--- Begin Message ---
Subject: |
Racy code in copy.c |
Date: |
Tue, 27 Mar 2012 14:58:18 +0200 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
I'd like to pass on observations from my collegue Neil Brown:
in src/copy.c, copy_reg() is passed "bool *new_dst".
This is 'false' if the file already exists, in which case it attempts to
open the file with O_WRONLY | O_TRUNC | O_BINARY.
If it is 'true', only then does it use O_CREAT (and others).
Somewhere up the call chain - I'm not sure where - new_dst is set if 'stat'
on the file succeeds. The above mentioned code assumes that the file still
exists. This is racy - particularly for NFS where deletions from other
clients can take a while to appear.
Philipp
--- End Message ---
--- Begin Message ---
Subject: |
Re: bug#11100: Racy code in copy.c |
Date: |
Mon, 07 May 2012 13:41:57 +0200 |
Philipp Thomas wrote:
> * Jim Meyering (address@hidden) [20120504 17:30]:
>
>> If there's a bugzilla reference for this, let me know
>> and I'll add it to the commit log.
>
> There is, but as it's a SLES bug it's only open for SUSE employees and
> customers and thus useless for a coreutils commit log. I'll instead
> reference the commit from said bug report.
Ok. I've pushed that change.
--- End Message ---