xref: /freebsd/lib/libc/stdio/mktemp.c (revision 7de72ac1f832cd9e1c747220c58913b0465b66b3)
1 /*
2  * Copyright (c) 1987, 1993
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  * 3. Neither the name of the University nor the names of its contributors
14  *    may be used to endorse or promote products derived from this software
15  *    without specific prior written permission.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  */
29 
30 #if defined(LIBC_SCCS) && !defined(lint)
31 static char sccsid[] = "@(#)mktemp.c	8.1 (Berkeley) 6/4/93";
32 #endif /* LIBC_SCCS and not lint */
33 #include <sys/cdefs.h>
34 __FBSDID("$FreeBSD$");
35 
36 #include "namespace.h"
37 #include <sys/param.h>
38 #include <sys/stat.h>
39 #include <fcntl.h>
40 #include <errno.h>
41 #include <stdio.h>
42 #include <stdlib.h>
43 #include <string.h>
44 #include <ctype.h>
45 #include <unistd.h>
46 #include "un-namespace.h"
47 
48 char *_mktemp(char *);
49 
50 static int _gettemp(char *, int *, int, int);
51 
52 static const unsigned char padchar[] =
53 "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
54 
55 int
56 mkstemps(char *path, int slen)
57 {
58 	int fd;
59 
60 	return (_gettemp(path, &fd, 0, slen) ? fd : -1);
61 }
62 
63 int
64 mkstemp(char *path)
65 {
66 	int fd;
67 
68 	return (_gettemp(path, &fd, 0, 0) ? fd : -1);
69 }
70 
71 char *
72 mkdtemp(char *path)
73 {
74 	return (_gettemp(path, (int *)NULL, 1, 0) ? path : (char *)NULL);
75 }
76 
77 char *
78 _mktemp(char *path)
79 {
80 	return (_gettemp(path, (int *)NULL, 0, 0) ? path : (char *)NULL);
81 }
82 
83 __warn_references(mktemp,
84     "warning: mktemp() possibly used unsafely; consider using mkstemp()");
85 
86 char *
87 mktemp(char *path)
88 {
89 	return (_mktemp(path));
90 }
91 
92 static int
93 _gettemp(char *path, int *doopen, int domkdir, int slen)
94 {
95 	char *start, *trv, *suffp, *carryp;
96 	char *pad;
97 	struct stat sbuf;
98 	int rval;
99 	uint32_t rand;
100 	char carrybuf[MAXPATHLEN];
101 
102 	if ((doopen != NULL && domkdir) || slen < 0) {
103 		errno = EINVAL;
104 		return (0);
105 	}
106 
107 	for (trv = path; *trv != '\0'; ++trv)
108 		;
109 	if (trv - path >= MAXPATHLEN) {
110 		errno = ENAMETOOLONG;
111 		return (0);
112 	}
113 	trv -= slen;
114 	suffp = trv;
115 	--trv;
116 	if (trv < path || NULL != strchr(suffp, '/')) {
117 		errno = EINVAL;
118 		return (0);
119 	}
120 
121 	/* Fill space with random characters */
122 	while (trv >= path && *trv == 'X') {
123 		rand = arc4random_uniform(sizeof(padchar) - 1);
124 		*trv-- = padchar[rand];
125 	}
126 	start = trv + 1;
127 
128 	/* save first combination of random characters */
129 	memcpy(carrybuf, start, suffp - start);
130 
131 	/*
132 	 * check the target directory.
133 	 */
134 	if (doopen != NULL || domkdir) {
135 		for (; trv > path; --trv) {
136 			if (*trv == '/') {
137 				*trv = '\0';
138 				rval = stat(path, &sbuf);
139 				*trv = '/';
140 				if (rval != 0)
141 					return (0);
142 				if (!S_ISDIR(sbuf.st_mode)) {
143 					errno = ENOTDIR;
144 					return (0);
145 				}
146 				break;
147 			}
148 		}
149 	}
150 
151 	for (;;) {
152 		if (doopen) {
153 			if ((*doopen =
154 			    _open(path, O_CREAT|O_EXCL|O_RDWR, 0600)) >= 0)
155 				return (1);
156 			if (errno != EEXIST)
157 				return (0);
158 		} else if (domkdir) {
159 			if (mkdir(path, 0700) == 0)
160 				return (1);
161 			if (errno != EEXIST)
162 				return (0);
163 		} else if (lstat(path, &sbuf))
164 			return (errno == ENOENT);
165 
166 		/* If we have a collision, cycle through the space of filenames */
167 		for (trv = start, carryp = carrybuf;;) {
168 			/* have we tried all possible permutations? */
169 			if (trv == suffp)
170 				return (0); /* yes - exit with EEXIST */
171 			pad = strchr(padchar, *trv);
172 			if (pad == NULL) {
173 				/* this should never happen */
174 				errno = EIO;
175 				return (0);
176 			}
177 			/* increment character */
178 			*trv = (*++pad == '\0') ? padchar[0] : *pad;
179 			/* carry to next position? */
180 			if (*trv == *carryp) {
181 				/* increment position and loop */
182 				++trv;
183 				++carryp;
184 			} else {
185 				/* try with new name */
186 				break;
187 			}
188 		}
189 	}
190 	/*NOTREACHED*/
191 }
192