In this case, it appears to fall under the "Enhanced error reporting" category of upgrades to the Windows CRT. In this case, it basically means that it will return a status value and fill out a pre-given FILE
pointer, rather than just returning a FILE
pointer.
I doubt there was actually a security flaw with tmpfile
, more that Microsoft were bringing the implementation of it to the same standards as other functions in their CRT without breaking API compatibility with a standard CRT, as described here: http://msdn.microsoft.com/en-us/library/8ef0s5kh.aspx.