the new filename.[7] The file can be deleted immediately after the mkstemp call returns to prevent other processes from opening it, but the file can still be used because the calling process will still have a valid file descriptor.[5] Older versions of mkstemp created the file with an umask of 0666, resulting in the temporary files being readable and writable to all users, and thus presenting a security vulnerability; this is mitigated by setting the umask manually before calling mkstemp.[6] Newer versions of the function create the file with the umask 600, so that only the owner of the file may read from and write to it.[7]
See also
References
- ^ a b c d mkstemp by OpenGroup
- ^ "tempnam". Open Group Base Specifications (Issue 7 ed.). OpenGroup. 2018.
- ^ Stevens, W. Richard; Rago, Stephen A. (2013). "Standard Library Functions". Temporary Files. Addison-Wesley. p. 169. ISBN 9780321638007. {{cite book}}:|work=ignored (help)
- ^ Seacord, Robert C. (2014-04-25). "Characters and Strings (STR)". STR30-C. Do not attempt to modify string literals (2 ed.). Addison-Wesley. p. 203. ISBN 9780133805291. {{cite book}}:|work=ignored (help)
- ^ a b Viega, John; Messier, Matt (2003). "Temporary files on Unix". Secure Programming Cookbook for C and C++. O'Reilly Media. p. 66. ISBN 9780596003944.
- ^ a b Chen, Hao; Dean, Drew; Wagner, David A. (2004). "Model Checking One Million Lines of C Code" (PDF). Network and Distributed System Security Symposium. 4. Internet Society. Archived (PDF) from the original on 2015-10-08. Retrieved 2019-05-18.
- ^ a b Drepper, Ulrich (2009-04-08). "Defensive Programming for Red Hat Enterprise Linux (and What To Do If Something Goes Wrong)" (PDF). p. 7. S2CID 239879. Archived from the original (PDF) on 2019-03-05. Retrieved 2019-05-18.