From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id 695EE3858C2C for ; Wed, 26 Jan 2022 22:11:37 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 695EE3858C2C Received: from mail-yb1-f200.google.com (mail-yb1-f200.google.com [209.85.219.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-463-fJvOw3_zN1OQrdX6SJp3ig-1; Wed, 26 Jan 2022 17:11:29 -0500 X-MC-Unique: fJvOw3_zN1OQrdX6SJp3ig-1 Received: by mail-yb1-f200.google.com with SMTP id y4-20020a5b0f44000000b00611862e546dso2028062ybr.7 for ; Wed, 26 Jan 2022 14:11:29 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=VUe0m32nQqHMgenb5OrNH0/+3s1jQXRBlMmbIcFYJog=; b=Yf4Gkk/+n4IXmaRi7pwjKGY7V+I2Ib0FLG/Ri3Uzz0CY0crrZyIT1StUNdcVDER1dt 1sF50wfWkLySEpD6wJuL+wg9Tr+PmqtXVsJEVbAkY/52mAjMyjNIyFp7PCqxamo+7RHs n3szADr66x7OE+zk/fiVoFAtjNMNXL5jIr4HrOThe/IQNKKIqw3b8ZOA/qxCoyc8wJFE mzBb87iH4yXiF6ODfxHHxtMN0KXi4jhiqMRzrNb6t9pwVwhIRdcVfixiQ0tRTwVAhMun WEPMzaAzdokHvNt50zsNXVaw0uZbQfcE+Mke1LzvRuiUIgpekQQ/0fNz1efE2Ld+QzTr 0kMQ== X-Gm-Message-State: AOAM5330egQrYKjq2eIRqyd1wsLQQPZBTfAGHrrxrZKCUa+7TMQdUjlU IJ/r/Jg7P+7DoTzPHTBBM/Scmz9IvDrGR6BRDHbkhpR7jh6CnFbLBNqlVeM2QlxBmD1jaBCcdfg BAoOQyAsDjP6qEYfOvHkenNbplGAgKZo= X-Received: by 2002:a5b:8:: with SMTP id a8mr1553688ybp.316.1643235089012; Wed, 26 Jan 2022 14:11:29 -0800 (PST) X-Google-Smtp-Source: ABdhPJwSjlz2lkcjkz+N4yQV2ObNik2qwyxWG67/h5BwDw4xMRsHwNdiao3FLtllYTOmHeC09TjWC4CrALukZHr24FA= X-Received: by 2002:a5b:8:: with SMTP id a8mr1553662ybp.316.1643235088767; Wed, 26 Jan 2022 14:11:28 -0800 (PST) MIME-Version: 1.0 References: <20220125210951.864358-1-jwakely@redhat.com> In-Reply-To: From: Jonathan Wakely Date: Wed, 26 Jan 2022 22:11:17 +0000 Message-ID: Subject: Re: [committed] libstdc++: Avoid symlink race in filesystem::remove_all [PR104161] To: Dimitar Dimitrov Cc: "libstdc++" , gcc Patches X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-13.0 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=unavailable autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libstdc++@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libstdc++ mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Jan 2022 22:11:38 -0000 On Wed, 26 Jan 2022 at 22:08, Dimitar Dimitrov wrote: > > On Tue, Jan 25, 2022 at 09:09:51PM +0000, Jonathan Wakely via Gcc-patches wrote: > > Tested x86_64-linux, pushed to trunk. Backports to follow. > > > > > > This adds a new internal flag to the filesystem::directory_iterator > > constructor that makes it fail if the path is a symlink that resolves to > > a directory. This prevents filesystem::remove_all from following a > > symlink to a directory, rather than deleting the symlink itself. > > > > We can also use that new flag in recursive_directory_iterator to ensure > > that we don't follow symlinks if the follow_directory_symlink option is > > not set. > > > > This also moves an error check in filesystem::remove_all after the while > > loop, so that errors from the directory_iterator constructor are > > reproted, instead of continuing to the filesystem::remove call below. > > > > libstdc++-v3/ChangeLog: > > > > PR libstdc++/104161 > > * acinclude.m4 (GLIBCXX_CHECK_FILESYSTEM_DEPS): Check for > > fdopendir. > > * config.h.in: Regenerate. > > * configure: Regenerate. > > * src/c++17/fs_dir.cc (_Dir): Add nofollow flag to constructor > > and pass it to base class constructor. > > (directory_iterator): Pass nofollow flag to _Dir constructor. > > (fs::recursive_directory_iterator::increment): Likewise. > > * src/c++17/fs_ops.cc (do_remove_all): Use nofollow option for > > directory_iterator constructor. Move error check outside loop. > > * src/filesystem/dir-common.h (_Dir_base): Add nofollow flag to > > constructor and when it's set use ::open with O_NOFOLLOW and > > O_DIRECTORY. > > * src/filesystem/dir.cc (_Dir): Add nofollow flag to constructor > > and pass it to base class constructor. > > (directory_iterator): Pass nofollow flag to _Dir constructor. > > (fs::recursive_directory_iterator::increment): Likewise. > > * src/filesystem/ops.cc (remove_all): Use nofollow option for > > directory_iterator constructor. Move error check outside loop. > > --- > > libstdc++-v3/acinclude.m4 | 12 ++++++ > > libstdc++-v3/config.h.in | 3 ++ > > libstdc++-v3/configure | 55 ++++++++++++++++++++++++ > > libstdc++-v3/src/c++17/fs_dir.cc | 13 ++++-- > > libstdc++-v3/src/c++17/fs_ops.cc | 12 +++--- > > libstdc++-v3/src/filesystem/dir-common.h | 48 ++++++++++++++++----- > > libstdc++-v3/src/filesystem/dir.cc | 13 ++++-- > > libstdc++-v3/src/filesystem/ops.cc | 6 +-- > > 8 files changed, 134 insertions(+), 28 deletions(-) > > > > diff --git a/libstdc++-v3/acinclude.m4 b/libstdc++-v3/acinclude.m4 > > index d996477254c..7b6b807114a 100644 > > --- a/libstdc++-v3/acinclude.m4 > > +++ b/libstdc++-v3/acinclude.m4 > > @@ -4735,6 +4735,18 @@ dnl > > if test $glibcxx_cv_truncate = yes; then > > AC_DEFINE(HAVE_TRUNCATE, 1, [Define if truncate is available in .]) > > fi > > +dnl > > + AC_CACHE_CHECK([for fdopendir], > > + glibcxx_cv_fdopendir, [dnl > > + GCC_TRY_COMPILE_OR_LINK( > > + [#include ], > > + [::fdopendir(1);], > > + [glibcxx_cv_fdopendir=yes], > > + [glibcxx_cv_fdopendir=no]) > > + ]) > > + if test $glibcxx_cv_truncate = yes; then > > This is a typo. Should check glibcxx_cv_fdopendir. Oops, thanks! Copy&pasto.