make warning

[GoogleCodeExporter]

What steps will reproduce the problem?

1.make

What is the expected output? What do you see instead?

openzwave-control-panel-read-only/webserver.cpp:333: warning: the use of 
`mktemp' is dangerous, better use `mkstemp' or `mkdtemp'

What version of the product are you using? On what operating system?
ubuntu 10.04   openzwave r603

Original issue reported on code.google.com by [email protected] on 28 Dec 2012 at 4:03

[rfdrake]

I was looking at this code to see why it was using mktemp, but it looks like it has a couple of issues:

    strncpy(fntemp, "/tmp/ozwcp.topo.XXXXXX", sizeof(fntemp));
    fn = mktemp(fntemp);
    if (fn == NULL)
            return EMPTY;
    strncat(fntemp, ".xml", sizeof(fntemp));
    if (debug)
            doc.Print(stdout, 0);
    doc.SaveFile(fn);
    return fn;

The strncat ".xml" is never used so it should probably just be dropped. Modifying the temporary filename doesn't seem like a great idea anyway. So the other problem is that fn is a char pointer where mkstemp needs an integer since it returns a filehandle instead of a name.

That's no big deal because mkstemp will modify the buffer internally and return it.

You've got an unneeded filehandle returned, but you can deal with that in a couple of ways. You could modify doc.Savefile to accept descriptors instead of names, or just close it.

[Fishwaldo]

thanks. I'll look into this eventually.