mirror of
https://github.com/git/git.git
synced 2025-12-12 20:36:24 +01:00
7bef658135
Older versions of mktemp(3) generate easily guessable file names. The function checks if the generated name is used, which is unreliable, as a file with that name might then be created by some other process before we can do it ourselves. The function was dropped from POSIX due to its security problems. Forbid its use. Signed-off-by: René Scharfe <l.s.r@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
48 lines
1.1 KiB
C
48 lines
1.1 KiB
C
#ifndef BANNED_H
|
|
#define BANNED_H
|
|
|
|
/*
|
|
* This header lists functions that have been banned from our code base,
|
|
* because they're too easy to misuse (and even if used correctly,
|
|
* complicate audits). Including this header turns them into compile-time
|
|
* errors.
|
|
*/
|
|
|
|
#define BANNED(func) sorry_##func##_is_a_banned_function
|
|
|
|
#undef strcpy
|
|
#define strcpy(x,y) BANNED(strcpy)
|
|
#undef strcat
|
|
#define strcat(x,y) BANNED(strcat)
|
|
#undef strncpy
|
|
#define strncpy(x,y,n) BANNED(strncpy)
|
|
#undef strncat
|
|
#define strncat(x,y,n) BANNED(strncat)
|
|
#undef strtok
|
|
#define strtok(x,y) BANNED(strtok)
|
|
#undef strtok_r
|
|
#define strtok_r(x,y,z) BANNED(strtok_r)
|
|
|
|
#undef sprintf
|
|
#undef vsprintf
|
|
#define sprintf(...) BANNED(sprintf)
|
|
#define vsprintf(...) BANNED(vsprintf)
|
|
|
|
#undef gmtime
|
|
#define gmtime(t) BANNED(gmtime)
|
|
#undef localtime
|
|
#define localtime(t) BANNED(localtime)
|
|
#undef ctime
|
|
#define ctime(t) BANNED(ctime)
|
|
#undef ctime_r
|
|
#define ctime_r(t, buf) BANNED(ctime_r)
|
|
#undef asctime
|
|
#define asctime(t) BANNED(asctime)
|
|
#undef asctime_r
|
|
#define asctime_r(t, buf) BANNED(asctime_r)
|
|
|
|
#undef mktemp
|
|
#define mktemp(x) BANNED(mktemp)
|
|
|
|
#endif /* BANNED_H */
|