45064: Fix the mktemp() warning, in debug builds only.

On Linux, linking to mktemp() generates the following warning:
.
    utils.o: In function `gettempname':
    ./Src/utils.c:2229: warning: the use of `mktemp' is dangerous, better use `mkstemp' or `mkdtemp'

The warning cannot be disabled.

Work around that by using mkstemp() instead, and massage its output so
it behaves like mktemp().  See the new comment for further details.

2 files changed, 28 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index 2ea6116d8..5a8e6b956 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
 2019-12-18  Daniel Shahaf  <danielsh@apache.org>
 
+	* 45064: Src/utils.c: Fix the mktemp() warning, in debug
+	builds only.
+
 	* 45073: Doc/Zsh/contrib.yo: regex-replace docs: Simplify grammar
 	(avoid a double negative, state defaults first).
 
diff --git a/Src/utils.c b/Src/utils.c
index 1d916e71f..086c0dfcb 100644
--- a/Src/utils.c
+++ b/Src/utils.c
@@ -2201,6 +2201,31 @@ gettempname(const char *prefix, int use_heap)
 #ifdef HAVE__MKTEMP
     /* Zsh uses mktemp() safely, so silence the warnings */
     ret = (char *) _mktemp(ret);
+#elif HAVE_MKSTEMP && defined(DEBUG)
+    {
+	/* zsh uses mktemp() safely (all callers use O_EXCL, and one of them
+	 * uses mkfifo()/mknod(), as opposed to open()), but some compilers
+	 * warn about this anyway and give no way to disable the warning. To
+	 * appease them, use mkstemp() and then close the fd and unlink the
+	 * filename, to match callers' expectations.
+	 *
+	 * But do this in debug builds only, because we don't want to suffer
+	 * x3 the disk access (touch, unlink, touch again) in production.
+	 */
+	int fd;
+	errno = 0;
+	fd = mkstemp(ret);
+	if (fd < 0)
+	    zwarn("can't get a temporary filename: %e", errno);
+	else {
+	    close(fd);
+	    ret = ztrdup(ret);
+
+	    errno = 0;
+	    if (unlink(ret) < 0)
+		zwarn("unlinking a temporary filename failed: %e", errno);
+	}
+    }
 #else
     ret = (char *) mktemp(ret);
 #endif