lib/krb5_wrap: clang: Fix warning: Call to function 'mktemp' is insecure
authorNoel Power <noel.power@suse.com>
Tue, 18 Jun 2019 10:42:06 +0000 (10:42 +0000)
committerNoel Power <npower@samba.org>
Mon, 1 Jul 2019 13:34:11 +0000 (13:34 +0000)
Fixes:

lib/krb5_wrap/krb5_samba.c:2012:2: warning: Call to function 'mktemp' is insecure as it always creates or uses insecure temporary file.  Use 'mkstemp' instead <--[clang]
        mktemp(tmp_name);
        ^~~~~~

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
lib/krb5_wrap/krb5_samba.c

index 344a26c..eac86e6 100644 (file)
@@ -2009,7 +2009,7 @@ krb5_error_code smb_krb5_kinit_keyblock_ccache(krb5_context ctx,
 
        memcpy(tmp_name, SMB_CREDS_KEYTAB, sizeof(SMB_CREDS_KEYTAB));
        mask = umask(S_IRWXO | S_IRWXG);
-       mktemp(tmp_name);
+       mkstemp(tmp_name);
        umask(mask);
        if (tmp_name[0] == 0) {
                return KRB5_KT_BADNAME;