Author: jmolenda Date: Thu Oct 16 18:10:03 2014 New Revision: 219983 URL: http://llvm.org/viewvc/llvm-project?rev=219983&view=rev Log: Change a use of mktemp() to mkstemp() for better security. We have two more uses of mktemp still in the source base but they'll take a little more consideration. clang static analyzer fixit.
Modified: lldb/trunk/source/Expression/ClangExpressionParser.cpp Modified: lldb/trunk/source/Expression/ClangExpressionParser.cpp URL: http://llvm.org/viewvc/llvm-project/lldb/trunk/source/Expression/ClangExpressionParser.cpp?rev=219983&r1=219982&r2=219983&view=diff ============================================================================== --- lldb/trunk/source/Expression/ClangExpressionParser.cpp (original) +++ lldb/trunk/source/Expression/ClangExpressionParser.cpp Thu Oct 16 18:10:03 2014 @@ -312,11 +312,11 @@ ClangExpressionParser::Parse (Stream &st temp_source_path = "/tmp/expr.XXXXXX"; } - if (mktemp(&temp_source_path[0])) + int temp_fd = ::mkstemp(&temp_source_path[0]); + + if (temp_fd != -1) { - lldb_private::File file (temp_source_path.c_str(), - File::eOpenOptionWrite | File::eOpenOptionCanCreateNewOnly, - lldb::eFilePermissionsFileDefault); + lldb_private::File file (temp_fd, true); const size_t expr_text_len = strlen(expr_text); size_t bytes_written = expr_text_len; if (file.Write(expr_text, bytes_written).Success()) _______________________________________________ lldb-commits mailing list lldb-commits@cs.uiuc.edu http://lists.cs.uiuc.edu/mailman/listinfo/lldb-commits