From bed8d32a52b2a58b905e91828c3155cba2544058 Mon Sep 17 00:00:00 2001
From: Sachidananda Urs <sac@gluster.com>
Date: Thu, 4 Aug 2011 16:59:52 +0530
Subject: Replace mktemp(3) with mkstemp(3).

Man page states:
Some implementations follow 4.3BSD and replace XXXXXX by the current process ID
and a single letter, so that at most 26 different names can be returned.  Since
on the one hand the names are easy to guess, and on the other hand there is a
race between testing whether the name exists and opening the file, every use of
mktemp() is a security risk. The race is avoided by mkstemp(3).

Change-Id: Ida95403b55024ecd07ef811a0835e01a9a7f092b
BUG: 3331
Reviewed-on: http://review.gluster.com/163
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amar@gluster.com>
---
 libglusterfs/src/compat.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'libglusterfs/src/compat.c')

diff --git a/libglusterfs/src/compat.c b/libglusterfs/src/compat.c
index 2197272d9..ef62f5b36 100644
--- a/libglusterfs/src/compat.c
+++ b/libglusterfs/src/compat.c
@@ -535,7 +535,7 @@ mkdtemp (char *tempstring)
         char *new_string = NULL;
         int   ret        = 0;
 
-        new_string = mktemp (tempstring);
+        new_string = mkstemp (tempstring);
         if (!new_string)
                 goto out;
 
-- 
cgit