cybersecurity · beginner · ~10 min

Validate that a mkstemp template ends with at least 6 X's

Pre-check the mkstemp contract.

Challenge

Implement int valid_mkstemp_template(const char *t).

Return 1 if t is non-NULL and ends with at least 6 consecutive X chars (any longer suffix of X is fine, e.g. /tmp/cplat-XXXXXXXX is fine). Else 0.

Why this matters

mkstemp mutates its template in place. If the template lacks the trailing 'XXXXXX', the call fails or — on some old glibcs — produces predictable names. A defensive wrapper checks the template first.

Input format

Null-terminated string.

Output format

0/1.

Constraints

Pure string scan.

Starter code

int valid_mkstemp_template(const char *t) { /* TODO */ (void)t; return 0; }

Common mistakes

Requiring EXACTLY 6 X's. Any suffix of >= 6 X's is fine.

Edge cases to handle

Empty string. String shorter than 6 chars. All X's.

Complexity

O(strlen).

Background lessons

Symlink attacks and how to refuse them

Up next

Reject when O_NOFOLLOW would have refused

Solve this exercise in the browser editor — compile and run against the test harness, no setup required.