Skip to content

Enhance TemporaryFile to match C's tmpfile() security and functionality #90

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
konard wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Enhance TemporaryFile to match C's tmpfile() security and functionality #90

konard wants to merge 3 commits into from

Conversation

@konard
Copy link
Member

@konard konard commented Sep 12, 2025
edited
Loading

Summary

This pull request enhances the TemporaryFile class to provide security features equivalent to C's tmpfile() function or better, addressing issue #82.

Key Improvements

🔒 Enhanced Security

  • Eliminates race conditions: Replaced insecure Path.GetTempFileName() with secure random filename generation using Path.GetRandomFileName()
  • Prevents file hijacking: Uses FileMode.CreateNew to ensure files don't already exist
  • Restrictive permissions: Implements Windows ACL (current user only) and Unix 600-equivalent permissions
  • Exclusive access: Uses FileShare.None to prevent concurrent access while file is open

🚀 Better Functionality

  • Direct stream access: Added FileStream Stream property for direct I/O operations like C's tmpfile()
  • Implicit conversions: Support for both string (filename) and FileStream implicit operators
  • Automatic cleanup: Uses FileOptions.DeleteOnClose for reliable deletion
  • Finalizer support: Ensures cleanup even during abnormal termination

🔧 Improved Reliability

  • Race condition handling: Retry logic (up to 1000 attempts) for unique file creation
  • Robust disposal: Enhanced error handling during cleanup operations
  • Registry tracking: Improved temporary file registry management with add/remove functionality

Technical Details

Before (Issues)

  • Used Path.GetTempFileName() which has known security vulnerabilities
  • Only provided filename access, requiring separate file operations
  • Relied on manual cleanup without proper error handling
  • Vulnerable to race conditions and predictable filename attacks

After (Improvements)

  • Secure random filename generation with collision avoidance
  • Direct FileStream access providing tmpfile-like functionality
  • Multiple layers of automatic cleanup (DeleteOnClose + finalizer)
  • Comprehensive error handling and security measures

Test Coverage

Added comprehensive tests covering:

  • ✅ Basic temporary file creation and cleanup
  • ✅ Direct stream access and I/O operations
  • ✅ Unique filename generation
  • ✅ Secure file creation verification
  • ✅ Proper disposal and cleanup behavior
  • ✅ Stream properties matching tmpfile behavior

Compatibility

  • Fully backward compatible - existing code continues to work unchanged
  • Additional functionality - new Stream property provides enhanced capabilities
  • Cross-platform - Works on both Windows (with ACL) and Unix-like systems

Performance

  • Minimal performance impact from security improvements
  • Efficient retry mechanism for filename collision handling
  • Optimized disposal path with proper resource management

Test Results

All tests pass successfully:

  • 7 total tests: 7 passed, 0 failed
  • Comprehensive coverage of new functionality and security features

🤖 Generated with Claude Code

Resolves #82

@konard
Initial commit with task details for issue #82
57e2892 
Adding CLAUDE.md with task information for AI processing.
This file will be removed when the task is complete.

Issue: #82
@konard konard self-assigned this Sep 12, 2025
@konard @claude
Enhance TemporaryFile to match C's tmpfile() security and functionality
a032a6b 
Major improvements:
- Replace insecure Path.GetTempFileName() with secure random filename generation
- Add direct FileStream access like C's tmpfile() for better usability
- Implement FileOptions.DeleteOnClose for automatic cleanup
- Add restrictive file permissions (Windows ACL, Unix 600 equivalent)
- Improve race condition handling with retry logic for unique file creation
- Add finalizer for cleanup during abnormal termination
- Enhanced test coverage with tmpfile-like behavior verification

Security benefits:
- Eliminates race conditions from predictable filenames
- Uses CreateNew mode to prevent file hijacking attacks
- Sets restrictive permissions accessible only to current user
- Automatic deletion on both normal and abnormal termination

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
@konard konard changed the title [WIP] Make sure is as good as from C/C++ or better. Enhance TemporaryFile to match C's tmpfile() security and functionality Sep 12, 2025
@konard konard marked this pull request as ready for review September 12, 2025 21:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@konard konard

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Make sure TemproryFile is as good as tmpfile from C/C++ or better.

2 participants

@konard