1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
|
diff --git a/lib/tempname.c b/lib/tempname.c
index 69c572f..1920274 100644
--- a/lib/tempname.c
+++ b/lib/tempname.c
@@ -20,6 +20,7 @@
#if !_LIBC
# include <config.h>
# include "tempname.h"
+# include "randint.h"
#endif
#include <sys/types.h>
@@ -47,6 +48,7 @@
# error report this to bug-gnulib@gnu.org
#endif
+#include <stdbool.h>
#include <stddef.h>
#include <stdlib.h>
#include <string.h>
@@ -173,28 +175,34 @@ __path_search (char *tmpl, size_t tmpl_len, const char *dir, const char *pfx,
}
#endif /* _LIBC */
+static inline bool _GL_ATTRIBUTE_PURE
+check_x_suffix (char const *s, size_t len)
+{
+ return len <= strspn (s, "X");
+}
+
/* These are the characters used in temporary file names. */
static const char letters[] =
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
int
-__try_tempname (char *tmpl, int suffixlen, void *args,
- int (*tryfunc) (char *, void *))
+try_tempname_len (char *tmpl, int suffixlen, void *args,
+ int (*tryfunc) (char *, void *), size_t x_suffix_len)
{
- int len;
+ size_t len;
char *XXXXXX;
- static uint64_t value;
- uint64_t random_time_bits;
unsigned int count;
int fd = -1;
int save_errno = errno;
+ struct randint_source *rand_src;
/* A lower bound on the number of temporary files to attempt to
generate. The maximum total number of temporary file names that
can exist for a given template is 62**6. It should never be
necessary to try all of these combinations. Instead if a reasonable
number of names is tried (we define reasonable as 62**3) fail to
- give the system administrator the chance to remove the problems. */
+ give the system administrator the chance to remove the problems.
+ This value requires that X_SUFFIX_LEN be at least 3. */
#define ATTEMPTS_MIN (62 * 62 * 62)
/* The number of times to attempt to generate a temporary file. To
@@ -206,57 +214,55 @@ __try_tempname (char *tmpl, int suffixlen, void *args,
#endif
len = strlen (tmpl);
- if (len < 6 + suffixlen || memcmp (&tmpl[len - 6 - suffixlen], "XXXXXX", 6))
+ if (len < x_suffix_len + suffixlen
+ || ! check_x_suffix (&tmpl[len - x_suffix_len - suffixlen],
+ x_suffix_len))
{
__set_errno (EINVAL);
return -1;
}
/* This is where the Xs start. */
- XXXXXX = &tmpl[len - 6 - suffixlen];
+ XXXXXX = &tmpl[len - x_suffix_len - suffixlen];
/* Get some more or less random data. */
-#ifdef RANDOM_BITS
- RANDOM_BITS (random_time_bits);
-#else
- {
- struct timeval tv;
- __gettimeofday (&tv, NULL);
- random_time_bits = ((uint64_t) tv.tv_usec << 16) ^ tv.tv_sec;
- }
-#endif
- value += random_time_bits ^ __getpid ();
+ rand_src = randint_all_new (NULL, x_suffix_len);
+ if (! rand_src)
+ return -1;
- for (count = 0; count < attempts; value += 7777, ++count)
+ for (count = 0; count < attempts; ++count)
{
- uint64_t v = value;
-
- /* Fill in the random bits. */
- XXXXXX[0] = letters[v % 62];
- v /= 62;
- XXXXXX[1] = letters[v % 62];
- v /= 62;
- XXXXXX[2] = letters[v % 62];
- v /= 62;
- XXXXXX[3] = letters[v % 62];
- v /= 62;
- XXXXXX[4] = letters[v % 62];
- v /= 62;
- XXXXXX[5] = letters[v % 62];
+ size_t i;
+
+ for (i = 0; i < x_suffix_len; i++)
+ XXXXXX[i] = letters[randint_genmax (rand_src, sizeof letters - 2)];
fd = tryfunc (tmpl, args);
if (fd >= 0)
{
__set_errno (save_errno);
- return fd;
+ goto done;
}
else if (errno != EEXIST)
- return -1;
+ {
+ fd = -1;
+ goto done;
+ }
}
+ randint_all_free (rand_src);
+
/* We got out of the loop because we ran out of combinations to try. */
__set_errno (EEXIST);
return -1;
+
+ done:
+ {
+ int saved_errno = errno;
+ randint_all_free (rand_src);
+ __set_errno (saved_errno);
+ }
+ return fd;
}
static int
@@ -285,9 +291,10 @@ try_nocreate (char *tmpl, void *flags _GL_UNUSED)
}
/* Generate a temporary file name based on TMPL. TMPL must match the
- rules for mk[s]temp (i.e. end in "XXXXXX", possibly with a suffix).
+ rules for mk[s]temp (i.e., end in at least X_SUFFIX_LEN "X"s,
+ possibly with a suffix).
The name constructed does not exist at the time of the call to
- __gen_tempname. TMPL is overwritten with the result.
+ this function. TMPL is overwritten with the result.
KIND may be one of:
__GT_NOCREATE: simply verify that the name does not exist
@@ -298,7 +305,8 @@ try_nocreate (char *tmpl, void *flags _GL_UNUSED)
We use a clever algorithm to get hard-to-predict names. */
int
-__gen_tempname (char *tmpl, int suffixlen, int flags, int kind)
+gen_tempname_len (char *tmpl, int suffixlen, int flags, int kind,
+ size_t x_suffix_len)
{
int (*tryfunc) (char *, void *);
@@ -320,5 +328,18 @@ __gen_tempname (char *tmpl, int suffixlen, int flags, int kind)
assert (! "invalid KIND in __gen_tempname");
abort ();
}
- return __try_tempname (tmpl, suffixlen, &flags, tryfunc);
+ return try_tempname_len (tmpl, suffixlen, &flags, tryfunc, x_suffix_len);
+}
+
+int
+__gen_tempname (char *tmpl, int suffixlen, int flags, int kind)
+{
+ return gen_tempname_len (tmpl, suffixlen, flags, kind, 6);
+}
+
+int
+__try_tempname (char *tmpl, int suffixlen, void *args,
+ int (*tryfunc) (char *, void *))
+{
+ return try_tempname_len (tmpl, suffixlen, args, tryfunc, 6);
}
|