1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1987, 1993
5 * The Regents of the University of California. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #if defined(LIBC_SCCS) && !defined(lint)
33 static char sccsid[] = "@(#)mktemp.c 8.1 (Berkeley) 6/4/93";
34 #endif /* LIBC_SCCS and not lint */
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
37
38 #include "namespace.h"
39 #include <sys/param.h>
40 #include <sys/stat.h>
41 #include <fcntl.h>
42 #include <errno.h>
43 #include <stdio.h>
44 #include <stdlib.h>
45 #include <string.h>
46 #include <ctype.h>
47 #include <unistd.h>
48 #include "un-namespace.h"
49
50 char *_mktemp(char *);
51
52 static int _gettemp(int, char *, int *, int, int, int);
53
54 static const unsigned char padchar[] =
55 "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
56
57 int
mkostempsat(int dfd,char * path,int slen,int oflags)58 mkostempsat(int dfd, char *path, int slen, int oflags)
59 {
60 int fd;
61
62 return (_gettemp(dfd, path, &fd, 0, slen, oflags) ? fd : -1);
63 }
64
65 int
mkostemps(char * path,int slen,int oflags)66 mkostemps(char *path, int slen, int oflags)
67 {
68 int fd;
69
70 return (_gettemp(AT_FDCWD, path, &fd, 0, slen, oflags) ? fd : -1);
71 }
72
73 int
mkstemps(char * path,int slen)74 mkstemps(char *path, int slen)
75 {
76 int fd;
77
78 return (_gettemp(AT_FDCWD, path, &fd, 0, slen, 0) ? fd : -1);
79 }
80
81 int
mkostemp(char * path,int oflags)82 mkostemp(char *path, int oflags)
83 {
84 int fd;
85
86 return (_gettemp(AT_FDCWD, path, &fd, 0, 0, oflags) ? fd : -1);
87 }
88
89 int
mkstemp(char * path)90 mkstemp(char *path)
91 {
92 int fd;
93
94 return (_gettemp(AT_FDCWD, path, &fd, 0, 0, 0) ? fd : -1);
95 }
96
97 char *
mkdtemp(char * path)98 mkdtemp(char *path)
99 {
100 return (_gettemp(AT_FDCWD, path, (int *)NULL, 1, 0, 0) ? path : (char *)NULL);
101 }
102
103 char *
_mktemp(char * path)104 _mktemp(char *path)
105 {
106 return (_gettemp(AT_FDCWD, path, (int *)NULL, 0, 0, 0) ? path : (char *)NULL);
107 }
108
109 __warn_references(mktemp,
110 "warning: mktemp() possibly used unsafely; consider using mkstemp()");
111
112 char *
mktemp(char * path)113 mktemp(char *path)
114 {
115 return (_mktemp(path));
116 }
117
118 static int
_gettemp(int dfd,char * path,int * doopen,int domkdir,int slen,int oflags)119 _gettemp(int dfd, char *path, int *doopen, int domkdir, int slen, int oflags)
120 {
121 char *start, *trv, *suffp, *carryp;
122 char *pad;
123 struct stat sbuf;
124 uint32_t rand;
125 char carrybuf[MAXPATHLEN];
126 int saved;
127
128 if ((doopen != NULL && domkdir) || slen < 0 ||
129 (oflags & ~(O_APPEND | O_DIRECT | O_SHLOCK | O_EXLOCK | O_SYNC |
130 O_CLOEXEC)) != 0) {
131 errno = EINVAL;
132 return (0);
133 }
134
135 trv = path + strlen(path);
136 if (trv - path >= MAXPATHLEN) {
137 errno = ENAMETOOLONG;
138 return (0);
139 }
140 trv -= slen;
141 suffp = trv;
142 --trv;
143 if (trv < path || NULL != strchr(suffp, '/')) {
144 errno = EINVAL;
145 return (0);
146 }
147
148 /* Fill space with random characters */
149 while (trv >= path && *trv == 'X') {
150 rand = arc4random_uniform(sizeof(padchar) - 1);
151 *trv-- = padchar[rand];
152 }
153 start = trv + 1;
154
155 saved = 0;
156 oflags |= O_CREAT | O_EXCL | O_RDWR;
157 for (;;) {
158 if (doopen) {
159 *doopen = _openat(dfd, path, oflags, 0600);
160 if (*doopen >= 0)
161 return (1);
162 if (errno != EEXIST)
163 return (0);
164 } else if (domkdir) {
165 if (mkdir(path, 0700) == 0)
166 return (1);
167 if (errno != EEXIST)
168 return (0);
169 } else if (lstat(path, &sbuf))
170 return (errno == ENOENT);
171
172 /* save first combination of random characters */
173 if (!saved) {
174 memcpy(carrybuf, start, suffp - start);
175 saved = 1;
176 }
177
178 /* If we have a collision, cycle through the space of filenames */
179 for (trv = start, carryp = carrybuf;;) {
180 /* have we tried all possible permutations? */
181 if (trv == suffp)
182 return (0); /* yes - exit with EEXIST */
183 pad = strchr(padchar, *trv);
184 if (pad == NULL) {
185 /* this should never happen */
186 errno = EIO;
187 return (0);
188 }
189 /* increment character */
190 *trv = (*++pad == '\0') ? padchar[0] : *pad;
191 /* carry to next position? */
192 if (*trv == *carryp) {
193 /* increment position and loop */
194 ++trv;
195 ++carryp;
196 } else {
197 /* try with new name */
198 break;
199 }
200 }
201 }
202 /*NOTREACHED*/
203 }
204