From e18b25bccd2b92d49daa7f05be6c5e4b2eeeb2d0 Mon Sep 17 00:00:00 2001
From: david <david@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Thu, 26 Sep 2013 07:17:08 +0000
Subject: [PATCH] Use tempfile in place of tempnam.

To avoid new GCC warnings about tempnam:
ncat_connect.c:789: warning: the use of `tempnam' is dangerous, better use `mkstemp'

Doing things this way has the same race condition as tempnam did,
because we are unlinking the file before binding it. (The race window is
smaller now.) The file must not exist before binding the Unix socket, or
else you get an "address already in use" error. Unlinking before binding
is the same thing that netcat-openbsd does. See this earlier thread:
http://seclists.org/nmap-dev/2012/q4/336.
---
 ncat/ncat_connect.c       | 2 +-
 nsock/src/nsock_connect.c | 7 +++++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/ncat/ncat_connect.c b/ncat/ncat_connect.c
index 0289882c8..d745f161b 100644
--- a/ncat/ncat_connect.c
+++ b/ncat/ncat_connect.c
@@ -560,7 +560,7 @@ int ncat_connect(void)
             if (srcaddr.storage.ss_family != AF_UNIX) {
                 char *tmp_name = NULL;
                 /* If no source socket was specified, we have to create temporary one. */
-                if ((tmp_name = tempnam(NULL, "ncat.")) == NULL)
+                if ((tmp_name = tempfile(NULL, "ncat.")) == NULL)
                     bye("Failed to create name for temporary DGRAM source Unix domain socket (tempnam).");
 
                 srcaddr.un.sun_family = AF_UNIX;
diff --git a/nsock/src/nsock_connect.c b/nsock/src/nsock_connect.c
index 9fd396ae7..a313bd8a2 100644
--- a/nsock/src/nsock_connect.c
+++ b/nsock/src/nsock_connect.c
@@ -67,6 +67,7 @@
 
 
 static int mksock_bind_addr(mspool *ms, msiod *iod) {
+  const char *path;
   int rc;
   int one = 1;
 
@@ -78,13 +79,15 @@ static int mksock_bind_addr(mspool *ms, msiod *iod) {
                     socket_strerror(err), err);
   }
 
-  nsock_log_info(ms, "Binding to %s (IOD #%li)", get_localaddr_string(iod), iod->id);
+  path = get_localaddr_string(iod);
+  unlink(path);
+  nsock_log_info(ms, "Binding to %s (IOD #%li)", path, iod->id);
   rc = bind(iod->sd, (struct sockaddr *)&iod->local, (int) iod->locallen);
   if (rc == -1) {
     int err = socket_errno();
 
     nsock_log_error(ms, "Bind to %s failed (IOD #%li): %s (%d)",
-                    get_localaddr_string(iod), iod->id,
+                    path, iod->id,
                     socket_strerror(err), err);
   }
   return 0;