Make our mktemp(3) callback-driven and split into multiple files.

Previously, calling any of the mktemp(3) family would pull in lstat(2), open(2) and mkdir(2). Now, only the necessary system calls will be reachable from the binary. OK deraadt@ guenther@
author: millert <> 2024-01-19 19:45:02 +0000
committer: millert <> 2024-01-19 19:45:02 +0000
commit: be8f1fea763f42a1109f6b1eb3f56ae521cfdec3 (patch)
tree: 469de603d2d83787131e234cccbf7802f902cf67 /src/lib/libc/stdlib/mktemp.c
parent: 1d17a25a597033d38c420a0a3add7e5e82dd4c02 (diff)
download: openbsd-be8f1fea763f42a1109f6b1eb3f56ae521cfdec3.tar.gz
openbsd-be8f1fea763f42a1109f6b1eb3f56ae521cfdec3.tar.bz2
openbsd-be8f1fea763f42a1109f6b1eb3f56ae521cfdec3.zip
1 files changed, 11 insertions, 126 deletions
diff --git a/src/lib/libc/stdlib/mktemp.c b/src/lib/libc/stdlib/mktemp.c
index 3b8bba7846..4dc06f74d1 100644
--- a/src/lib/libc/stdlib/mktemp.c
+++ b/src/lib/libc/stdlib/mktemp.c
@@ -1,7 +1,6 @@
-/*      $OpenBSD: mktemp.c,v 1.1 2024/01/19 16:30:28 millert Exp $ */
+/*      $OpenBSD: mktemp.c,v 1.2 2024/01/19 19:45:02 millert Exp $ */
 /*
- * Copyright (c) 1996-1998, 2008 Theo de Raadt
+ * Copyright (c) 2024 Todd C. Miller
- * Copyright (c) 1997, 2008-2009 Todd C. Miller
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
@@ -16,106 +15,27 @@
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */
-#include <sys/types.h>
 #include <sys/stat.h>
 #include <errno.h>
-#include <fcntl.h>
-#include <limits.h>
-#include <stdio.h>
 #include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <unistd.h>
-#define MKTEMP_NAME     0
-#define MKTEMP_FILE     1
-#define MKTEMP_DIR      2
-#define TEMPCHARS       "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
-#define NUM_CHARS       (sizeof(TEMPCHARS) - 1)
-#define MIN_X           6
-#define MKOTEMP_FLAGS   (O_APPEND | O_CLOEXEC | O_DSYNC | O_RSYNC | O_SYNC)
-#ifndef nitems
-#define nitems(_a)      (sizeof((_a)) / sizeof((_a)[0]))
-#endif
 static int
-mktemp_internal(char *path, int slen, int mode, int flags)
+mktemp_cb(const char *path, int flags)
 {
-        char *start, *cp, *ep;
-        const char tempchars[] = TEMPCHARS;
-        unsigned int tries;
        struct stat sb;
-        size_t len;
-        int fd;
-        len = strlen(path);
-        if (len < MIN_X || slen < 0 || (size_t)slen > len - MIN_X) {
-                errno = EINVAL;
-                return(-1);
-        }
-        ep = path + len - slen;
-        for (start = ep; start > path && start[-1] == 'X'; start--)
-                ;
-        if (ep - start < MIN_X) {
-                errno = EINVAL;
-                return(-1);
-        }
-        if (flags & ~MKOTEMP_FLAGS) {
-                errno = EINVAL;
-                return(-1);
-        }
-        flags |= O_CREAT | O_EXCL | O_RDWR;
-        tries = INT_MAX;
+        if (lstat(path, &sb) == 0)
-        do {
+                errno = EEXIST;
-                cp = start;
+        return (errno == ENOENT ? 0 : -1);
-                do {
-                        unsigned short rbuf[16];
-                        unsigned int i;
-                        /*
-                         * Avoid lots of arc4random() calls by using
-                         * a buffer sized for up to 16 Xs at a time.
-                         */
-                        arc4random_buf(rbuf, sizeof(rbuf));
-                        for (i = 0; i < nitems(rbuf) && cp != ep; i++)
-                                *cp++ = tempchars[rbuf[i] % NUM_CHARS];
-                } while (cp != ep);
-                switch (mode) {
-                case MKTEMP_NAME:
-                        if (lstat(path, &sb) != 0)
-                                return(errno == ENOENT ? 0 : -1);
-                        break;
-                case MKTEMP_FILE:
-                        fd = open(path, flags, S_IRUSR|S_IWUSR);
-                        if (fd != -1 || errno != EEXIST)
-                                return(fd);
-                        break;
-                case MKTEMP_DIR:
-                        if (mkdir(path, S_IRUSR|S_IWUSR|S_IXUSR) == 0)
-                                return(0);
-                        if (errno != EEXIST)
-                                return(-1);
-                        break;
-                }
-        } while (--tries);
-        errno = EEXIST;
-        return(-1);
 }
+/* Also called via tmpnam(3) and tempnam(3). */
 char *
 _mktemp(char *path)
 {
-        if (mktemp_internal(path, 0, MKTEMP_NAME, 0) == -1)
+        if (__mktemp4(path, 0, 0, mktemp_cb) == 0)
-                return(NULL);
+                return path;
-        return(path);
+        return NULL;
 }
 __warn_references(mktemp,
@@ -124,40 +44,5 @@ __warn_references(mktemp,
 char *
 mktemp(char *path)
 {
-        return(_mktemp(path));
+        return _mktemp(path);
-}
-int
-mkostemps(char *path, int slen, int flags)
-{
-        return(mktemp_internal(path, slen, MKTEMP_FILE, flags));
-}
-int
-mkstemp(char *path)
-{
-        return(mktemp_internal(path, 0, MKTEMP_FILE, 0));
-}
-DEF_WEAK(mkstemp);
-int
-mkostemp(char *path, int flags)
-{
-        return(mktemp_internal(path, 0, MKTEMP_FILE, flags));
-}
-DEF_WEAK(mkostemp);
-int
-mkstemps(char *path, int slen)
-{
-        return(mktemp_internal(path, slen, MKTEMP_FILE, 0));
-}
-char *
-mkdtemp(char *path)
-{
-        int error;
-        error = mktemp_internal(path, 0, MKTEMP_DIR, 0);
-        return(error ? NULL : path);
 }
author	millert <>	2024-01-19 19:45:02 +0000
committer	millert <>	2024-01-19 19:45:02 +0000
commit	be8f1fea763f42a1109f6b1eb3f56ae521cfdec3 (patch)
tree	469de603d2d83787131e234cccbf7802f902cf67 /src/lib/libc/stdlib/mktemp.c
parent	1d17a25a597033d38c420a0a3add7e5e82dd4c02 (diff)
download	openbsd-be8f1fea763f42a1109f6b1eb3f56ae521cfdec3.tar.gz openbsd-be8f1fea763f42a1109f6b1eb3f56ae521cfdec3.tar.bz2 openbsd-be8f1fea763f42a1109f6b1eb3f56ae521cfdec3.zip

diff --git a/src/lib/libc/stdlib/mktemp.c b/src/lib/libc/stdlib/mktemp.c index 3b8bba7846..4dc06f74d1 100644 --- a/src/lib/libc/stdlib/mktemp.c +++ b/src/lib/libc/stdlib/mktemp.c
@@ -1,7 +1,6 @@
1	/* $OpenBSD: mktemp.c,v 1.1 2024/01/19 16:30:28 millert Exp $ */	1	/* $OpenBSD: mktemp.c,v 1.2 2024/01/19 19:45:02 millert Exp $ */
2	/*	2	/*
3	* Copyright (c) 1996-1998, 2008 Theo de Raadt	3	* Copyright (c) 2024 Todd C. Miller
4	* Copyright (c) 1997, 2008-2009 Todd C. Miller
5	*	4	*
6	* Permission to use, copy, modify, and distribute this software for any	5	* Permission to use, copy, modify, and distribute this software for any
7	* purpose with or without fee is hereby granted, provided that the above	6	* purpose with or without fee is hereby granted, provided that the above
@@ -16,106 +15,27 @@
16	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.	15	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17	*/	16	*/
18		17
19	#include <sys/types.h>
20	#include <sys/stat.h>	18	#include <sys/stat.h>
21	#include <errno.h>	19	#include <errno.h>
22	#include <fcntl.h>
23	#include <limits.h>
24	#include <stdio.h>
25	#include <stdlib.h>	20	#include <stdlib.h>
26	#include <string.h>
27	#include <ctype.h>
28	#include <unistd.h>
29
30	#define MKTEMP_NAME 0
31	#define MKTEMP_FILE 1
32	#define MKTEMP_DIR 2
33
34	#define TEMPCHARS "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
35	#define NUM_CHARS (sizeof(TEMPCHARS) - 1)
36	#define MIN_X 6
37
38	#define MKOTEMP_FLAGS (O_APPEND \| O_CLOEXEC \| O_DSYNC \| O_RSYNC \| O_SYNC)
39
40	#ifndef nitems
41	#define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
42	#endif
43		21
44	static int	22	static int
45	mktemp_internal(char *path, int slen, int mode, int flags)	23	mktemp_cb(const char *path, int flags)
46	{	24	{
47	char start, cp, *ep;
48	const char tempchars[] = TEMPCHARS;
49	unsigned int tries;
50	struct stat sb;	25	struct stat sb;
51	size_t len;
52	int fd;
53
54	len = strlen(path);
55	if (len < MIN_X \|\| slen < 0 \|\| (size_t)slen > len - MIN_X) {
56	errno = EINVAL;
57	return(-1);
58	}
59	ep = path + len - slen;
60
61	for (start = ep; start > path && start[-1] == 'X'; start--)
62	;
63	if (ep - start < MIN_X) {
64	errno = EINVAL;
65	return(-1);
66	}
67
68	if (flags & ~MKOTEMP_FLAGS) {
69	errno = EINVAL;
70	return(-1);
71	}
72	flags \|= O_CREAT \| O_EXCL \| O_RDWR;
73		26
74	tries = INT_MAX;	27	if (lstat(path, &sb) == 0)
75	do {	28	errno = EEXIST;
76	cp = start;	29	return (errno == ENOENT ? 0 : -1);
77	do {
78	unsigned short rbuf[16];
79	unsigned int i;
80
81	/*
82	* Avoid lots of arc4random() calls by using
83	* a buffer sized for up to 16 Xs at a time.
84	*/
85	arc4random_buf(rbuf, sizeof(rbuf));
86	for (i = 0; i < nitems(rbuf) && cp != ep; i++)
87	*cp++ = tempchars[rbuf[i] % NUM_CHARS];
88	} while (cp != ep);
89
90	switch (mode) {
91	case MKTEMP_NAME:
92	if (lstat(path, &sb) != 0)
93	return(errno == ENOENT ? 0 : -1);
94	break;
95	case MKTEMP_FILE:
96	fd = open(path, flags, S_IRUSR\|S_IWUSR);
97	if (fd != -1 \|\| errno != EEXIST)
98	return(fd);
99	break;
100	case MKTEMP_DIR:
101	if (mkdir(path, S_IRUSR\|S_IWUSR\|S_IXUSR) == 0)
102	return(0);
103	if (errno != EEXIST)
104	return(-1);
105	break;
106	}
107	} while (--tries);
108
109	errno = EEXIST;
110	return(-1);
111	}	30	}
112		31
		32	/* Also called via tmpnam(3) and tempnam(3). */
113	char *	33	char *
114	_mktemp(char *path)	34	_mktemp(char *path)
115	{	35	{
116	if (mktemp_internal(path, 0, MKTEMP_NAME, 0) == -1)	36	if (__mktemp4(path, 0, 0, mktemp_cb) == 0)
117	return(NULL);	37	return path;
118	return(path);	38	return NULL;
119	}	39	}
120		40
121	__warn_references(mktemp,	41	__warn_references(mktemp,
@@ -124,40 +44,5 @@ __warn_references(mktemp,
124	char *	44	char *
125	mktemp(char *path)	45	mktemp(char *path)
126	{	46	{
127	return(_mktemp(path));	47	return _mktemp(path);
128	}
129
130	int
131	mkostemps(char *path, int slen, int flags)
132	{
133	return(mktemp_internal(path, slen, MKTEMP_FILE, flags));
134	}
135
136	int
137	mkstemp(char *path)
138	{
139	return(mktemp_internal(path, 0, MKTEMP_FILE, 0));
140	}
141	DEF_WEAK(mkstemp);
142
143	int
144	mkostemp(char *path, int flags)
145	{
146	return(mktemp_internal(path, 0, MKTEMP_FILE, flags));
147	}
148	DEF_WEAK(mkostemp);
149
150	int
151	mkstemps(char *path, int slen)
152	{
153	return(mktemp_internal(path, slen, MKTEMP_FILE, 0));
154	}
155
156	char *
157	mkdtemp(char *path)
158	{
159	int error;
160
161	error = mktemp_internal(path, 0, MKTEMP_DIR, 0);
162	return(error ? NULL : path);
163	}	48	}