[MINC-development] patches for tmpnam

[Peter NEELIN]

On Wed, 5 Mar 2003, Steve ROBBINS wrote:

> On Mon, Mar 03, 2003 at 05:06:51PM -0500, Vicka Corey wrote:
> > Hi -- here are the changes I've put in to get rid of gcc warnings
> > from calls to tmpnam().
>
> The changes you propose will cause file descriptor leakage which
> is not acceptable, especially not in a library.
>
> It's true that you can get around that by closing the file
> descriptor returned by mkstemp(), but that really misses the
> point of the warnings.  The linker is warning you of a race
> condition.  If the tmpnam() calls are going to be replaced,
> the race ought to be fixed.  There's no point in doing it just
> to get rid of a link warning.

The call to mkstemp should fix the race condition, since it has already
created the file. One could then close the descriptor and overwrite the
file safely (it belongs to the current user now, so it should be safe).
The problem with tmpfile is that it does not return the file name, and it
unlinks the file after it is opened - it is truly a temporary file! The
minc library needs a filename to feed to gzip.

The main issue with mkstemp is that it does not refer to TMPDIR. If
tempnam is to be replaced, then Bert's function should be adapted to first
check for a TMPDIR setting - this can be useful when tmp space is small
and one is either uncompressing large files on the fly, or creating
temporary cached volumes with volume_io.

Bert's fix of creating a "correct" tempname replacement within the minc
library (probably in netcdf_convenience.c) is the way to go. All of the
calls to tempnam (and friends) can be replaced with calls to this
function. It will then be much easier to iterate over attempts to get it
right (right being defined as not leaking descriptors, error messages or
features) until everyone is happy.

            Peter
----
            Peter Neelin (neelin@bic.mni.mcgill.ca)