From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:49041) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Upz51-0003KQ-43 for qemu-devel@nongnu.org; Fri, 21 Jun 2013 07:00:36 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Upz4z-000748-Kc for qemu-devel@nongnu.org; Fri, 21 Jun 2013 07:00:35 -0400 Received: from mx1.redhat.com ([209.132.183.28]:56749) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Upz4z-000741-Dl for qemu-devel@nongnu.org; Fri, 21 Jun 2013 07:00:33 -0400 Message-ID: <51C4323B.9040303@redhat.com> Date: Fri, 21 Jun 2013 12:00:11 +0100 From: Eric Blake MIME-Version: 1.0 References: <1369709437-24969-1-git-send-email-qiaonuohan@cn.fujitsu.com> <1369709437-24969-3-git-send-email-qiaonuohan@cn.fujitsu.com> <51C1A421.4030004@suse.de> In-Reply-To: <51C1A421.4030004@suse.de> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="----enig2KPQQQIIEWQLLUKSKBTVV" Subject: Re: [Qemu-devel] [PATCH v4 2/9] dump: Add API to manipulate cache_data List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: =?UTF-8?B?QW5kcmVhcyBGw6RyYmVy?= Cc: Kevin Wolf , Stefan Hajnoczi , qemu-devel@nongnu.org, lcapitulino@redhat.com, qiaonuohan@cn.fujitsu.com, kumagai-atsushi@mxc.nes.nec.co.jp, zhangxh@cn.fujitsu.com, anderson@redhat.com This is an OpenPGP/MIME signed message (RFC 4880 and 3156) ------enig2KPQQQIIEWQLLUKSKBTVV Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 06/19/2013 01:29 PM, Andreas F=C3=A4rber wrote: >> +int init_cache_data(struct cache_data *cd, const char *filename) >> +{ >> + int fd; >> + char *tmpname; >> + >> + /* init the tmp file */ >> + tmpname =3D getenv("TMPDIR"); >> + if (!tmpname) { >> + tmpname =3D (char *)P_tmpdir; >=20 > P_tmpdir is marked obsolescent in Open Group spec 7. Maybe Erik can s/Erik/Eric/ (but don't worry, you're not the first to make that typo) Hmm, you are correct that tempnam() is marked as an obsolescent interface (because it has the same security flaws as mktemp(); the standard introduced mkstemp() to overcome the security hole but did not add a replacement for tempnam()). I guess since nothing else in the standard refers to P_tmpdir, it was also marked obsolecent. And since C99 doesn't require either the constant or the (inherently broken) tempnam(), it may be safer to guard this line by #ifdef P_tmpdir, rather than assuming that blindly provides it. > comment some more? Did you verify it builds with mingw32/64? > (I stumbled over it because I found the variable name odd and didn't se= e > it defined anywhere.) >=20 >> + } >> + >> + cd->file_name =3D (char *)g_strdup_printf("%s/%s", tmpname, filen= ame); >> + >> + fd =3D mkstemp(cd->file_name); At least your use of P_tmpdir was to generate a saner template, instead of trying to use the inherently-broken tempnam(). --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org ------enig2KPQQQIIEWQLLUKSKBTVV Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJRxDI7AAoJEKeha0olJ0NqudIH/2aaGRu/S2gBR1zd1H5UnCmf XXmz/Uiyv5QaRTJT7u+hSt7okJAMQ0eWIYQY6/3GFeeXzAOPV3dZpy5gOJ+LJN9H ppVwVA82t7rpCCIYXYSNrYVN8oBs8j3jIGq7GMpVZ8aMzodGq8aq3E16oxIWyuOM STPiH5KCkjudZWE6CtjDg6CorrrtNhpr7lwkmavMYP4ydS4xO8iUYvI1BhOLrFd+ 8FqfBIYzvTCTsYXSRJ57ZPSkfOLUaTi+5P9RoKmDYc0lP+fL3t7Hc0EcYZKvK/22 1FqTOgqXR6wx0gEHO/l9712qzIWmWJauwHQ1YxayJ3BkQ99kyuLCmrtEwBD2Mag= =jmSj -----END PGP SIGNATURE----- ------enig2KPQQQIIEWQLLUKSKBTVV--