create a temporary file with unpredictable name

Question

When we create temporary files using tmpfile, in most cases we cannot easily predict the name. Coverity scan also complains about its vulnerability. So is there any function to create a temporary file which cannot be guessed easily?

What you can do is generate a random string (please search internet how to do this) and use this random string to name your file in `fopen()`. — Gaurav Pathak, Nov 02 '17 at 12:29
I was looking for a similar function like tmpfile, Of course I can choose to call fopen, but if there is already a function why should I write ? — RAFI KC, Nov 06 '17 at 16:01

svm · Accepted Answer · 2017-11-02T12:42:51.760

2

If you using Linux, then mkstemp

Or use tmpnam

edited Nov 02 '17 at 12:42

answered Nov 02 '17 at 12:30

svm

392
3
9

1

`mkstemp()` also has some security issues, Refer [this link](http://www.securiteam.com/unixfocus/6H00S0K6AA.html). – Gaurav Pathak Nov 02 '17 at 12:32
Tag is C not C++ . – J...S Nov 02 '17 at 12:39
Edit my answer: change std::tmpnam to tmpnam from stdio.h – svm Nov 02 '17 at 12:43

create a temporary file with unpredictable name

1 Answers1