...
The following statement creates some_file in the /tmp directory.
| Code Block | ||
|---|---|---|
| ||
int fd = open("/tmp/some_file", O_WRONLY | O_CREAT | O_TRUNC, 0600);
|
...
Non-Compliant Code Example: O_CREAT and O_EXCL
This vulnerability can be prevented by including To prevent an existing file from being opened and truncated, include the flags O_CREAT and O_EXCL when calling open().
...
This call to open() fails whenever /tmp/some_file already exists, including when it is a symbolic link.
Care should be observed when using O_EXCL with remote file systems as it does not work with NFSv2 (but is supported in NFSv3 and later).
The problem with this solution is that open() can will fail if /tmp/some_file already exists. One solution is to generate random file names and attempt to open() each until we find a unique name. Luckily, there are predefined functions that do perform this for usfunction.
Non-Compliant Code Example: tmpnam()
...