temporary file

Discussion in 'C++' started by Philipp Kraus, Nov 26, 2010.

  1. Hello,

    how can I created a temporary (unique) file? I have used the C function
    tmpnam, but my newer gcc shows a warning, that the using is dangerous.
    So I would like to switch to mkstemp(), but this function is not in the
    standard.

    I have written a logger class which creates on a static attribute
    (std::string logger::m_filename = tmpnam(NULL);) the temporary
    filename and if there is a log entry the file is created. My code
    should be run / compile under posix- and Windows systems so how can I
    create (optimal a fstream) with a temporary file, which can only read
    by the owner and is not delete after the program is finished?

    Thanks

    Phil
     
    Philipp Kraus, Nov 26, 2010
    #1
    1. Advertising

  2. On 26 Nov, 11:20, Philipp Kraus <> wrote:
    > Hello,
    >
    > how can I created a temporary (unique) file? I have used the C function
    > tmpnam, but my newer gcc shows a warning, that the using is dangerous.
    > So I would like to switch to mkstemp(), but this function is not in the
    > standard.
    >
    > I have written a logger class which creates on a static attribute
    > (std::string logger::m_filename  = tmpnam(NULL);) the temporary
    > filename and if there is a log entry the file is created. My code
    > should be run / compile under posix- and Windows systems so how can I
    > create (optimal a fstream) with a temporary file, which can only read
    > by the owner and is not delete after the program is finished?
    >
    > Thanks
    >
    > Phil


    First result in google
    http://www.cplusplus.com/reference/clibrary/cstdio/tmpfile/
    ;)
     
    Andrea Crotti, Nov 26, 2010
    #2
    1. Advertising

  3. On 2010-11-26 12:00:30 +0100, Andrea Crotti said:

    > On 26 Nov, 11:20, Philipp Kraus <> wrote:
    >> Hello,
    >>
    >> how can I created a temporary (unique) file? I have used the C function
    >> tmpnam, but my newer gcc shows a warning, that the using is dangerous.
    >> So I would like to switch to mkstemp(), but this function is not in the
    >> standard.
    >>
    >> I have written a logger class which creates on a static attribute
    >> (std::string logger::m_filename  = tmpnam(NULL);) the temporary
    >> filename and if there is a log entry the file is created. My code
    >> should be run / compile under posix- and Windows systems so how can I
    >> create (optimal a fstream) with a temporary file, which can only read
    >> by the owner and is not delete after the program is finished?
    >>
    >> Thanks
    >>
    >> Phil

    >
    > First result in google
    > http://www.cplusplus.com/reference/clibrary/cstdio/tmpfile/
    > ;)


    tmpfile creates a file and delete after the stream is closed, but I
    need - see my first post - a tempfile which is not deleted.

    Thx

    Phil
     
    Philipp Kraus, Nov 26, 2010
    #3
  4. Philipp Kraus

    Goran Guest

    On Nov 26, 11:20 am, Philipp Kraus <> wrote:
    > Hello,
    >
    > how can I created a temporary (unique) file? I have used the C function
    > tmpnam, but my newer gcc shows a warning, that the using is dangerous.
    > So I would like to switch to mkstemp(), but this function is not in the
    > standard.
    >
    > I have written a logger class which creates on a static attribute
    > (std::string logger::m_filename  = tmpnam(NULL);) the temporary
    > filename and if there is a log entry the file is created. My code
    > should be run / compile under posix- and Windows systems so how can I
    > create (optimal a fstream) with a temporary file, which can only read
    > by the owner and is not delete after the program is finished?


    Is there something wrong with tmpnam + fopen?

    Goran.
     
    Goran, Nov 26, 2010
    #4
  5. Philipp Kraus

    gwowen Guest

    On Nov 26, 12:18 pm, Goran <> wrote:
    > Is there something wrong with tmpnam + fopen?


    Potential for race conditions between the call to tmpnam() and the
    call to fopen(), leading to insecure code or potential Denial Of
    Service in the face of a belligerent user.
     
    gwowen, Nov 26, 2010
    #5
  6. On 2010-11-26 13:29:23 +0100, gwowen said:

    > On Nov 26, 12:18 pm, Goran <> wrote:
    >> Is there something wrong with tmpnam + fopen?

    >
    > Potential for race conditions between the call to tmpnam() and the
    > call to fopen(), leading to insecure code or potential Denial Of
    > Service in the face of a belligerent user.


    Yes, that's my problem. I have a multithreading code, which should
    write down the log message in one (unique) file. I would like to create
    a unique filename. Is there a cross-plattform function to create this
    name? Or should I create a own function which call's a mersenne twister
    or the random device?

    Thx

    Phil
     
    Philipp Kraus, Nov 26, 2010
    #6
  7. Philipp Kraus

    Jorgen Grahn Guest

    On Fri, 2010-11-26, Philipp Kraus wrote:
    > On 2010-11-26 13:29:23 +0100, gwowen said:
    >
    >> On Nov 26, 12:18 pm, Goran <> wrote:
    >>> Is there something wrong with tmpnam + fopen?

    >>
    >> Potential for race conditions between the call to tmpnam() and the
    >> call to fopen(), leading to insecure code or potential Denial Of
    >> Service in the face of a belligerent user.

    >
    > Yes, that's my problem. I have a multithreading code, which should
    > write down the log message in one (unique) file. I would like to create
    > a unique filename. Is there a cross-plattform function to create this
    > name? Or should I create a own function which call's a mersenne twister
    > or the random device?


    But - but - but ... why do you feel the name of the file must be
    unpredictable, when you intend to hand it to the user? How are you
    going to document it? "If you want to read the log messages, look in
    all recently created files with funny names"?

    Look at how strace and valgrind (on Unix) treat their log files. I
    hope what you want is actually something similar.

    /Jorgen

    --
    // Jorgen Grahn <grahn@ Oo o. . .
    \X/ snipabacken.se> O o .
     
    Jorgen Grahn, Nov 27, 2010
    #7
  8. On 2010-11-27 12:03:48 +0100, Jorgen Grahn said:

    > On Fri, 2010-11-26, Philipp Kraus wrote:
    >> On 2010-11-26 13:29:23 +0100, gwowen said:
    >>
    >>> On Nov 26, 12:18 pm, Goran <> wrote:
    >>>> Is there something wrong with tmpnam + fopen?
    >>>
    >>> Potential for race conditions between the call to tmpnam() and the
    >>> call to fopen(), leading to insecure code or potential Denial Of
    >>> Service in the face of a belligerent user.

    >>
    >> Yes, that's my problem. I have a multithreading code, which should
    >> write down the log message in one (unique) file. I would like to create
    >> a unique filename. Is there a cross-plattform function to create this
    >> name? Or should I create a own function which call's a mersenne twister
    >> or the random device?

    >
    > But - but - but ... why do you feel the name of the file must be
    > unpredictable, when you intend to hand it to the user? How are you
    > going to document it? "If you want to read the log messages, look in
    > all recently created files with funny names"?


    I would have got a name like <programname> . <uniquenumber> . log
    in the temporary path. I have read the boost documentation to find out
    the temp-path, but it seems
    in the newest release there is no function.

    I think there is no native interface to read the temporary path or
    create a unique filename with some constraints

    Thanks

    Phil
     
    Philipp Kraus, Nov 28, 2010
    #8
  9. Philipp Kraus

    Fred Zwarts Guest

    "Philipp Kraus" <> wrote in message
    news:icoth9$qfo$
    > On 2010-11-26 13:29:23 +0100, gwowen said:
    >
    >> On Nov 26, 12:18 pm, Goran <> wrote:
    >>> Is there something wrong with tmpnam + fopen?

    >>
    >> Potential for race conditions between the call to tmpnam() and the
    >> call to fopen(), leading to insecure code or potential Denial Of
    >> Service in the face of a belligerent user.

    >
    > Yes, that's my problem. I have a multithreading code, which should
    > write down the log message in one (unique) file. I would like to
    > create a unique filename. Is there a cross-plattform function to
    > create this name? Or should I create a own function which call's a
    > mersenne twister or the random device?


    Can't you place the call to tmpnam() and the call to fopen() in one critical section guarded with a mutex to remove the race condition?
     
    Fred Zwarts, Nov 29, 2010
    #9
  10. Philipp Kraus

    gwowen Guest

    On Nov 29, 8:29 am, "Fred Zwarts" <> wrote:
    > Can't you place the call to tmpnam() and the call to fopen() in one critical section guarded with a mutex to remove the race condition?


    The problem isn't a race within one's own code. That could be dealt
    with by your methods. The problem is this.

    Your code
    ---------
    call tmpnam(), get /tmp/pattern_43234532523, say
    Attackers code
    --------------
    Flood /tmp with symbolic links named
    pattern_XXXXXXX, all pointing to a
    critical file of yours

    call fopen(/tmp/pattern_43234532523,"w")

    Oops, you've now truncated your critical file to length zero...
     
    gwowen, Nov 29, 2010
    #10
  11. Philipp Kraus

    James Kanze Guest

    On Nov 26, 10:20 am, Philipp Kraus <> wrote:

    > how can I created a temporary (unique) file? I have used the C function
    > tmpnam, but my newer gcc shows a warning, that the using is dangerous.


    Ignore the warning. It's bullshit. (You can use tmpnam
    dangerously, but that's true for just about every function.)

    --
    James Kanze
     
    James Kanze, Nov 29, 2010
    #11
  12. Philipp Kraus

    James Kanze Guest

    On Nov 29, 8:45 am, gwowen <> wrote:
    > On Nov 29, 8:29 am, "Fred Zwarts" <> wrote:


    > > Can't you place the call to tmpnam() and the call to fopen()
    > > in one critical section guarded with a mutex to remove the
    > > race condition?


    > The problem isn't a race within one's own code. That could be dealt
    > with by your methods. The problem is this.


    > Your code
    > ---------
    > call tmpnam(), get /tmp/pattern_43234532523, say
    > Attackers code
    > --------------
    > Flood /tmp with symbolic links named
    > pattern_XXXXXXX, all pointing to a
    > critical file of yours


    > call fopen(/tmp/pattern_43234532523,"w")


    > Oops, you've now truncated your critical file to length zero...


    You're supposing 1) a remarkably stupid implementation of
    tmpnam(), which forces creation in a directory to which everyone
    has access, and 2) a remarkably open system, in which untrusted
    users can create symbolic links where ever they feel like. (And
    if you are on such an open system, you're supposing a remarkably
    naïve use of tmpnam(). Most of the time, I'll use the results
    of tmpnam() to create a directory (with appropriate access
    rights), and put all of my temporary files in that.

    --
    James Kanze
     
    James Kanze, Nov 29, 2010
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. sudha
    Replies:
    1
    Views:
    311
  2. Philippe Meunier
    Replies:
    3
    Views:
    1,720
    John Saunders
    Oct 18, 2003
  3. Bob Morris

    Temporary File Names

    Bob Morris, Nov 28, 2003, in forum: ASP .Net
    Replies:
    3
    Views:
    695
    Bob Morris
    Nov 29, 2003
  4. Replies:
    7
    Views:
    3,224
    James Kanze
    Feb 12, 2008
  5. Lin Jingxian
    Replies:
    2
    Views:
    95
    Tad McClellan
    May 9, 2005
Loading...

Share This Page