From 65fa9f863be90ca984f21330fb01efdb600b2cda Mon Sep 17 00:00:00 2001
From: Mathias Tausig <mathias.tausig@fh-campuswien.ac.at>
Date: Thu, 6 Oct 2016 14:11:11 +0200
Subject: [PATCH] Replace tmpnam with secure alternative. (Issue #200)

---
 encfs/test.cpp | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/encfs/test.cpp b/encfs/test.cpp
index 56a7ab1..ee66469 100644
--- a/encfs/test.cpp
+++ b/encfs/test.cpp
@@ -175,19 +175,26 @@ bool runTests(const std::shared_ptr<Cipher> &cipher, bool verbose) {
     cfg.assignKeyData(keyBuf, encodedKeySize);
 
     // save config
-    auto name = std::tmpnam(nullptr);
+    //Creation of a temporary file should be more platform independent. On c++17 we could use std::filesystem.
+    string name = "/tmp/encfstestXXXXXX";
+    int tmpFd = mkstemp(&name[0]);
+    rAssert(-1 != tmpFd);
+    //mkstemp opens the temporary file, but we only need its name -> close it
+    rAssert(0 == close(tmpFd));
     {
-      auto ok = writeV6Config(name, &cfg);
+      auto ok = writeV6Config(name.c_str(), &cfg);
       rAssert(ok == true);
     }
 
     // read back in and check everything..
     EncFSConfig cfg2;
     {
-      auto ok = readV6Config(name, &cfg2, nullptr);
+      auto ok = readV6Config(name.c_str(), &cfg2, nullptr);
       rAssert(ok == true);
     }
-
+    //delete the temporary file where we stored the config
+    rAssert(0 == unlink(name.c_str()));
+    
     // check..
     rAssert(cfg.cipherIface.implements(cfg2.cipherIface));
     rAssert(cfg.keySize == cfg2.keySize);