search

OpenZWave / open-zwave-control-panel

UNMAINTAINED - We are looking for someone to maintain ozwcp! The OpenZWave Control Panel (ozwcp for short) is an application built on the OpenZWave library that permits users to query, manage and monitor Z-Wave nodes and networks. It provides a web based user interface using AJAX principles.
Other
130 stars 72 forks source link

make warning #7

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?

1.make

What is the expected output? What do you see instead?

openzwave-control-panel-read-only/webserver.cpp:333: warning: the use of 
`mktemp' is dangerous, better use `mkstemp' or `mkdtemp'

What version of the product are you using? On what operating system?
ubuntu 10.04   openzwave r603

Original issue reported on code.google.com by softgh...@gmail.com on 28 Dec 2012 at 4:03

rfdrake commented 9 years ago

I was looking at this code to see why it was using mktemp, but it looks like it has a couple of issues:

    strncpy(fntemp, "/tmp/ozwcp.topo.XXXXXX", sizeof(fntemp));
    fn = mktemp(fntemp);
    if (fn == NULL)
            return EMPTY;
    strncat(fntemp, ".xml", sizeof(fntemp));
    if (debug)
            doc.Print(stdout, 0);
    doc.SaveFile(fn);
    return fn;

The strncat ".xml" is never used so it should probably just be dropped. Modifying the temporary filename doesn't seem like a great idea anyway. So the other problem is that fn is a char pointer where mkstemp needs an integer since it returns a filehandle instead of a name.

That's no big deal because mkstemp will modify the buffer internally and return it.

You've got an unneeded filehandle returned, but you can deal with that in a couple of ways. You could modify doc.Savefile to accept descriptors instead of names, or just close it.

Fishwaldo commented 9 years ago

thanks. I'll look into this eventually.