-
Notifications
You must be signed in to change notification settings - Fork 18.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Safely create temporary files and directories #3378
Safely create temporary files and directories #3378
Conversation
Thanks @eelstork ! This looks good |
Adding a commit targeting safe creation of temporary files. In this case the approach used to create temporary directories cannot be reused:
The proposed solution consists in (safely) creating a temporary directory. This temporary directory is then used as a container for all temporary files. Optionally, this approach may be extended to the creation of temporary directories (meaning: safely create a temp directory, then use it as a container for all temp files and directories). |
@ronghanghu this needs a little more work on my end, not compiling in VS. |
@eelstork Thank you and don't worry. I'll take a look when it's ready :) |
@ronghanghu ready for review. |
@eelstork Thanks! I'll try to take a look tomorrow |
*temp_filename = boost::filesystem::unique_path(model).string(); | ||
} | ||
static path temp_files_subpath; | ||
static uint64_t next_temp_file = 0; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Better to move this two static variables into function MakeTempFilename
(while keeping them static) so that they are only accessible in that function.
@eelstork This should be ready. Let's fix the minor issue mentioned above and I'll merge. |
Updated; looks good to me.
|
Safely create temporary files and directories
Thanks @eelstork ! |
With reference to #3324 I propose a modified implementation of
MakeTempDir
.@futurely and @netheril96 suggested that the designated issue may be caused by a race condition.
Upon closer inspection, I find that:
unique_path
is specified to return a randomly generated path, which may or may not be unique. Boost implementations typically system level entropy sources to generate the path.mkdtemp
implementations rely onmkdir
to generate temporary directories. Race conditions are avoided by checking the return value ofmkdir
instead of checking whether a generated path already exists.mkdtemp
implementations may use 5 or 6 bits of randomness.With this in mind the proposed solution is similar to how Python implements
mkdtemp
(tempfile.py, line 322).