{{ message }}
fix ish-app/ish#2349 stop EACCES truncate with open#2352
Open
kuflierl wants to merge 2 commits into
Open
Conversation
…ead of a fstat after opening the file
Member
Author
|
That's indeed worrying, I will look into it when I have time |
add potential vuln note
Author
This time it should work @tbodt I ran the tests. I had to engage the inode lock before the stat Sorry for the delay tho |
Iv3-0
approved these changes
Apr 8, 2024
Author
|
We may need to increase the timeout delay to reduce false positives |
Author
|
Actually there might be a better way that doesn't cripple the speed. but it might include a slight rework of the fd closing function. @tbodt Would you prefer that? |
Member
|
What happened with the speed? If more things need to be refactored, more things need to be refactored :D This isn't a bad thing in itself. |
Author
Jk2987
approved these changes
Oct 23, 2024
brahunt23
approved these changes
Jan 2, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.

Relocate the permission check for the
generic_openatfunction to before opening the back-end.This mitigates the case where open is called on the file back-end even if the user is not allowed to.
Opening the back-end prematurely can cause truncation of the file in question by the error handler.
This seemed like an easy issue to fix so i tried fixing it.
This is my first PR in this Repository, If i made any mistakes let me know!