Replace mktemp(3) with mkstemp(3).
Man page states: Some implementations follow 4.3BSD and replace XXXXXX by the current process ID and a single letter, so that at most 26 different names can be returned. Since on the one hand the names are easy to guess, and on the other hand there is a race between testing whether the name exists and opening the file, every use of mktemp() is a security risk. The race is avoided by mkstemp(3). Change-Id: Ida95403b55024ecd07ef811a0835e01a9a7f092b BUG: 3331 Reviewed-on: Tested-by: Gluster Build System <> Reviewed-by: Amar Tumballi <>
@@ -535,7 +535,7 @@ mkdtemp (char *tempstring)
char *new_string = NULL;
int ret = 0;
- new_string = mktemp (tempstring);
+ new_string = mkstemp (tempstring);
if (!new_string)
goto out;