Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: TOCTOU race when creating directories #34

Merged
merged 1 commit into from
Nov 6, 2019
Merged

fix: TOCTOU race when creating directories #34

merged 1 commit into from
Nov 6, 2019

Commits on Nov 6, 2019

  1. fix: TOCTOU race when creating directories 

    When create_directories() is called to create a chain of directories,
path components are created one by one. For each path component, ghc
checks if the directory exists. If not it attempts to create it. In
case of failure to create this directory, the function fails.

This behavior exhibits a TOCTOU (Time Of Check/Time Of Use) race when
different threads of execution (e.g. different processes) attempt to
create the same paths (or paths that contain a common hierarchy).
The following sequence of events between threads T1 and T2 illustrates
the issue:

  T1: checks path P exists: no. Will attempt to create P...
  T2: checks path P exists: no. Will attempt to create P...
  T1: creates P, no error
  T2: fails to create P: raises an error

It is not desirable for create_directories() to fail in this case. This
commit mirrors the GNU libstdc++ implementation of the c++ filesystem
library: if the creation of a directory fails, we will inspect the path
that should have been created as a directory. If it is indeed a
directory (another thread of execution created it for us), the error is
now reset and the function continues to iterate to the next path
component.
    @jeanguyomarch
    jeanguyomarch committed Nov 6, 2019
    Configuration menu
    Copy the full SHA
    b5df8c5 View commit details
    Browse the repository at this point in the history