xref: /freebsd/lib/libc/stdio/mktemp.c (revision 884a2a699669ec61e2366e3e358342dbc94be24a)
1 /*
2  * Copyright (c) 1987, 1993
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  * 4. Neither the name of the University nor the names of its contributors
14  *    may be used to endorse or promote products derived from this software
15  *    without specific prior written permission.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  */
29 
30 #if defined(LIBC_SCCS) && !defined(lint)
31 static char sccsid[] = "@(#)mktemp.c	8.1 (Berkeley) 6/4/93";
32 #endif /* LIBC_SCCS and not lint */
33 #include <sys/cdefs.h>
34 __FBSDID("$FreeBSD$");
35 
36 #include "namespace.h"
37 #include <sys/param.h>
38 #include <sys/stat.h>
39 #include <fcntl.h>
40 #include <errno.h>
41 #include <stdio.h>
42 #include <stdlib.h>
43 #include <string.h>
44 #include <ctype.h>
45 #include <unistd.h>
46 #include "un-namespace.h"
47 
48 char *_mktemp(char *);
49 
50 static int _gettemp(char *, int *, int, int);
51 
52 static const unsigned char padchar[] =
53 "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
54 
55 int
56 mkstemps(path, slen)
57 	char *path;
58 	int slen;
59 {
60 	int fd;
61 
62 	return (_gettemp(path, &fd, 0, slen) ? fd : -1);
63 }
64 
65 int
66 mkstemp(path)
67 	char *path;
68 {
69 	int fd;
70 
71 	return (_gettemp(path, &fd, 0, 0) ? fd : -1);
72 }
73 
74 char *
75 mkdtemp(path)
76 	char *path;
77 {
78 	return (_gettemp(path, (int *)NULL, 1, 0) ? path : (char *)NULL);
79 }
80 
81 char *
82 _mktemp(path)
83 	char *path;
84 {
85 	return (_gettemp(path, (int *)NULL, 0, 0) ? path : (char *)NULL);
86 }
87 
88 __warn_references(mktemp,
89     "warning: mktemp() possibly used unsafely; consider using mkstemp()");
90 
91 char *
92 mktemp(path)
93 	char *path;
94 {
95 	return (_mktemp(path));
96 }
97 
98 static int
99 _gettemp(path, doopen, domkdir, slen)
100 	char *path;
101 	int *doopen;
102 	int domkdir;
103 	int slen;
104 {
105 	char *start, *trv, *suffp, *carryp;
106 	char *pad;
107 	struct stat sbuf;
108 	int rval;
109 	uint32_t rand;
110 	char carrybuf[MAXPATHLEN];
111 
112 	if ((doopen != NULL && domkdir) || slen < 0) {
113 		errno = EINVAL;
114 		return (0);
115 	}
116 
117 	for (trv = path; *trv != '\0'; ++trv)
118 		;
119 	if (trv - path >= MAXPATHLEN) {
120 		errno = ENAMETOOLONG;
121 		return (0);
122 	}
123 	trv -= slen;
124 	suffp = trv;
125 	--trv;
126 	if (trv < path || NULL != strchr(suffp, '/')) {
127 		errno = EINVAL;
128 		return (0);
129 	}
130 
131 	/* Fill space with random characters */
132 	while (trv >= path && *trv == 'X') {
133 		rand = arc4random_uniform(sizeof(padchar) - 1);
134 		*trv-- = padchar[rand];
135 	}
136 	start = trv + 1;
137 
138 	/* save first combination of random characters */
139 	memcpy(carrybuf, start, suffp - start);
140 
141 	/*
142 	 * check the target directory.
143 	 */
144 	if (doopen != NULL || domkdir) {
145 		for (; trv > path; --trv) {
146 			if (*trv == '/') {
147 				*trv = '\0';
148 				rval = stat(path, &sbuf);
149 				*trv = '/';
150 				if (rval != 0)
151 					return (0);
152 				if (!S_ISDIR(sbuf.st_mode)) {
153 					errno = ENOTDIR;
154 					return (0);
155 				}
156 				break;
157 			}
158 		}
159 	}
160 
161 	for (;;) {
162 		if (doopen) {
163 			if ((*doopen =
164 			    _open(path, O_CREAT|O_EXCL|O_RDWR, 0600)) >= 0)
165 				return (1);
166 			if (errno != EEXIST)
167 				return (0);
168 		} else if (domkdir) {
169 			if (mkdir(path, 0700) == 0)
170 				return (1);
171 			if (errno != EEXIST)
172 				return (0);
173 		} else if (lstat(path, &sbuf))
174 			return (errno == ENOENT);
175 
176 		/* If we have a collision, cycle through the space of filenames */
177 		for (trv = start, carryp = carrybuf;;) {
178 			/* have we tried all possible permutations? */
179 			if (trv == suffp)
180 				return (0); /* yes - exit with EEXIST */
181 			pad = strchr(padchar, *trv);
182 			if (pad == NULL) {
183 				/* this should never happen */
184 				errno = EIO;
185 				return (0);
186 			}
187 			/* increment character */
188 			*trv = (*++pad == '\0') ? padchar[0] : *pad;
189 			/* carry to next position? */
190 			if (*trv == *carryp) {
191 				/* increment position and loop */
192 				++trv;
193 				++carryp;
194 			} else {
195 				/* try with new name */
196 				break;
197 			}
198 		}
199 	}
200 	/*NOTREACHED*/
201 }
202