抑制警告:使用“mktemp” 很危险
如何抑制 gcc 链接器发出的以下警告:
警告:使用 'mktemp' 很危险,最好使用 'mkstemp'
我确实知道最好使用 mkstemp() 但由于某种原因我必须使用 mktemp() 函数。
How can I suppress following warning from gcc linker:
warning: the use of 'mktemp' is dangerous, better use 'mkstemp'
I do know that it's better to use mkstemp() but for some reason I have to use mktemp() function.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(6)
我猜您需要该路径,因为您将其传递给一个仅接受路径名作为参数而不接受文件描述符或 FILE 指针的库。 如果是这样,您可以使用 mkdtemp 创建一个临时目录并将文件放在那里,实际名称并不重要,因为该目录的路径已经是唯一的。
I guess you need the path because you pass it to a library that only accepts path names as argument and not file descriptors or
FILEpointers. If so you can create a temp dir withmkdtempand place your file there, the actual name is then unimportant because the path is already unique because of the directory.如果您必须使用
mktemp,那么除了从libc 中删除使用mktemp的部分之外,您无法抑制该警告。所以.6。为什么必须使用
mktemp?If you have to use
mktempthen there is not anything you can do to suppress that warning short of removing the section that usesmktempfrom libc.so.6.Why do you have to use
mktemp?有两件事:
mktemp不是标准函数.gnu.warning.mktemp部分如果确实需要,请使用本机操作系统 API写入磁盘。 或者按照建议使用
mkstemp()。Two things:
mktempis not a standard function.gnu.warning.mktempsectionUse a native OS API if you really need to write to the disk. Or
mkstemp()as suggested.使用
mkstemp:调用后,
template将替换为实际文件名。 您将获得文件描述符和文件路径。Use
mkstemp:After this call,
templatewill be replaced with the actual file name. You will have the file descriptor and the file's path.如果您静态链接运行时,则另一个选择是在目标文件中编写您自己的
mktemp版本。 链接器应该更喜欢您的版本而不是运行时版本。编辑:感谢 Jason Coco 指出了我对
mktemp及其亲属的一个重大误解。 现在这个问题比较容易解决了。 由于链接器更喜欢目标文件中的版本,因此您只需根据mkstemp编写mktemp即可。唯一的困难是清理 mkstemp 将返回给您的文件描述符并使所有内容都是线程安全的。 如果您可以限制需要的临时文件数量,则可以使用静态描述符数组和 atexit 注册函数进行清理。 如果没有,就用链表代替。
If you are statically linking the runtime, then the other option is to write your own version of
mktempin an object file. The linker should prefer your version over the runtime version.Edit: Thanks to Jason Coco for pointing out a major misunderstanding that I had in
mktempand its relatives. This one is a little easier to solve now. Since the linker will prefer a version in an object file, you just need to writemktempin terms ofmkstemp.The only difficulties are cleaning up the file descriptors that
mkstempwill return to you and making everything thread safe. You could use a static array of descriptors and anatexit-registered function for cleanup if you can put a cap on how many temporary files you need. If not, just use a linked list instead.mktemp在需要时经常被误用创建临时名称而不实际创建
一个 tmp 文件,就像
mkstemp那样。 也许你想要将此类名称传递给
sem_open或shm_open,以及您很清楚 O_EXCL 标志。 有许多
当你想创建一些对象时可能的用途
具有随机名称,并且该对象不是 tmp 文件。
然而,
mktemp确实不应该被使用,即使在那种情况。 这是因为它检查生成的
现有文件的名称,如果存在这样的文件,
它会循环生成另一个名称,依此类推。
这确实不是您想要的,尤其是如果您
最后不会创建这样的文件。
所以最好自己写
针对您的特定需求的实施,而不是
而不是尝试消除
mktemp警告。 我只是简单地从 glibc 中提取了
mktemp生成器代码源并添加了
%P修饰符处理,这将 pid 添加到模板中:
https://github.com/dosemu2/ osemu2/blob/devel/src/base/misc/utilities.c#L1103
您可以使用该代码作为示例,或者直接编写
你自己。
这样做时只有基本的警告规则
技巧:
到随机字符。 这样你就避免了一种可能性
与您自己的程序的另一个实例发生冲突
具有模板的相同固定部分。
可能的恶意尝试使您的程序
打开不该打开的东西。
可能会停止(你的名字中有 pid,并且你
知道你的 pid 还没有创建它),所以你可以
取消链接并重试独占创建。 如果
创建再次失败然后可能是恶意的
正在进行中,因此您可以退出。
比程序退出时。 在此类对象(信号量、
共享内存等)被打开,取消链接不会阻止
通过已经获得的 fds 使用它们。 如果你想
fork 使用这些对象的子进程,在
大多数情况下,仅在父级中打开它们就足够了,
并立即取消链接。
孩子可以通过继承的 fds 使用它们,而不是
比再次打开。
我相信以上建议已经足够了
用于使用您自己的类似
mktemp的函数安全且坚固。 但这只是我自己的意见。
mktempis frequently misused when the one wantsto create a temporary name without actually creating
a tmp file, like
mkstempwould do. Maybe you wantto pass such name to
sem_openorshm_open, andyou are well aware of an O_EXCL flag. There are many
possible uses, when you want to create some object
with a random name, and that object is not a tmp file.
However,
mktempreally should not be used, even inthat case. This is because it checks the generated
name over the existing file, and if such file exist,
it generates another name, and so on, in a loop.
This is really not what you want, especially if you
are not going to create such a file at the end.
So it would be better to just write your own
implementation targeting your specific needs, rather
than to try silencing the
mktempwarning. I simplyextracted the
mktempgenerator code from glibcsources and added the
%Pmodifier handling, whichadds the pid to a template:
https://github.com/dosemu2/dosemu2/blob/devel/src/base/misc/utilities.c#L1103
You can use that code as an example, or just write
your own.
There are just the basic caution rules when doing such
kind of tricks:
to the random chars. That way you avoid a possibility of
clashing with another instance of your own program which
has the same fixed part of a template.
possible malicious attempts to make your program to
open something it shouldn't open.
might be stalled (you have pid in the name, and you
know your pid haven't yet created it), so you can
unlink it and retry the exclusive creation. If the
creation fails again then perhaps something malicious
is going on, so you can just exit.
than on a program exit. After such objects (semaphores,
shared memory etc) are opened, unlink doesn't prevent
using them via the already obtained fds. If you want to
fork the child process that uses these objects, in
most cases it is enough to open them in a parent only,
and immediately unlink.
The child can use them via the inherited fds, rather
than to open again.
I believe the above recommendations are sufficient
for making the use of your own
mktemp-alike functionsecure and robust. But that's just my own opinion.