#13660: mktemp() generates completely deterministic filenames
-------------------------------+------------------------------
Reporter: david.given | Owner: nobody
Type: bug | Status: new
Priority: normal | Milestone: Unscheduled
Component: System/libroot.so | Version: R1/Development
Keywords: | Blocked By:
Blocking: | Has a Patch: 0
Platform: All |
-------------------------------+------------------------------
`mktemp()` uses `rand()` to generate filenames, but `rand()` doesn't get
seeded on process startup. This means that `mktemp()` will generate
precisely the same sequence of filenames on every run.
While this is technically correct, which is the best kind of correct, it's
possibly the worst thing it could possibly do --- it _looks_ like it's
working, but doesn't. It pretty much guarantees file collisions with
parallel builds.
I have since changed my code to use `mkstemp()` instead, which solves my
particular issue, but Haiku's `mktemp()` shouldn't be doing this. I know
that `mktemp()` is broken by design, but there's so much old software
using it that we should really by trying harder. I'd suggest on of:
- use a real random number generator;
- keep `rand()`, but use a private seed based on the pid and timestamp;
- don't use random numbers at all and start with a constant string before
mutating it! It's still technically correct, but now it's at least
completely obvious what's happening.
Test program demonstrating the issue follows:
{{{
#include <stdlib.h>
#include <stdio.h>
int main() {
char s[] = "/tmp/XXXXXX";
mktemp(s);
printf("%s\n", s);
}
$ gcc test.c
$ ./test
/tmp/temp.mq2NP5
$ ./test
/tmp/temp.mq2NP5
$ ./test
/tmp/temp.mq2NP5
$ ./test
/tmp/temp.mq2NP5
}}}
--
Ticket URL: <https://dev.haiku-os.org/ticket/13660>
Haiku <https://dev.haiku-os.org>
The Haiku operating system.
