Create temporary files securely using mkstemp() instead of mktemp()

Reviewed by:	mikeh, audit@
MFC after:	1 week

gnu/usr.bin/rcs/lib/conf.h

@@ -172,6 +172,7 @@ typedef void *malloc_type; /* type returned by malloc() */
 /* #define has_getwd ? */ /* Does getwd() work?  */
 #define needs_getabsname 0 /* Must we define getabsname?  */
 #define has_mktemp 1 /* Does mktemp() work?  */
+#define has_mkstemp 1 /* DOes mkstemp() work?  */
 #define has_NFS 1 /* Might NFS be used?  */
 #define has_psiginfo 0 /* Does psiginfo() work?  */
 #define has_psignal 1 /* Does psignal() work?  */

gnu/usr.bin/rcs/lib/rcsedit.c

@@ -1507,6 +1507,9 @@ makedirtemp(isworkfile)
 	register size_t dl;
 	register struct buf *bn;
 	register char const *name = isworkfile ? workname : RCSname;
+#	if has_mktemp
+	int fd;
+#	endif
 
 	dl = basefilename(name) - name;
 	bn = &dirtpname[newRCSdirtp_index + isworkfile];
@@ -1525,10 +1528,12 @@ makedirtemp(isworkfile)
 	catchints();
 #	if has_mktemp
 		VOID strcpy(tp, "XXXXXX");
-		if (!mktemp(np) || !*np)
+		fd = mkstemp(np);
+		if (fd < 0 || !*np)
 		    faterror("can't make temporary pathname `%.*s_%cXXXXXX'",
 			(int)dl, name, '0'+isworkfile
 		    );
+		close(fd);
 #	else
 		/*
 		 * Posix 1003.1-1990 has no reliable way

gnu/usr.bin/rcs/lib/rcsfnms.c

@@ -284,6 +284,9 @@ maketemp(n)
 {
 	char *p;
 	char const *t = tpnames[n];
+#	if has_mktemp
+	int fd;
+#	endif
 
 	if (t)
 		return t;
@@ -295,10 +298,12 @@ maketemp(n)
 	    size_t tplen = dir_useful_len(tp);
 	    p = testalloc(tplen + 10);
 	    VOID sprintf(p, "%.*s%cT%cXXXXXX", (int)tplen, tp, SLASH, '0'+n);
-	    if (!mktemp(p) || !*p)
+	    fd = mkstemp(p);
+	    if (fd < 0 || !*p)
 		faterror("can't make temporary pathname `%.*s%cT%cXXXXXX'",
 			(int)tplen, tp, SLASH, '0'+n
 		);
+	    close(fd);
 #	else
 	    static char tpnamebuf[TEMPNAMES][L_tmpnam];
 	    p = tpnamebuf[n];