Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix TOCTOU in create_dirs_impl #73

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fix TOCTOU in create_dirs_impl #73

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 21 additions & 15 deletions include/spdlog_setup/details/conf_impl.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -231,24 +231,32 @@ inline auto get_parent_path(const std::string &file_path) -> std::string {
return file_path.substr(0, last_slash_index);
}

inline bool native_create_dir(const std::string &dir_path) noexcept {
inline auto dir_exists(const std::string &file_path) noexcept -> bool {
#ifdef _WIN32
// non-zero for success in Windows
return CreateDirectoryA(dir_path.c_str(), nullptr) != 0;
const DWORD attributes = GetFileAttributesA(file_path.c_str());
return attributes != INVALID_FILE_ATTRIBUTES &&
(attributes & FILE_ATTRIBUTE_DIRECTORY) != 0;
#else
// zero for success for GNU
return mkdir(dir_path.c_str(), 0775) == 0;
struct stat statbuf;
return stat(file_path.c_str(), &statbuf) != 0 && S_ISDIR(statbuf.st_mode);
#endif
}

inline auto file_exists(const std::string &file_path) noexcept -> bool {
static constexpr auto FILE_NOT_FOUND = -1;
inline bool native_create_dir(const std::string &dir_path) noexcept {
bool success;

#ifdef _WIN32
return _access(file_path.c_str(), F_OK) != FILE_NOT_FOUND;
// non-zero for success in Windows
success = CreateDirectoryA(dir_path.c_str(), nullptr) != 0 ||
GetLastError() == ERROR_ALREADY_EXISTS;
#else
return access(file_path.c_str(), F_OK) != FILE_NOT_FOUND;
// zero for success for GNU
success = mkdir(dir_path.c_str(), 0775) == 0 || errno == EEXIST;
#endif

// not relying on EEXIST, since the operating system could give priority
// to other errors like EACCES or EROFS (see CPython os.makedirs())
return success || dir_exists(dir_path);
}

inline void create_dirs_impl(const std::string &dir_path) {
Expand All @@ -266,13 +274,11 @@ inline void create_dirs_impl(const std::string &dir_path) {
}
#endif

if (!file_exists(dir_path)) {
create_dirs_impl(get_parent_path(dir_path));
create_dirs_impl(get_parent_path(dir_path));

if (!native_create_dir(dir_path)) {
throw setup_error(
format("Unable to create directory at '{}'", dir_path));
}
if (!native_create_dir(dir_path)) {
throw setup_error(
format("Unable to create directory at '{}'", dir_path));
}
}

Expand Down