From: Michael Haggerty <mhagger@alum.mit.edu>
To: Thomas Rast <trast@inf.ethz.ch>
Cc: Junio C Hamano <gitster@pobox.com>, Jeff King <peff@peff.net>,
Johan Herland <johan@herland.net>,
git@vger.kernel.org
Subject: Re: [PATCH 4/4] resolve_ref_unsafe(): close race condition reading loose refs
Date: Fri, 14 Jun 2013 09:17:49 +0200 [thread overview]
Message-ID: <51BAC39D.5030201@alum.mit.edu> (raw)
In-Reply-To: <87d2rqs9ma.fsf@linux-k42r.v.cablecom.net>
On 06/13/2013 10:22 AM, Thomas Rast wrote:
> Michael Haggerty <mhagger@alum.mit.edu> writes:
>
>> One race is still possible and undetected: another process could
>> change the file from a regular file into a symlink between the call to
>> lstat and the call to open(). The open() call would silently follow
>> the symlink and not know that something is wrong. I don't see a way
>> to detect this situation without the use of the O_NOFOLLOW option,
>> which is not portable and is not used elsewhere in our code base.
>>
>> However, we don't use symlinks anymore, so this situation is unlikely.
>> And it doesn't appear that treating a symlink as a regular file would
>> have grave consequences; after all, this is exactly how the code
>> handles non-relative symlinks.
>
> You could fstat() the fd you got from open(), and verify that it is
> still the same inode/device. That's wasting one syscall per ref for
> pretty much everyone, but perhaps if we really cared about this (and I
> gather from the above that we don't), we could conditionally use
> O_NOFOLLOW if available, otherwise do that fstat().
Yes, that would work. For now I think I will not worry about it, but
I'll keep your trick in mind.
Thanks,
Michael
--
Michael Haggerty
mhagger@alum.mit.edu
http://softwareswirl.blogspot.com/
next prev parent reply other threads:[~2013-06-14 7:17 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-03 8:38 another packed-refs race Jeff King
2013-05-03 9:26 ` Johan Herland
2013-05-03 17:28 ` Jeff King
2013-05-03 18:26 ` Jeff King
2013-05-03 21:02 ` Johan Herland
2013-05-06 12:12 ` Michael Haggerty
2013-05-06 18:44 ` Jeff King
2013-05-03 21:21 ` Jeff King
2013-05-06 12:03 ` Michael Haggerty
2013-05-06 18:41 ` Jeff King
2013-05-06 22:18 ` Jeff King
2013-05-07 4:32 ` Michael Haggerty
2013-05-07 4:44 ` Jeff King
2013-05-07 8:03 ` Michael Haggerty
2013-05-07 2:36 ` [PATCH 0/4] fix packed-refs races Jeff King
2013-05-07 2:38 ` [PATCH 1/4] resolve_ref: close race condition for packed refs Jeff King
2013-05-12 22:56 ` Michael Haggerty
2013-05-16 3:47 ` Jeff King
2013-05-16 5:50 ` Michael Haggerty
2013-05-12 23:26 ` Michael Haggerty
2013-06-11 14:26 ` [PATCH 0/4] Fix a race condition when reading loose refs Michael Haggerty
2013-06-11 14:26 ` [PATCH 1/4] resolve_ref_unsafe(): extract function handle_missing_loose_ref() Michael Haggerty
2013-06-11 14:26 ` [PATCH 2/4] resolve_ref_unsafe(): handle the case of an SHA-1 within loop Michael Haggerty
2013-06-11 14:26 ` [PATCH 3/4] resolve_ref_unsafe(): nest reference-reading code in an infinite loop Michael Haggerty
2013-06-11 14:26 ` [PATCH 4/4] resolve_ref_unsafe(): close race condition reading loose refs Michael Haggerty
2013-06-12 8:04 ` Jeff King
2013-06-13 8:22 ` Thomas Rast
2013-06-14 7:17 ` Michael Haggerty [this message]
2013-06-11 20:57 ` [PATCH 0/4] Fix a race condition when " Junio C Hamano
2013-05-07 2:39 ` [PATCH 2/4] add a stat_validity struct Jeff King
2013-05-13 2:29 ` Michael Haggerty
2013-05-13 3:00 ` [RFC 0/2] Separate stat_data from cache_entry Michael Haggerty
2013-05-13 3:00 ` [RFC 1/2] Extract a struct " Michael Haggerty
2013-05-13 3:00 ` [RFC 2/2] add a stat_validity struct Michael Haggerty
2013-05-13 5:10 ` [RFC 0/2] Separate stat_data from cache_entry Junio C Hamano
2013-05-16 3:51 ` [PATCH 2/4] add a stat_validity struct Jeff King
2013-05-07 2:43 ` [PATCH 3/4] get_packed_refs: reload packed-refs file when it changes Jeff King
2013-05-07 2:54 ` [PATCH 0/2] peel_ref cleanups changes Jeff King
2013-05-07 2:56 ` [PATCH 1/2] peel_ref: rename "sha1" argument to "peeled" Jeff King
2013-05-07 3:06 ` [PATCH 2/2] peel_ref: refactor for safety with simultaneous update Jeff King
2013-05-09 19:18 ` [PATCH 3/4] get_packed_refs: reload packed-refs file when it changes Eric Sunshine
2013-05-13 2:43 ` Michael Haggerty
2013-05-07 2:51 ` [PATCH 4/4] for_each_ref: load all loose refs before packed refs Jeff King
2013-05-07 6:40 ` [PATCH 0/4] fix packed-refs races Junio C Hamano
2013-05-07 14:19 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51BAC39D.5030201@alum.mit.edu \
--to=mhagger@alum.mit.edu \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=johan@herland.net \
--cc=peff@peff.net \
--cc=trast@inf.ethz.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.