From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id 718E63858C83 for ; Wed, 26 Jan 2022 22:11:31 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 718E63858C83 Received: from mail-yb1-f197.google.com (mail-yb1-f197.google.com [209.85.219.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-589-iH91dVyqMnGCEwN8pO6vMw-1; Wed, 26 Jan 2022 17:11:29 -0500 X-MC-Unique: iH91dVyqMnGCEwN8pO6vMw-1 Received: by mail-yb1-f197.google.com with SMTP id s7-20020a5b0447000000b005fb83901511so2006997ybp.11 for ; Wed, 26 Jan 2022 14:11:29 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=VUe0m32nQqHMgenb5OrNH0/+3s1jQXRBlMmbIcFYJog=; b=BArM4SnOgr1n2Tdcc4MQbVLSGAvfUbunOtoKdsqBBuFw5whY2kbVZWfzAQJ/vSaeM/ m79wskCfDoutTV4mRLGrwBKy0gb8MasOwFl1eUf7HS+eHLbFQyMtyI4fx1kg4XWuqcln t/FbElyYZOk7cpMjdg9RQbpDB6ruIg3tCwLlEAmohC6zXX17lzgqXw1VzeJYnvSXOCpV 8AbhSgrUCBwgjUKsZ4AphKKONVTDao1O0QKACzcHt+WlJ32LWEomRov2ofiH9syD4hEl fdmXZGFQIELBVeiIgbdquW1f/XIgkJxBS2Oiciqy3JXR80JvKjIovGzbwI1v2dbl1S/o XcoQ== X-Gm-Message-State: AOAM531oSTyxt3iZIQU3lyGcLOr7Vx6tUWZrT1WWvmJtSV9plfn8/6bT Bm8q4WKiHS3A+NjWu4FvRzONXWNkgoz4JPXkJyEBYxJQeqlPuk6Fr2lI6sCtm6V8jKz8kpjiigQ ftqyMlfv8522ZpW/liNQzRPxDa3jrADGZog== X-Received: by 2002:a5b:8:: with SMTP id a8mr1553689ybp.316.1643235089013; Wed, 26 Jan 2022 14:11:29 -0800 (PST) X-Google-Smtp-Source: ABdhPJwSjlz2lkcjkz+N4yQV2ObNik2qwyxWG67/h5BwDw4xMRsHwNdiao3FLtllYTOmHeC09TjWC4CrALukZHr24FA= X-Received: by 2002:a5b:8:: with SMTP id a8mr1553662ybp.316.1643235088767; Wed, 26 Jan 2022 14:11:28 -0800 (PST) MIME-Version: 1.0 References: <20220125210951.864358-1-jwakely@redhat.com> In-Reply-To: From: Jonathan Wakely Date: Wed, 26 Jan 2022 22:11:17 +0000 Message-ID: Subject: Re: [committed] libstdc++: Avoid symlink race in filesystem::remove_all [PR104161] To: Dimitar Dimitrov Cc: "libstdc++" , gcc Patches X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-12.9 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Jan 2022 22:11:32 -0000 On Wed, 26 Jan 2022 at 22:08, Dimitar Dimitrov wrote: > > On Tue, Jan 25, 2022 at 09:09:51PM +0000, Jonathan Wakely via Gcc-patches wrote: > > Tested x86_64-linux, pushed to trunk. Backports to follow. > > > > > > This adds a new internal flag to the filesystem::directory_iterator > > constructor that makes it fail if the path is a symlink that resolves to > > a directory. This prevents filesystem::remove_all from following a > > symlink to a directory, rather than deleting the symlink itself. > > > > We can also use that new flag in recursive_directory_iterator to ensure > > that we don't follow symlinks if the follow_directory_symlink option is > > not set. > > > > This also moves an error check in filesystem::remove_all after the while > > loop, so that errors from the directory_iterator constructor are > > reproted, instead of continuing to the filesystem::remove call below. > > > > libstdc++-v3/ChangeLog: > > > > PR libstdc++/104161 > > * acinclude.m4 (GLIBCXX_CHECK_FILESYSTEM_DEPS): Check for > > fdopendir. > > * config.h.in: Regenerate. > > * configure: Regenerate. > > * src/c++17/fs_dir.cc (_Dir): Add nofollow flag to constructor > > and pass it to base class constructor. > > (directory_iterator): Pass nofollow flag to _Dir constructor. > > (fs::recursive_directory_iterator::increment): Likewise. > > * src/c++17/fs_ops.cc (do_remove_all): Use nofollow option for > > directory_iterator constructor. Move error check outside loop. > > * src/filesystem/dir-common.h (_Dir_base): Add nofollow flag to > > constructor and when it's set use ::open with O_NOFOLLOW and > > O_DIRECTORY. > > * src/filesystem/dir.cc (_Dir): Add nofollow flag to constructor > > and pass it to base class constructor. > > (directory_iterator): Pass nofollow flag to _Dir constructor. > > (fs::recursive_directory_iterator::increment): Likewise. > > * src/filesystem/ops.cc (remove_all): Use nofollow option for > > directory_iterator constructor. Move error check outside loop. > > --- > > libstdc++-v3/acinclude.m4 | 12 ++++++ > > libstdc++-v3/config.h.in | 3 ++ > > libstdc++-v3/configure | 55 ++++++++++++++++++++++++ > > libstdc++-v3/src/c++17/fs_dir.cc | 13 ++++-- > > libstdc++-v3/src/c++17/fs_ops.cc | 12 +++--- > > libstdc++-v3/src/filesystem/dir-common.h | 48 ++++++++++++++++----- > > libstdc++-v3/src/filesystem/dir.cc | 13 ++++-- > > libstdc++-v3/src/filesystem/ops.cc | 6 +-- > > 8 files changed, 134 insertions(+), 28 deletions(-) > > > > diff --git a/libstdc++-v3/acinclude.m4 b/libstdc++-v3/acinclude.m4 > > index d996477254c..7b6b807114a 100644 > > --- a/libstdc++-v3/acinclude.m4 > > +++ b/libstdc++-v3/acinclude.m4 > > @@ -4735,6 +4735,18 @@ dnl > > if test $glibcxx_cv_truncate = yes; then > > AC_DEFINE(HAVE_TRUNCATE, 1, [Define if truncate is available in .]) > > fi > > +dnl > > + AC_CACHE_CHECK([for fdopendir], > > + glibcxx_cv_fdopendir, [dnl > > + GCC_TRY_COMPILE_OR_LINK( > > + [#include ], > > + [::fdopendir(1);], > > + [glibcxx_cv_fdopendir=yes], > > + [glibcxx_cv_fdopendir=no]) > > + ]) > > + if test $glibcxx_cv_truncate = yes; then > > This is a typo. Should check glibcxx_cv_fdopendir. Oops, thanks! Copy&pasto.