From 7afc888279c6c09bc80339a556d451a627cd4482 Mon Sep 17 00:00:00 2001
From: Eric Kohl <eric.kohl@reactos.org>
Date: Thu, 19 Sep 2019 14:56:50 +0200
Subject: [PATCH] [CABMAN] Do not use tmpfile() because it does not work well
 on Windows XP

- Use tempnam() and fopen() instead.
- Prevent the use of file names with a leading slash or backslash.
- Also prevent the use of file names with a trailing dot.
- Remove temporary files after use.
---
 sdk/tools/cabman/CCFDATAStorage.cxx | 26 ++++++++++++++++++++++++--
 1 file changed, 24 insertions(+), 2 deletions(-)

diff --git a/sdk/tools/cabman/CCFDATAStorage.cxx b/sdk/tools/cabman/CCFDATAStorage.cxx
index 1d7ef5e64f4..b45aaf98f2d 100644
--- a/sdk/tools/cabman/CCFDATAStorage.cxx
+++ b/sdk/tools/cabman/CCFDATAStorage.cxx
@@ -55,7 +55,27 @@ CCFDATAStorage::~CCFDATAStorage()
 */
 ULONG CCFDATAStorage::Create()
 {
-    if ((FileHandle = tmpfile()) == NULL)
+    char TmpName[MAX_PATH];
+    char *pName;
+    int length;
+
+    if (tmpnam(TmpName) == NULL)
+        return CAB_STATUS_CANNOT_CREATE;
+
+    /* Append 'tmp' if the file name ends with a dot */
+    length = strlen(TmpName);
+    if (length > 0 && TmpName[length - 1] == '.')
+        strcat(TmpName, "tmp");
+
+    /* Skip a leading slash or backslash */
+    pName = TmpName;
+    if (*pName == '/' || *pName == '\\')
+        pName++;
+
+    strcpy(FullName, pName);
+
+    FileHandle = fopen(FullName, "w+b");
+    if (FileHandle == NULL)
         return CAB_STATUS_CANNOT_CREATE;
 
     return CAB_STATUS_SUCCESS;
@@ -78,6 +98,8 @@ ULONG CCFDATAStorage::Destroy()
 
     FileHandle = NULL;
 
+    remove(FullName);
+
     return CAB_STATUS_SUCCESS;
 }
 
@@ -93,7 +115,7 @@ ULONG CCFDATAStorage::Destroy()
 ULONG CCFDATAStorage::Truncate()
 {
     fclose(FileHandle);
-    FileHandle = tmpfile();
+    FileHandle = fopen(FullName, "w+b");
     if (FileHandle == NULL)
     {
         DPRINT(MID_TRACE, ("ERROR '%i'.\n", errno));
-- 
2.17.1