bpo-42278: Use tempfile.TemporaryDirectory rather than tempfile.mktemp in pydoc (GH-23200) (GH-28026)gentoo-3.7.11_p1

Co-authored-by: Łukasz Langa <lukasz@langa.pl>
(cherry picked from commit c9227df5a9d8e958a2324cf0deba8524d1ded26a)

Co-authored-by: E-Paine <63801254+E-Paine@users.noreply.github.com>

2 files changed, 9 insertions, 6 deletions

diff --git a/Lib/pydoc.py b/Lib/pydoc.py
index 9677c0d0468..f03678be74b 100644
--- a/Lib/pydoc.py
+++ b/Lib/pydoc.py
@@ -1511,13 +1511,14 @@ def pipepager(text, cmd):
 def tempfilepager(text, cmd):
     """Page through text by invoking a program on a temporary file."""
     import tempfile
-    filename = tempfile.mktemp()
-    with open(filename, 'w', errors='backslashreplace') as file:
-        file.write(text)
-    try:
+    with tempfile.TemporaryDirectory() as tempdir:
+        filename = os.path.join(tempdir, 'pydoc.out')
+        with open(filename, 'w', errors='backslashreplace',
+                  encoding=os.device_encoding(0) if
+                  sys.platform == 'win32' else None
+                  ) as file:
+            file.write(text)
         os.system(cmd + ' "' + filename + '"')
-    finally:
-        os.unlink(filename)
 
 def _escape_stdout(text):
     # Escape non-encodable characters to avoid encoding errors later
diff --git a/Misc/NEWS.d/next/Security/2021-08-29-12-39-44.bpo-42278.jvmQz_.rst b/Misc/NEWS.d/next/Security/2021-08-29-12-39-44.bpo-42278.jvmQz_.rst
new file mode 100644
index 00000000000..db880cd9026
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2021-08-29-12-39-44.bpo-42278.jvmQz_.rst
@@ -0,0 +1,2 @@
+Replaced usage of :func:`tempfile.mktemp` with
+:class:`~tempfile.TemporaryDirectory` to avoid a potential race condition.