From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from server28.superhosting.bg (server28.superhosting.bg [217.174.156.11]) by sourceware.org (Postfix) with ESMTPS id C5FBC3857C50; Wed, 26 Jan 2022 22:07:23 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org C5FBC3857C50 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=dinux.eu Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=dinux.eu DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dinux.eu; s=default; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID: Subject:Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=ck9k+krGdVPud8FcGD13MlcWN6ctY5cSklxVaWdj5xo=; b=x8A3HMiWsgOpqlWLwRQX/dE1IU CizqTIeLzThdRoyavbHRKY0ch7uLDUCAwGlN0nbTbZhpoh+NGzu00KtVy6wrQi05Ci5y59Hci0yBR FUdMnoUAMbeAjUai/3aL3slDhiAhVhML0WW0kSR0jg3Bb424+L9vrvx9iao0ChVv8SUU1ScNx8oEy pG/R+Dkd0Fed73DZ5bWVyccypQL6F6CHwuh/BdJuK8kv7Wg10fg1FNOKBXgW/VtrsOmak7u4ww6mh S/O23ydPfh7EwtADA2+kUV19KJfa+AHwN/cdH0v2JyOYVaGqotTXeYzeBlatrLn26fjSEIcre5+Fy NerLoDXg==; Received: from [95.87.234.74] (port=49452 helo=localhost) by server28.superhosting.bg with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nCqRi-0002bb-Ix; Thu, 27 Jan 2022 00:07:21 +0200 Date: Thu, 27 Jan 2022 00:07:16 +0200 From: Dimitar Dimitrov To: Jonathan Wakely Cc: libstdc++@gcc.gnu.org, gcc-patches@gcc.gnu.org Subject: Re: [committed] libstdc++: Avoid symlink race in filesystem::remove_all [PR104161] Message-ID: References: <20220125210951.864358-1-jwakely@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220125210951.864358-1-jwakely@redhat.com> X-OutGoing-Spam-Status: No, score=-2.9 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - server28.superhosting.bg X-AntiAbuse: Original Domain - gcc.gnu.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - dinux.eu X-Get-Message-Sender-Via: server28.superhosting.bg: authenticated_id: dimitar@dinux.eu X-Authenticated-Sender: server28.superhosting.bg: dimitar@dinux.eu X-Source: X-Source-Args: X-Source-Dir: X-Spam-Status: No, score=-11.7 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_PASS, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libstdc++@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libstdc++ mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Jan 2022 22:07:25 -0000 On Tue, Jan 25, 2022 at 09:09:51PM +0000, Jonathan Wakely via Gcc-patches wrote: > Tested x86_64-linux, pushed to trunk. Backports to follow. > > > This adds a new internal flag to the filesystem::directory_iterator > constructor that makes it fail if the path is a symlink that resolves to > a directory. This prevents filesystem::remove_all from following a > symlink to a directory, rather than deleting the symlink itself. > > We can also use that new flag in recursive_directory_iterator to ensure > that we don't follow symlinks if the follow_directory_symlink option is > not set. > > This also moves an error check in filesystem::remove_all after the while > loop, so that errors from the directory_iterator constructor are > reproted, instead of continuing to the filesystem::remove call below. > > libstdc++-v3/ChangeLog: > > PR libstdc++/104161 > * acinclude.m4 (GLIBCXX_CHECK_FILESYSTEM_DEPS): Check for > fdopendir. > * config.h.in: Regenerate. > * configure: Regenerate. > * src/c++17/fs_dir.cc (_Dir): Add nofollow flag to constructor > and pass it to base class constructor. > (directory_iterator): Pass nofollow flag to _Dir constructor. > (fs::recursive_directory_iterator::increment): Likewise. > * src/c++17/fs_ops.cc (do_remove_all): Use nofollow option for > directory_iterator constructor. Move error check outside loop. > * src/filesystem/dir-common.h (_Dir_base): Add nofollow flag to > constructor and when it's set use ::open with O_NOFOLLOW and > O_DIRECTORY. > * src/filesystem/dir.cc (_Dir): Add nofollow flag to constructor > and pass it to base class constructor. > (directory_iterator): Pass nofollow flag to _Dir constructor. > (fs::recursive_directory_iterator::increment): Likewise. > * src/filesystem/ops.cc (remove_all): Use nofollow option for > directory_iterator constructor. Move error check outside loop. > --- > libstdc++-v3/acinclude.m4 | 12 ++++++ > libstdc++-v3/config.h.in | 3 ++ > libstdc++-v3/configure | 55 ++++++++++++++++++++++++ > libstdc++-v3/src/c++17/fs_dir.cc | 13 ++++-- > libstdc++-v3/src/c++17/fs_ops.cc | 12 +++--- > libstdc++-v3/src/filesystem/dir-common.h | 48 ++++++++++++++++----- > libstdc++-v3/src/filesystem/dir.cc | 13 ++++-- > libstdc++-v3/src/filesystem/ops.cc | 6 +-- > 8 files changed, 134 insertions(+), 28 deletions(-) > > diff --git a/libstdc++-v3/acinclude.m4 b/libstdc++-v3/acinclude.m4 > index d996477254c..7b6b807114a 100644 > --- a/libstdc++-v3/acinclude.m4 > +++ b/libstdc++-v3/acinclude.m4 > @@ -4735,6 +4735,18 @@ dnl > if test $glibcxx_cv_truncate = yes; then > AC_DEFINE(HAVE_TRUNCATE, 1, [Define if truncate is available in .]) > fi > +dnl > + AC_CACHE_CHECK([for fdopendir], > + glibcxx_cv_fdopendir, [dnl > + GCC_TRY_COMPILE_OR_LINK( > + [#include ], > + [::fdopendir(1);], > + [glibcxx_cv_fdopendir=yes], > + [glibcxx_cv_fdopendir=no]) > + ]) > + if test $glibcxx_cv_truncate = yes; then This is a typo. Should check glibcxx_cv_fdopendir. Regards, Dimitar