public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "cvs-commit at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug libstdc++/104161] Potential Security Vulnerability: remove_all and symbolic link Date: Wed, 04 Oct 2023 11:28:47 +0000 [thread overview] Message-ID: <bug-104161-4-yeXZ3T7joJ@http.gcc.gnu.org/bugzilla/> (raw) In-Reply-To: <bug-104161-4@http.gcc.gnu.org/bugzilla/> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104161 --- Comment #11 from CVS Commits <cvs-commit at gcc dot gnu.org> --- The releases/gcc-11 branch has been updated by Jonathan Wakely <redi@gcc.gnu.org>: https://gcc.gnu.org/g:e742c6baa92403767b4ba8227f34fc7919db28e0 commit r11-11039-ge742c6baa92403767b4ba8227f34fc7919db28e0 Author: Jonathan Wakely <jwakely@redhat.com> Date: Mon Feb 7 23:36:47 2022 +0000 libstdc++: Fix filesystem::remove_all for Windows [PR104161] The recursive_directory_iterator::__erase member was failing for Windows, because the entry._M_type value is always file_type::none (because _Dir_base::advance doesn't populate it for Windows) and top.unlink uses fs::remove which sets an error using the system_category. That meant that ec.value() was a Windows error code and not an errno value, so the comparisons to EPERM and EISDIR failed. Instead of depending on a specific Windows error code for attempting to remove a directory, just use directory_entry::refresh() to query the type first. This doesn't avoid the TOCTTOU races with directory symlinks, but we can't avoid them on Windows without openat and unlinkat, and creating symlinks requires admin privs on Windows anyway. This also fixes the fs::remove_all(const path&) overload, which was supposed to use the same logic as the other overload, but I forgot to change it before my previous commit. libstdc++-v3/ChangeLog: PR libstdc++/104161 * src/c++17/fs_dir.cc (fs::recursive_directory_iterator::__erase): [i_GLIBCXX_FILESYSTEM_IS_WINDOWS]: Refresh entry._M_type member, instead of checking for errno values indicating a directory. * src/c++17/fs_ops.cc (fs::remove_all(const path&)): Use similar logic to non-throwing overload. (fs::remove_all(const path&, error_code&)): Add comments. * src/filesystem/ops-common.h: Likewise. (cherry picked from commit 5750952bec1e632d1f804f4a1bed2f74c0f3b189)
next prev parent reply other threads:[~2023-10-04 11:28 UTC|newest] Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-01-21 11:47 [Bug c++/104161] New: " adrien.devresse at metamorphe dot engineering 2022-01-21 13:02 ` [Bug libstdc++/104161] " redi at gcc dot gnu.org 2022-01-21 14:27 ` adrien.devresse at metamorphe dot engineering 2022-01-25 21:09 ` cvs-commit at gcc dot gnu.org 2022-01-26 0:30 ` redi at gcc dot gnu.org 2022-01-27 1:51 ` jistone at redhat dot com 2022-01-27 8:29 ` redi at gcc dot gnu.org 2022-02-04 23:50 ` cvs-commit at gcc dot gnu.org 2022-02-08 13:40 ` cvs-commit at gcc dot gnu.org 2023-10-04 11:28 ` cvs-commit at gcc dot gnu.org 2023-10-04 11:28 ` cvs-commit at gcc dot gnu.org 2023-10-04 11:28 ` cvs-commit at gcc dot gnu.org [this message] 2023-10-04 11:33 ` redi at gcc dot gnu.org
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-104161-4-yeXZ3T7joJ@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).