public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "cvs-commit at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug libstdc++/104161] Potential Security Vulnerability: remove_all and symbolic link
Date: Tue, 08 Feb 2022 13:40:46 +0000 [thread overview]
Message-ID: <bug-104161-4-4QGkOgvdgX@http.gcc.gnu.org/bugzilla/> (raw)
In-Reply-To: <bug-104161-4@http.gcc.gnu.org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104161
--- Comment #8 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Jonathan Wakely <redi@gcc.gnu.org>:
https://gcc.gnu.org/g:5750952bec1e632d1f804f4a1bed2f74c0f3b189
commit r12-7099-g5750952bec1e632d1f804f4a1bed2f74c0f3b189
Author: Jonathan Wakely <jwakely@redhat.com>
Date: Mon Feb 7 23:36:47 2022 +0000
libstdc++: Fix filesystem::remove_all for Windows [PR104161]
The recursive_directory_iterator::__erase member was failing for
Windows, because the entry._M_type value is always file_type::none
(because _Dir_base::advance doesn't populate it for Windows) and
top.unlink uses fs::remove which sets an error using the
system_category. That meant that ec.value() was a Windows error code and
not an errno value, so the comparisons to EPERM and EISDIR failed.
Instead of depending on a specific Windows error code for attempting to
remove a directory, just use directory_entry::refresh() to query the
type first. This doesn't avoid the TOCTTOU races with directory
symlinks, but we can't avoid them on Windows without openat and
unlinkat, and creating symlinks requires admin privs on Windows anyway.
This also fixes the fs::remove_all(const path&) overload, which was
supposed to use the same logic as the other overload, but I forgot to
change it before my previous commit.
libstdc++-v3/ChangeLog:
PR libstdc++/104161
* src/c++17/fs_dir.cc (fs::recursive_directory_iterator::__erase):
[i_GLIBCXX_FILESYSTEM_IS_WINDOWS]: Refresh entry._M_type member,
instead of checking for errno values indicating a directory.
* src/c++17/fs_ops.cc (fs::remove_all(const path&)): Use similar
logic to non-throwing overload.
(fs::remove_all(const path&, error_code&)): Add comments.
* src/filesystem/ops-common.h: Likewise.
next prev parent reply other threads:[~2022-02-08 13:40 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-21 11:47 [Bug c++/104161] New: " adrien.devresse at metamorphe dot engineering
2022-01-21 13:02 ` [Bug libstdc++/104161] " redi at gcc dot gnu.org
2022-01-21 14:27 ` adrien.devresse at metamorphe dot engineering
2022-01-25 21:09 ` cvs-commit at gcc dot gnu.org
2022-01-26 0:30 ` redi at gcc dot gnu.org
2022-01-27 1:51 ` jistone at redhat dot com
2022-01-27 8:29 ` redi at gcc dot gnu.org
2022-02-04 23:50 ` cvs-commit at gcc dot gnu.org
2022-02-08 13:40 ` cvs-commit at gcc dot gnu.org [this message]
2023-10-04 11:28 ` cvs-commit at gcc dot gnu.org
2023-10-04 11:28 ` cvs-commit at gcc dot gnu.org
2023-10-04 11:28 ` cvs-commit at gcc dot gnu.org
2023-10-04 11:33 ` redi at gcc dot gnu.org
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-104161-4-4QGkOgvdgX@http.gcc.gnu.org/bugzilla/ \
--to=gcc-bugzilla@gcc.gnu.org \
--cc=gcc-bugs@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).