tmpnam remains in pdftops/gfile.cxx:499 #406

michaelrsweet opened this Issue Nov 15, 2003 · 2 comments


None yet
1 participant

michaelrsweet commented Nov 15, 2003

Version: 1.1.20rc6 User: kmuto.debian


I found pdftops/gfile.cxx remains insecure tmpnam using.

Warning from gcc (Debian GNU/Linux unstable gcc-3.3.2) says:
libxpdf.a(gfile.o)(.text+0x59d): In function openTempFile(GString**, _IO_FILE** , char const*, char const*)': cupsys-1.1.20candidate6/pdftops/gfile.cxx:499: warning: the use oftmpnam' is dangerous, better use `mkstemp'

The code is:
if (!(s = tmpnam(NULL))) {



michaelrsweet commented Nov 17, 2003 User: mike

tmpnam by itself is not insecure - the Xpdf code opens the tmpnam filename using the appropriate flags (O_EXCL and others).

The reason for the tmpnam code was to support LZW compressed streams on platforms using the "uncompress" command. Since some implementations of "uncompress" required a trailing ".Z" on the filename, the only function capable of supporting a temporary filename of this form was tmpnam.

That said, it appears that the LZW code is now implemented internally in Xpdf (thanks to the patent expiration... :), so I'll rip out the last vestiges of tmpnam for CUPS 1.1.20.



michaelrsweet commented Nov 19, 2003 User: mike

Fixed in CVS - the anonymous CVS repository will be updated at midnight EST.

michaelrsweet added this to the Stable milestone Mar 17, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment