qcheck/quse: address Coverity concerns

- it considers tmpfile() unsafe (?) - help it to see a variable was checked for NULL before Signed-off-by: Fabian Groffen <grobian@gentoo.org>
author: Fabian Groffen <grobian@gentoo.org> 2020-01-06 08:35:38 +0100
committer: Fabian Groffen <grobian@gentoo.org> 2020-01-06 08:35:38 +0100
commit: b7a9406bec657d4929b85c322d50440b48220fcf (patch)
tree: 25e58d6d32d2670303e78bbe582c0a57d959e262 /qcheck.c
parent: libq/tree: make some unused functions private (static) (diff)
download: portage-utils-b7a9406bec657d4929b85c322d50440b48220fcf.tar.gz
portage-utils-b7a9406bec657d4929b85c322d50440b48220fcf.tar.bz2
portage-utils-b7a9406bec657d4929b85c322d50440b48220fcf.zip
1 files changed, 7 insertions, 2 deletions
diff --git a/qcheck.c b/qcheck.c
index 65cc2d1a..1d8521af 100644
--- a/qcheck.c
+++ b/qcheck.c
@@ -104,11 +104,16 @@ qcheck_cb(tree_pkg_ctx *pkg_ctx, void *priv)
 
 	/* Open contents_update, if needed */
 	if (state->qc_update) {
-		fp_contents_update = tmpfile();
-		if (fp_contents_update == NULL) {
+		char tempfile[] = "qcheck-tmp-XXXXXX";
+		int fd = mkstemp(tempfile);
+		if (fd == -1 || (fp_contents_update = fdopen(fd, "w+")) == NULL) {
+			if (fd >= 0)
+				close(fd);
 			warnp("unable to temp file");
 			return EXIT_FAILURE;
 		}
+		/* like tmpfile() does, but Coverity thinks it is unsafe */
+		unlink(tempfile);
 	}
 
 	if (!state->chk_config_protect) {
author	Fabian Groffen <grobian@gentoo.org>	2020-01-06 08:35:38 +0100
committer	Fabian Groffen <grobian@gentoo.org>	2020-01-06 08:35:38 +0100
commit	b7a9406bec657d4929b85c322d50440b48220fcf (patch)
tree	25e58d6d32d2670303e78bbe582c0a57d959e262 /qcheck.c
parent	libq/tree: make some unused functions private (static) (diff)
download	portage-utils-b7a9406bec657d4929b85c322d50440b48220fcf.tar.gz portage-utils-b7a9406bec657d4929b85c322d50440b48220fcf.tar.bz2 portage-utils-b7a9406bec657d4929b85c322d50440b48220fcf.zip