On Wed, Jan 30, 2008 at 05:02:46PM -0800, Alan Irwin wrote:
> 
> For case (3) some additional warnings occurred for
> bindings/tk/plframe.c:2648 and drivers/tk.c:1453 (repeated more than 100
> times for some reason) with the message
> 
> tmpnam is dangerous, better use mkstemp
> 
> Is this large set of warnings easy to fix?

This is a link-time warning, which is why it only appears with the
statically linked case. 

tmpfile is the best portable way of opening temporary files. It returns
an open file descriptor rather than a file name. This avoids the various
race conditions inherent in tmpnam. We use this elsewhere in plplot.
Unfortunately these two cases are not easily changed. 

plframe.c opens a temporary file, writes to it, then calls an external
print command with the temporary file name. We need the name to do this.
We could use mkstemp in this case, which returns a file descriptor and a
file name, avoiding the race conditions. Unfortunately this is not
portable (windows doesn't have it I believe). I could implement this
through suitable #ifdef's. 

drivers/tk.c uses the temporary file name to open a FIFO pipe. Neither
tmpfile nor mkstemp can do this so I see no alternative to using tmpnam.
Well the alternative is a fixed name, which is even worse to my mind. 

When we use tmpnam we ensure that the file is correctly created and
opened and exit if not so the use should(?) be secure. A denial of
service attack would be possible in theory I suppose.

Unfortunately a search on the web hasn't shown an easy way of disabling
the warning.

Andrew

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Plplot-devel mailing list
Plplot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/plplot-devel

Reply via email to