temporary file

[Philipp Kraus]

Hello,

how can I created a temporary (unique) file? I have used the C function
tmpnam, but my newer gcc shows a warning, that the using is dangerous.
So I would like to switch to mkstemp(), but this function is not in the
standard.

I have written a logger class which creates on a static attribute
(std::string logger::m_filename = tmpnam(NULL) the temporary
filename and if there is a log entry the file is created. My code
should be run / compile under posix- and Windows systems so how can I
create (optimal a fstream) with a temporary file, which can only read
by the owner and is not delete after the program is finished?

Thanks

Phil

 

[Andrea Crotti]

Hello,

how can I created a temporary (unique) file? I have used the C function
tmpnam, but my newer gcc shows a warning, that the using is dangerous.
So I would like to switch to mkstemp(), but this function is not in the
standard.

I have written a logger class which creates on a static attribute
(std::string logger::m_filename  = tmpnam(NULL) the temporary
filename and if there is a log entry the file is created. My code
should be run / compile under posix- and Windows systems so how can I
create (optimal a fstream) with a temporary file, which can only read
by the owner and is not delete after the program is finished?

Thanks

Phil

First result in google
http://www.cplusplus.com/reference/clibrary/cstdio/tmpfile/

 

[Philipp Kraus]

First result in google
http://www.cplusplus.com/reference/clibrary/cstdio/tmpfile/

tmpfile creates a file and delete after the stream is closed, but I
need - see my first post - a tempfile which is not deleted.

Thx

Phil

 

[Goran]

Hello,

how can I created a temporary (unique) file? I have used the C function
tmpnam, but my newer gcc shows a warning, that the using is dangerous.
So I would like to switch to mkstemp(), but this function is not in the
standard.

I have written a logger class which creates on a static attribute
(std::string logger::m_filename  = tmpnam(NULL) the temporary
filename and if there is a log entry the file is created. My code
should be run / compile under posix- and Windows systems so how can I
create (optimal a fstream) with a temporary file, which can only read
by the owner and is not delete after the program is finished?

Is there something wrong with tmpnam + fopen?

Goran.

 

[gwowen]

Is there something wrong with tmpnam + fopen?

Potential for race conditions between the call to tmpnam() and the
call to fopen(), leading to insecure code or potential Denial Of
Service in the face of a belligerent user.

 

[Philipp Kraus]

Potential for race conditions between the call to tmpnam() and the
call to fopen(), leading to insecure code or potential Denial Of
Service in the face of a belligerent user.

Yes, that's my problem. I have a multithreading code, which should
write down the log message in one (unique) file. I would like to create
a unique filename. Is there a cross-plattform function to create this
name? Or should I create a own function which call's a mersenne twister
or the random device?

Thx

Phil

 

[Jorgen Grahn]

Yes, that's my problem. I have a multithreading code, which should
write down the log message in one (unique) file. I would like to create
a unique filename. Is there a cross-plattform function to create this
name? Or should I create a own function which call's a mersenne twister
or the random device?

But - but - but ... why do you feel the name of the file must be
unpredictable, when you intend to hand it to the user? How are you
going to document it? "If you want to read the log messages, look in
all recently created files with funny names"?

Look at how strace and valgrind (on Unix) treat their log files. I
hope what you want is actually something similar.

/Jorgen

 

[Philipp Kraus]

But - but - but ... why do you feel the name of the file must be
unpredictable, when you intend to hand it to the user? How are you
going to document it? "If you want to read the log messages, look in
all recently created files with funny names"?

I would have got a name like <programname> . <uniquenumber> . log
in the temporary path. I have read the boost documentation to find out
the temp-path, but it seems
in the newest release there is no function.

I think there is no native interface to read the temporary path or
create a unique filename with some constraints

Thanks

Phil

 

[Fred Zwarts]

Yes, that's my problem. I have a multithreading code, which should
write down the log message in one (unique) file. I would like to
create a unique filename. Is there a cross-plattform function to
create this name? Or should I create a own function which call's a
mersenne twister or the random device?

Can't you place the call to tmpnam() and the call to fopen() in one critical section guarded with a mutex to remove the race condition?

 

[gwowen]

Can't you place the call to tmpnam() and the call to fopen() in one critical section guarded with a mutex to remove the race condition?

The problem isn't a race within one's own code. That could be dealt
with by your methods. The problem is this.

Your code
---------
call tmpnam(), get /tmp/pattern_43234532523, say
Attackers code
--------------
Flood /tmp with symbolic links named
pattern_XXXXXXX, all pointing to a
critical file of yours

call fopen(/tmp/pattern_43234532523,"w")

Oops, you've now truncated your critical file to length zero...

 

[James Kanze]

how can I created a temporary (unique) file? I have used the C function
tmpnam, but my newer gcc shows a warning, that the using is dangerous.

Ignore the warning. It's bullshit. (You can use tmpnam
dangerously, but that's true for just about every function.)

 

[James Kanze]

The problem isn't a race within one's own code. That could be dealt
with by your methods. The problem is this.

Your code

call fopen(/tmp/pattern_43234532523,"w")

Oops, you've now truncated your critical file to length zero...

You're supposing 1) a remarkably stupid implementation of
tmpnam(), which forces creation in a directory to which everyone
has access, and 2) a remarkably open system, in which untrusted
users can create symbolic links where ever they feel like. (And
if you are on such an open system, you're supposing a remarkably
naïve use of tmpnam(). Most of the time, I'll use the results
of tmpnam() to create a directory (with appropriate access
rights), and put all of my temporary files in that.