From 04b366b09cb7b84cc92f9b4e25342fc42ef0f086 Mon Sep 17 00:00:00 2001
From: Jon Trulson <jon@radscan.com>
Date: Tue, 7 Aug 2012 16:52:26 -0600
Subject: [PATCH] dtdbcache: Use mkstemp() instead of tmpnam() to avoid bad
 interactions

Patch from Aaron W. Hsu <arcfide@sacrideo.us>
---
 cde/lib/DtSvc/DtUtil1/MMDb.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/cde/lib/DtSvc/DtUtil1/MMDb.c b/cde/lib/DtSvc/DtUtil1/MMDb.c
index 20a92602..7891340e 100644
--- a/cde/lib/DtSvc/DtUtil1/MMDb.c
+++ b/cde/lib/DtSvc/DtUtil1/MMDb.c
@@ -680,13 +680,25 @@ write_db(DtDtsMMHeader *header, void *index, int size, const char *CacheFile)
 	/* unique file name instead. */
 	char tmpnam_buf[L_tmpnam + 1];
 
+	if ((tmpfile = malloc(sizeof(_DTDTSMMTEMPDIR) +
+	    sizeof(_DTDTSMMTEMPFILE) + 7)) == NULL) {
+		_DtSimpleError(DtProgName, DtError, NULL, tmpfile, NULL);
+		return 0;
+	}
+
+	sprintf(tmpfile, "%s/%sXXXXXX", _DTDTSMMTEMPDIR, _DTDTSMMTEMPFILE);
+	fd = mkstemp(tmpfile);
+
+	/*
 	tmpfile = (char *)malloc(sizeof(_DTDTSMMTEMPDIR) +
 				 sizeof(_DTDTSMMTEMPFILE) + L_tmpnam + 3);
+
 	tmpnam(tmpnam_buf);
 	sprintf(tmpfile, "%s/%s%s", _DTDTSMMTEMPDIR, _DTDTSMMTEMPFILE,
 		basename(tmpnam_buf));
 
 	fd  = open(tmpfile, O_RDWR|O_CREAT, 0600);
+	*/
 	umask(cmask);
 
 	if(fd ==  -1)
-- 
2.25.1