In perl.git, the branch tonyc/127663-safe-inplace has been created


- Log -----------------------------------------------------------------
commit 91c58aea1776ee04abb0c96f16e61ff77b7442ff
Author: Tony Cook <tony@develop-help.com>
Date: Mon May 23 15:59:44 2016 +1000

     (perl #127663) test that setuid is preserved with nested in-place editing

     This test fails previously.

M t/io/nargv.t

commit 80129f6f53cf01f60d557dca1f43ef2e6701d803
Author: Tony Cook <tony@develop-help.com>
Date: Tue May 24 09:06:18 2016 +1000

     (perl #127663) add more in-place edit tests

M t/run/switches.t

commit 0dfb6dca4a8bb66b2f21ea3214adf3c6cc8eb144
Author: Tony Cook <tony@develop-help.com>
Date: Thu May 19 15:22:32 2016 +1000

     (perl #127663) all platforms no longer need a backup file

     Since we do the work without touching the original file.

M perl.c

commit 1d3c31426ffcbabbb9c63bb76a0c407e44161b16
Author: Tony Cook <tony@develop-help.com>
Date: Wed May 18 16:02:52 2016 +1000

     make sure the Perl_my_mkstemp() name is always available

M doio.c
M util.h

commit 3d077cd8b51d41895d9271c194f989089edead62
Author: Tony Cook <tony@develop-help.com>
Date: Wed May 18 15:17:42 2016 +1000

     use internal drand48() to innoculate against quadratic behaviour in pp_sort

M pp_sort.c

commit 5f2aae1795482448032857e8a924ae9426f4ba8f
Author: Tony Cook <tony@develop-help.com>
Date: Wed May 18 15:08:50 2016 +1000

     use the "internal" random source to initialize hash randomization

M util.c

commit a5f901133d731da1eeea502ef233154b1ec3ff5d
Author: Tony Cook <tony@develop-help.com>
Date: Thu May 12 16:58:05 2016 +1000

     (perl #127663) add our own mkstemp() implementation

     this needs a couple of adjustments:

     - needs a wrapper that calls either the system mkstemp() with a fallback
     to Perl_my_mkstemp().

     Not based on any particular implementation, the BSD implementations
     tend to be wrappers around a megafunction that also does a few variations
     of mkstemp() and mkdtemp(), which we don't need (yet.)

     One implementation I found, part of the heimdal crypto library, was
     simpler, but horrible.

M doio.c
M embed.fnc
M proto.h
M util.c

commit 76a8c7f2719a6f05b5fb5201a71b2c8ad4ee2213
Author: Tony Cook <tony@develop-help.com>
Date: Wed May 18 15:03:14 2016 +1000

     (perl #127663) create a separate random souce for internal use

M embedvar.h
M intrpvar.h
M perl.c
M util.h

commit 73c416a978f448986b54333b5ad86ed163c39c22
Author: Tony Cook <tony@develop-help.com>
Date: Thu May 12 14:46:18 2016 +1000

     (perl #127663) ensure abandoned work files are cleaned up

     If the user code that's processing in-place edit files exits or dies,
     previously this would leave the in-place edit work file in place.

     This patch deletes the temp file, abandoning the edit, which is a change
     from the old in-place editing, so maybe this should do the normal
     success processing currently done in do_close().

M doio.c

commit efb751386cb76a56c377fbe0ddc99b1ad8dd1ed8
Author: Tony Cook <tony@develop-help.com>
Date: Thu May 12 11:31:19 2016 +1000

     (perl #127663) don't test renaming directories if rename() isn't available.

     Perl uses link() to implement rename() if the rename system call
     isn't available, but using link() on directories varies between
     unavailable and dangerous.

     Since we haven't had any reports that of this test failing, it may
     mean we don't need to fallback to link().

M t/io/fs.t

commit 321058182720931daa24b85cb8f318eb631d1903
Author: Tony Cook <tony@develop-help.com>
Date: Thu May 12 11:29:37 2016 +1000

     (perl #127663) use link when rename() isn't available

     I suspect this is unnecessary, since unrelated tests failed without
     rename(), but it's not a huge change.

     Also, if rename() is available, attempt use link() to create the backup
     so there's always some version of the original file. Falls back to
     rename() if the link() fails, since the filesystem might not support

M doio.c

commit 10e120f7349d63749841ec22a1d9f6bfff8574d7
Author: Tony Cook <tony@develop-help.com>
Date: Mon May 9 14:59:56 2016 +1000

     (perl #127663) WIP, safer in-place editing

     Previously in-place editing opened the file then immediately
     *replaced* the file, so if an error occurs while writing the output,
     such as running out of space, the content of the original file is lost.

     This changes in-place editing to write to a work file which is renamed
     over the original only once the output file is successfully closed.

     It also fixes an issue with setting setuid/setgid file modes for
     recursive in-place editing.

     The implementation (beyond some TODO issues below) has at least one
     problem - if the user code changes directory between the file open and
     the close then the final clean-up stage is going to fail if the input
     name wasn't an absolute path.

     This might be fixable, but on some systems it may put the perl process
     in a difficult to recover from position - if the system doesn't
     implement getcwd() perl may change directory out of the original and not
     have a way to return to it.

     Now the TODO issues:

     - the code uses mkstemp() - solvable by adapting a BSD implementation if
     the system doesn't provide it.

     - the code uses rename() - I need to re-work the code to use link() /
     UNLINK() where rename() isn't available

     - perl -i.back -pe 'exit' foo # leaves an orphan work file, this might
     be messy to fix (the fix would be trashing the work file, not moving it
     over the original).

     - where rename() and link() are available it might be desirable to link
     the backup file to the original file then rename the temp over the
     original so there's no point where the original doesn't exist. This
     would need to fallback to rename/rename just in case the system supports
     link but the current filesystem doesn't.

     - tests - existing tests caught one problem, but it needs more.

M doio.c
M embed.fnc
M embed.h
M mg.c
M pod/perldiag.pod
M proto.h

Perl5 Master Repository

Search Discussions

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupperl5-changes @
postedMay 24, '16 at 12:59a
activeMay 24, '16 at 12:59a

1 user in discussion

Tony Cook: 1 post



site design / logo © 2019 Grokbase