Commits on Source (10)
-
Philip Withnall authored
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
78420a75 -
Philip Withnall authored
Since a following commit is going to add a new test which references Gitlab, so it’s best to move the URI bases inside the test cases. Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
32d3d02a -
Philip Withnall authored
This clarifies the code a little. It introduces no functional changes. Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
ce0eb088 -
Philip Withnall authored
The `G_FILE_CREATE_REPLACE_DESTINATION` flag is equivalent to unlinking the destination file and re-creating it from scratch. That did previously work, but in the process the code would call `open(O_CREAT)` on the file. If the file was a dangling symlink, this would create the destination file (empty). That’s not an intended side-effect, and has security implications if the symlink is controlled by a lower-privileged process. Fix that by not opening the destination file if it’s a symlink, and adjusting the rest of the code to cope with - the fact that `fd == -1` is not an error iff `is_symlink` is true, - and that `original_stat` will contain the `lstat()` results for the symlink now, rather than the `stat()` results for its target (again, iff `is_symlink` is true). This means that the target of the dangling symlink is no longer created, which was the bug. The symlink itself continues to be replaced (as before) with the new file — this is the intended behaviour of `g_file_replace()`. The behaviour for non-symlink cases, or cases where the symlink was not dangling, should be unchanged. Includes a unit test. Signed-off-by: Philip Withnall <pwithnall@endlessos.org> Fixes: #2325
317b3b58 -
Philip Withnall authored
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
6c643926 -
Philip Withnall authored
Backport !2325 “file-roller symlink attack” to glib-2-66 See merge request GNOME/glib!1982
01c5468e -
Using FILE_GENERIC_READ | FILE_GENERIC_WRITE access rights for directory monitoring might cause problems, as noted in https://gitlab.gnome.org/GNOME/gimp/-/issues/4594. ReadDirectoryChanges only needs FILE_LIST_DIRECTORY, so use that. Fixes: https://gitlab.gnome.org/GNOME/gimp/-/issues/4594
9205e420 -
Sebastian Dröge authored
Backport !1976 “Use the right permissions for directory watching on Win32” to glib-2-66 See merge request GNOME/glib!1990
b954bc1c -
Philip Withnall authored
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
dde05fd4 -
Simon McVittie authored0f0cd9fa