https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90195
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
Last reconfirmed| |2019-04-20
Component|other |driver
Ever confirmed|0 |1
--- Comment #3 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
do_tlink in tlink.c is the issue.
We should just truncate the file instead of unlink the two files there.
Unlinking also can cause other issues where another call to mktemp will cause
those files to exist for another process.
So it is not too bad of a security bug as it is only printing out to stdout and
stderr though.
This code dates back to before 1997.
