From aeaf3d2ce69e8af79586461c29b5fcc67e852190 Mon Sep 17 00:00:00 2001
From: Ted Kremenek <kremenek@apple.com>
Date: Wed, 24 Mar 2010 22:39:45 +0000
Subject: [PATCH] Improve static analyzer diagnostic concerning the use of
 'mktemp'

llvm-svn: 99441
---
 clang/lib/Checker/CheckSecuritySyntaxOnly.cpp | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/clang/lib/Checker/CheckSecuritySyntaxOnly.cpp b/clang/lib/Checker/CheckSecuritySyntaxOnly.cpp
index 923baf50f3f6..98a739b07dd6 100644
--- a/clang/lib/Checker/CheckSecuritySyntaxOnly.cpp
+++ b/clang/lib/Checker/CheckSecuritySyntaxOnly.cpp
@@ -328,17 +328,16 @@ void WalkAST::CheckCall_mktemp(const CallExpr *CE, const FunctionDecl *FD) {
   // Verify that the argument is a 'char*'.
   if (PT->getPointeeType().getUnqualifiedType() != BR.getContext().CharTy)
     return;
-  
+
   // Issue a waring.
   SourceRange R = CE->getCallee()->getSourceRange();
   BR.EmitBasicReport("Potential insecure temporary file in call 'mktemp'",
 		     "Security",
 		     "Call to function 'mktemp' is insecure as it always "
-		     "creates or uses insecure temporary file",
+		     "creates or uses insecure temporary file.  Use 'mkstemp' instead",
 		     CE->getLocStart(), &R, 1);
 }
 
-
 //===----------------------------------------------------------------------===//
 // Check: Linear congruent random number generators should not be used
 // Originally: <rdar://problem/63371000>