[GRASS5] PATCH: asprintf.c

[Glynn Clements]

Hamish wrote:

> G_asprintf() is using G_tempfile():
> 
> /* We cheat by printing to a tempfile via vfprintf and then reading it
>  * back in.  Not the most efficient way, probably.
>  */
> 
> 
> Is the only way to have a safe, portable snprintf() *really* to write
> and read off the disk? Surely we can do better.

As GRASS is GPL, we can just take the code from GNU libc.

> Aside from being grossly inefficient, this is really bad when running
> GRASS on a limited write cycle flash drive, e.g. handhelds. You can
> mount /tmp on a virtual ram-drive ok, but due to the security issues
> surrounding putting stuff in /tmp, G_tempfile() has to write to the
> mapset, which you definitely don't want to be volatile storage.

Using the mapset directory has nothing to do with security issues. 
There are plenty of ways to securely create files under /tmp.

The reason that G_tempfile() uses the mapset is that it must be
possible to use link() to atomically replace a GRASS database file
with a file created by G_tempfile(), so the file which G_tempfile()
creates has to reside on the same filesystem (i.e. partition) as the
mapset directory.

Actual "temporary" files should use e.g. tempnam() rather than
G_tempfile(). Either that or G_tempfile() should be renamed and
anything which uses it for its original purpose should use the renamed
function.

-- 
Glynn Clements <glynn at gclements.plus.com>