Merge pull request #1645 from twhitehead/stat-race

Fix (highly unlikely) race condition in readLink
This commit is contained in:
Eelco Dolstra 2017-11-20 17:32:27 +01:00 committed by GitHub
commit 72804dc0bd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -216,18 +216,17 @@ bool pathExists(const Path & path)
Path readLink(const Path & path) Path readLink(const Path & path)
{ {
checkInterrupt(); checkInterrupt();
struct stat st = lstat(path); for (ssize_t bufSize = PATH_MAX/4; true; bufSize += bufSize/2) {
if (!S_ISLNK(st.st_mode))
throw Error(format("'%1%' is not a symlink") % path);
auto bufSize = std::max(st.st_size, (off_t) PATH_MAX + 1);
char buf[bufSize]; char buf[bufSize];
ssize_t rlsize = readlink(path.c_str(), buf, bufSize); ssize_t rlSize = readlink(path.c_str(), buf, bufSize);
if (rlsize == -1) if (rlSize == -1)
if (errno == EINVAL)
throw Error(format("'%1%' is not a symlink") % path);
else
throw SysError(format("reading symbolic link '%1%'") % path); throw SysError(format("reading symbolic link '%1%'") % path);
else if (rlsize > bufSize) else if (rlSize < bufSize)
throw Error(format("symbolic link '%1%' size overflow %2% > %3%") return string(buf, rlSize);
% path % rlsize % bufSize); }
return string(buf, rlsize);
} }