From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 22702 invoked from network); 10 Oct 2020 11:50:55 -0000 Received: from zero.zsh.org (2a02:898:31:0:48:4558:7a:7368) by inbox.vuxu.org with ESMTPUTF8; 10 Oct 2020 11:50:55 -0000 ARC-Seal: i=1; cv=none; a=rsa-sha256; d=zsh.org; s=rsa-20200801; t=1602330655; b=gZ8YW5KAVzZs9Yd0u/030PhTUgZ+uaOfRDAiZQgAPtg8As7qOSuyzjSlFKFJ5Jco3U1sdhqiwv VrqyJjh6nt8ne4MAbGZ4q3RxYjUje0szCiv27z3/nTVNBXo2dJYM3rvIGfGf2K9fi6dBy5h6LC ldOiCce+3rJcFm0BA5947eyymgTE2XwmWFIW1xSVN2q5hDMuWeH8KkXpJocwrxNI5s/wcdWzj4 epO0fB2XFyE1SX0lpuM+wPp9ecwYjsGrjqePk2QRstdP0zAkA8izXPvw4mURH1fK2dv+J1r+Y9 bCEXwt47VipqIfKi0UZ5t0IY91lVJ0OdpMs9wAPJJp22Hg==; ARC-Authentication-Results: i=1; zsh.org; iprev=pass (mail-il1-f195.google.com) smtp.remote-ip=209.85.166.195; dkim=pass header.d=gmail.com header.s=20161025 header.a=rsa-sha256; dmarc=pass header.from=gmail.com; arc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed; d=zsh.org; s=rsa-20200801; t=1602330655; bh=R+mGPntLfgaFas0VjYY0pTMB1pnF/HveCzuexC0iX0w=; h=List-Archive:List-Owner:List-Post:List-Unsubscribe:List-Subscribe:List-Help: List-Id:Sender:Content-Type:Cc:To:Subject:Message-ID:Date:From:In-Reply-To: References:MIME-Version:DKIM-Signature:DKIM-Signature; b=Omj3s4vNmiynxuqygJC2fSrbQnzSQs67/ktt+kivhwSE1bM2H6Bf4Z6ue7hUaDp6Ii03D/s1Xk ugjVW6ye+ONR/kS4Apj1erfnhHBOAQAHKOO5FQEd8lGrFz7ADbRPvwcVAfhekefL4I/kC3Om9d FCHyHdoYqXe8NTMJMxNDb2v3rbD3XcMj73pa2NKRGYDKPxIBOjJl0PP+RLbOvxw/jOy+AZsK2Y QTKBVfaB01gXC6vmgGYb5w1OGUjiqBMuB+kVL1YU49Ji+W9zMEq4i1uEtABlWBBm2z3ncxPxKz y2ErwrqNVrQJUjrlfmDr63MHR8AIeTwNVAYB+lBeJwRMxA==; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=zsh.org; s=rsa-20200801; h=List-Archive:List-Owner:List-Post:List-Unsubscribe: List-Subscribe:List-Help:List-Id:Sender:Content-Type:Cc:To:Subject:Message-ID :Date:From:In-Reply-To:References:MIME-Version:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID; bh=6/9G7gtMHNSp7iqE/VPmeZLvCNMX7RkfVadY0KqHCY8=; b=IMtTbTD8wZ/WLNoaccgCANSZob S6vp+OLBuuev6hxKM+qspsja9pa3KbUXPir3/5sdEUvTApDlb17JFFkb+fEGrIeIoM/6xt6LSVY1x tEm04Te6Un74gkR5rOHE9cy4qiA1r6/mOZB1XHgVpNHX0oWn9kw+aBLjQoZ+Oi8hFt13X4Pm8O8hM 6pOO1hPubRnfhQ71QWStETgRDeI+HIMxXDEUh4r6jAEPeN7KWApY1TZ3qbGErckPfBwK00ndQvyy/ +ytg3yoFulD9h76zLLqGABH6Cl5rMUDw3h/hTpLJLm/BBYt60DreGbF9+np5kZcAtiVAaro9F1rHj t1WUGMgA==; Received: from authenticated user by zero.zsh.org with local id 1kRDOj-000Gtj-LO; Sat, 10 Oct 2020 11:50:49 +0000 Authentication-Results: zsh.org; iprev=pass (mail-il1-f195.google.com) smtp.remote-ip=209.85.166.195; dkim=pass header.d=gmail.com header.s=20161025 header.a=rsa-sha256; dmarc=pass header.from=gmail.com; arc=none Received: from mail-il1-f195.google.com ([209.85.166.195]:37331) by zero.zsh.org with esmtps (TLS1.3:TLS_AES_128_GCM_SHA256:128) id 1kRDOS-000GkN-ID; Sat, 10 Oct 2020 11:50:33 +0000 Received: by mail-il1-f195.google.com with SMTP id j13so7772019ilc.4 for ; Sat, 10 Oct 2020 04:50:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=6/9G7gtMHNSp7iqE/VPmeZLvCNMX7RkfVadY0KqHCY8=; b=Ej4BWvsKracbP/2/m2mqsDgNkFdT4boaw+BJo25xL155y6HdF4acugUOpI/7z9t+dV K8SmbHawGH4rtll6ps7rlUYeIOo1lTUgP3rcQnmdLMLZBRGZx23ZFoKme5ErBMb/YYV3 /uwkdKKE9FX6baOPc6bwoSunwoW/sV92MkrBOPy5RHqsz8o+4YBOUJMIcSAVXMTLD9OP UVGljxb/1iDJHVTeIxWRydCF/YE7w///ziiQmgYRrpq9cNmlO3GyEMjvkIguGXwWB1NW n+djIsuziRdb2g6Al0RHYZqR6RIfscqVoxrNeWUvCloi/JwR2rxL1EY1LPIycErVijAW 7xIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=6/9G7gtMHNSp7iqE/VPmeZLvCNMX7RkfVadY0KqHCY8=; b=XsFQtmVzyBORIoHGd9VM67Kl4I13l9Ir4rujqI4BhAoddPEvcBLmSWOxxYpeOXPKSO 8t6jiK3JGukFpkDkiRlKHuU38xSp3KehV0ex9jIdFFiyEEhKR9FHy7qWSOFVvj8kBd9A dJ+CKecOAzzK616JELpZ9A9FhTy4mxJjpR8fiVBzWmFwQp3SJSf0Tus1pVUFW1xj1cjm eP0CJPKR7Ciok0rZWdsyiu+joVW1EtW/i6exvDb0ZcNQuGeyIVEYThvJlRCk1v+S1GAn EjcLCBmD+qDCuDiXe44N7Ya1rbMBN3rpG/nJtkrgcHN+a5rnAucuXVgj5daoMmTsMjEO ZJbw== X-Gm-Message-State: AOAM530zl95LNFGjC6zFuf+m0GXBZZRe6FiSTouGfqrbJJNMtMDp72sH Qu7Y3odh5ypxmR7FmcnF6tlztmovnL8dJT1OdMb5ccIHnIY= X-Google-Smtp-Source: ABdhPJwaTtKBema7nIF23aa8M9EFI6KlB9SHDILwKwkUENUmPozA33vTXa2lc2WxcRNe354raBWfei/RSh4AeVg1CXs= X-Received: by 2002:a92:41c4:: with SMTP id o187mr13220403ila.304.1602330631204; Sat, 10 Oct 2020 04:50:31 -0700 (PDT) MIME-Version: 1.0 References: <20201009200737.GA78914@CptOrmolo.darkstar> <20201009205357.GA6449@CptOrmolo.darkstar> In-Reply-To: From: Roman Perepelitsa Date: Sat, 10 Oct 2020 13:50:20 +0200 Message-ID: Subject: Re: [patch] Avoid race in zf_mkdir To: Bart Schaefer Cc: Zsh hackers list Content-Type: multipart/mixed; boundary="00000000000016093d05b14fac26" X-Seq: 47444 Archived-At: X-Loop: zsh-workers@zsh.org Errors-To: zsh-workers-owner@zsh.org Precedence: list Precedence: bulk Sender: zsh-workers-request@zsh.org X-no-archive: yes List-Id: List-Help: List-Subscribe: List-Unsubscribe: List-Post: List-Owner: List-Archive: Archived-At: --00000000000016093d05b14fac26 Content-Type: text/plain; charset="UTF-8" On Fri, Oct 9, 2020 at 11:27 PM Bart Schaefer wrote: > > The document linked by Matthew asserts that "mkdir -m mode" should behave "as if" chmod() is called after creating the directory. This applies only when mkdir creates a directory but not when the directory already existed prior to the call. Here's the relevant part: Each dir operand that names an existing directory shall be ignored without error. On Fri, Oct 9, 2020 at 11:40 PM Matthew Martin wrote: > > For a sufficiently well timed attacker, the target could be created and > deleted so that this loop never exits. Even if pathological, I don't > think it should be possible for mkdir to loop forever. Perhaps try N times instead of forever? The patch you've posted uses N = 1 (which is already better than the existing code) but it can be any other number. Roman. --00000000000016093d05b14fac26 Content-Type: text/plain; charset="US-ASCII"; name="mkdir-patch-v2.txt" Content-Disposition: attachment; filename="mkdir-patch-v2.txt" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_kg3ma1nn0 ZGlmZiAtLWdpdCBhL1NyYy9Nb2R1bGVzL2ZpbGVzLmMgYi9TcmMvTW9kdWxlcy9maWxlcy5jCmlu ZGV4IDZkMjBlMzhhOC4uNWE1OGFkNjAwIDEwMDY0NAotLS0gYS9TcmMvTW9kdWxlcy9maWxlcy5j CisrKyBiL1NyYy9Nb2R1bGVzL2ZpbGVzLmMKQEAgLTEyMiwxOSArMTIyLDI5IEBAIGRvbWtkaXIo Y2hhciAqbmFtLCBjaGFyICpwYXRoLCBtb2RlX3QgbW9kZSwgaW50IHApCiB7CiAgICAgaW50IGVy cjsKICAgICBtb2RlX3Qgb3VtYXNrOworICAgIHN0cnVjdCBzdGF0IHN0OworICAgIGludCBuID0g ODsKICAgICBjaGFyIGNvbnN0ICpycGF0aCA9IHVubWV0YShwYXRoKTsKIAotICAgIGlmKHApIHsK LQlzdHJ1Y3Qgc3RhdCBzdDsKLQotCWlmKCFzdGF0KHJwYXRoLCAmc3QpICYmIFNfSVNESVIoc3Qu c3RfbW9kZSkpCisgICAgd2hpbGUobi0tKSB7CisJb3VtYXNrID0gdW1hc2soMCk7CisJZXJyID0g bWtkaXIocnBhdGgsIG1vZGUpID8gZXJybm8gOiAwOworCXVtYXNrKG91bWFzayk7CisJaWYgKCFl cnIpCisJICAgIHJldHVybiAwOworCWlmKCFwIHx8IGVyciAhPSBFRVhJU1QpCisJICAgIGJyZWFr OworCWlmKCFzdGF0KHJwYXRoLCAmc3QpKSB7CisJICAgIGlmKGVycm5vID09IEVOT0VOVCkKKwkJ Y29udGludWU7CisJICAgIGVyciA9IGVycm5vOworCSAgICBicmVhazsKKwl9CisJaWYoU19JU0RJ UihzdC5zdF9tb2RlKSkKIAkgICAgcmV0dXJuIDA7CisJYnJlYWs7CiAgICAgfQotICAgIG91bWFz ayA9IHVtYXNrKDApOwotICAgIGVyciA9IG1rZGlyKHJwYXRoLCBtb2RlKSA/IGVycm5vIDogMDsK LSAgICB1bWFzayhvdW1hc2spOwotICAgIGlmKCFlcnIpCi0JcmV0dXJuIDA7CisKICAgICB6d2Fy bm5hbShuYW0sICJjYW5ub3QgbWFrZSBkaXJlY3RvcnkgYCVzJzogJWUiLCBwYXRoLCBlcnIpOwog ICAgIHJldHVybiAxOwogfQo= --00000000000016093d05b14fac26--