C Programming/stdio.h/tmpfile

From Wikibooks, open books for an open world
Jump to navigation Jump to search

In computing, tmpfile is an ISO C/POSIX function for creating a temporary file, a computer file which ceases to exist when the program, which opened the file, closes it or terminates.[1][2][3]




#include <stdio.h>


#include <cstdio>


FILE* tmpfile(void);


The function tmpfile reports a pointer to a valid file stream on success; on failure, it returns NULL.[1]

Error conditions[edit]

In addition to returning NULL, tmpfile sets errno on failure. The permissible values of errno, if tmpfile fails, are:[1]

  • EINTR - if a signal was caught during the execution of tmpfile.
  • EMFILE - if the maximum number of file descriptors and/or the maximum number of file streams has been reached (in the process).
  • ENFILE - if the maximum allowable number of files is currently open (in the system).
  • ENOSPC - if there is no space in the file system for creating the temporary file.
  • EOVERFLOW - if the file is a regular file and the size of the file cannot be represented correctly in an object of type off_t.
  • ENOMEM - if there is insufficient memory for allocating the file stream.


The tmpfile function is susceptible to a number of security vulnerabilities; use the non-portable mkstemp (UNIX) or tmpfile_s (MSVCRT) functions, instead, to avoid these issues.[4][5]

The implementation of this function in Microsoft C run-time library tries to create the file in the root directory of the current drive and typically fails reporting "Access denied".


  1. a b c tmpfile by OpenGroup
  2. Temporary Files by GNU C Library
  3. tmpfile by HMUG
  4. TMPNAM-TMPFILE Vulnerability by Build Security In
  5. VOID FI039-C. Create temporary files securely by CERT

External links[edit]