Skip to content

C
cpython
Kaydet (Commit) 95618b5b authored tarafından Skip Montanaro's avatar Skip Montanaro
Dosyalara gözat
Seçenekler

added warnings about security risk of using tmpnam and tempnam

üst 50d756e2
Hide whitespace changes
Inline Side-by-side
Showing with 10 additions and 0 deletions
Modules/posixmodule.c
Dosyayı görüntüle @ 95618b5b
...@@ -4211,6 +4211,11 @@ posix_tempnam(PyObject *self, PyObject *args) ...@@ -4211,6 +4211,11 @@ posix_tempnam(PyObject *self, PyObject *args)
if (!PyArg_ParseTuple(args, "|zz:tempnam", &dir, &pfx)) if (!PyArg_ParseTuple(args, "|zz:tempnam", &dir, &pfx))
return NULL; return NULL;
if (PyErr_Warn(PyExc_RuntimeWarning,
"tempnam is a potential security risk to your program") < 0)
return NULL;
#ifdef MS_WIN32 #ifdef MS_WIN32
name = _tempnam(dir, pfx); name = _tempnam(dir, pfx);
#else #else
...@@ -4258,6 +4263,11 @@ posix_tmpnam(PyObject *self, PyObject *args) ...@@ -4258,6 +4263,11 @@ posix_tmpnam(PyObject *self, PyObject *args)
if (!PyArg_ParseTuple(args, ":tmpnam")) if (!PyArg_ParseTuple(args, ":tmpnam"))
return NULL; return NULL;
if (PyErr_Warn(PyExc_RuntimeWarning,
"tmpnam is a potential security risk to your program") < 0)
return NULL;
#ifdef USE_TMPNAM_R #ifdef USE_TMPNAM_R
name = tmpnam_r(buffer); name = tmpnam_r(buffer);
#else #else
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment