Git Mailing List Archive on lore.kernel.org
 help / color / Atom feed
From: Junio C Hamano <gitster@pobox.com>
To: Emily Shaffer <emilyshaffer@google.com>
Cc: git@vger.kernel.org
Subject: Re: [PATCH v8 03/15] bugreport: add tool to generate debugging info
Date: Thu, 20 Feb 2020 11:33:26 -0800
Message-ID: <xmqq8skxawah.fsf@gitster-ct.c.googlers.com> (raw)
In-Reply-To: <20200220015858.181086-4-emilyshaffer@google.com> (Emily Shaffer's message of "Wed, 19 Feb 2020 17:58:46 -0800")

Emily Shaffer <emilyshaffer@google.com> writes:

> +	argc = parse_options(argc, argv, "", bugreport_options,
> +			     bugreport_usage, 0);

Which one between an empty string and NULL is more appropriate to be
passed as "prefix" here?  I assume that this is *not* really a git
program, and no repository/working-tree discovery is involved, and
you won't be using OPT_FILENAME, so it would probably be OK.

> +
> +	if (option_output) {
> +		strbuf_addstr(&report_path, option_output);
> +		strbuf_complete(&report_path, '/');
> +	}
> +
> +
> +	strbuf_addstr(&report_path, "git-bugreport-");
> +	strbuf_addftime(&report_path, option_suffix, localtime(&now), 0, 0);
> +	strbuf_addstr(&report_path, ".txt");
> +
> +	if (!stat(report_path.buf, &statbuf))
> +		die("'%s' already exists", report_path.buf);

Missed i18n/l10n, but I do not think it is a useful thing for this
check to be here in the first place.

> +	switch (safe_create_leading_directories(report_path.buf)) {
> +	case SCLD_OK:
> +	case SCLD_EXISTS:
> +		break;
> +	default:
> +		die(_("could not create leading directories for '%s'"),
> +		    report_path.buf);
> +	}
> +
> +	get_bug_template(&buffer);
> +
> +	report = fopen_for_writing(report_path.buf);

fopen_for_writing() does not give good semantics for what you seem
to want to do here (i.e. to make sure you do not overwrite an
existing one).  It even has "if we cannot open it, retry after
unlinking" logic in it, which screams "this function is designed for
those who want to overwrite the file", and if you look at its
callers, they are _all_ about opening a file for writing with a well
known name like FETCH_HEAD, COMMIT_EDITMSG, etc.

Besides, a stat() that dies when a file exists would not
help---since that check, you've spent non-zero time, creating
leading directories and preparing boilerplate in the buffer,
and there is no guarantee somebody else used the same filename
in the meantime.

If you want to avoid overwriting an existing file (which I think is
a good idea---I just do not think the earlier "if (!stat()) die()"
is a good way to do so), the only sensible way to do so is to ask
your open/creat to fail if there already is a file---that is how
you'd avoid racing with another process that may be creating such a
file.  Grep for O_EXCL to find where the flag is used with O_CREAT
to see how it is done.

> +	if (report == NULL) {

Style. "if (!report)"

> +		strbuf_release(&report_path);
> +		die("couldn't open '%s' for writing", report_path.buf);

Do we see a use-after-free here?  Also missed i18n/l10n.

It is embarrassing on the reviewers' side that this (which is not
new in this round at all and hasn't changed since v6) hasn't been
caught for a few rounds X-<.

Thanks.

  reply index

Thread overview: 273+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-12-13  0:42 [PATCH v4 00/15] add git-bugreport tool Emily Shaffer
2019-12-13  0:42 ` [PATCH v4 01/15] bugreport: add tool to generate debugging info Emily Shaffer
2019-12-13  0:42 ` [PATCH v4 02/15] help: move list_config_help to builtin/help Emily Shaffer
2019-12-13 20:51   ` Junio C Hamano
2019-12-16 21:36     ` Emily Shaffer
2019-12-16 22:19       ` Junio C Hamano
2019-12-16 22:34         ` Emily Shaffer
2019-12-13  0:43 ` [PATCH v4 03/15] bugreport: gather git version and build info Emily Shaffer
2019-12-13 21:06   ` Junio C Hamano
2019-12-20  1:46     ` Emily Shaffer
2019-12-17 18:45   ` Johannes Schindelin
2019-12-17 20:34     ` Junio C Hamano
2019-12-20  1:25       ` Emily Shaffer
2019-12-13  0:43 ` [PATCH v4 04/15] help: add shell-path to --build-options Emily Shaffer
2019-12-13  0:43 ` [PATCH v4 05/15] bugreport: add uname info Emily Shaffer
2019-12-13 21:12   ` Junio C Hamano
2020-01-10  2:05   ` Aaron Schrab
2019-12-13  0:43 ` [PATCH v4 06/15] bugreport: add glibc version Emily Shaffer
2019-12-13 21:18   ` Junio C Hamano
2019-12-16 22:39     ` Emily Shaffer
2019-12-13  0:43 ` [PATCH v4 07/15] bugreport: add curl version Emily Shaffer
2019-12-13 21:27   ` Junio C Hamano
2019-12-16 22:49     ` Emily Shaffer
2019-12-17 18:47   ` Johannes Schindelin
2019-12-13  0:43 ` [PATCH v4 08/15] bugreport: include user interactive shell Emily Shaffer
2019-12-13 21:38   ` Junio C Hamano
2019-12-13  0:43 ` [PATCH v4 09/15] bugreport: generate config safelist based on docs Emily Shaffer
2019-12-13 22:57   ` Junio C Hamano
2019-12-16 23:01     ` Emily Shaffer
2019-12-17  0:41       ` Emily Shaffer
2019-12-15 20:17   ` Johannes Schindelin
2019-12-16 22:52     ` Emily Shaffer
2019-12-17 18:38   ` Johannes Schindelin
2019-12-13  0:43 ` [PATCH v4 10/15] bugreport: add config values from safelist Emily Shaffer
2019-12-13 21:45   ` Junio C Hamano
2019-12-16 23:40     ` Emily Shaffer
2019-12-17 17:43       ` Junio C Hamano
2020-01-24  3:29         ` Emily Shaffer
2019-12-29 20:17   ` Johannes Schindelin
2019-12-13  0:43 ` [PATCH v4 11/15] bugreport: collect list of populated hooks Emily Shaffer
2019-12-13 21:47   ` Junio C Hamano
2019-12-16 23:51     ` Emily Shaffer
2019-12-13  0:43 ` [PATCH v4 12/15] bugreport: count loose objects Emily Shaffer
2019-12-13 21:51   ` Junio C Hamano
2019-12-16 23:54     ` Emily Shaffer
2019-12-13  0:43 ` [PATCH v4 13/15] bugreport: add packed object summary Emily Shaffer
2019-12-13 21:56   ` Junio C Hamano
2019-12-16 23:56     ` Emily Shaffer
2019-12-13  0:43 ` [PATCH v4 14/15] bugreport: list contents of $OBJDIR/info Emily Shaffer
2019-12-13  0:43 ` [PATCH v4 15/15] bugreport: summarize contents of alternates file Emily Shaffer
2020-01-24  3:34 ` [PATCH v5 00/15] add git-bugreport tool emilyshaffer
2020-01-24  3:34   ` [PATCH v5 01/15] bugreport: add tool to generate debugging info emilyshaffer
2020-01-30 22:18     ` Martin Ågren
2020-02-04 22:00       ` Emily Shaffer
2020-01-24  3:34   ` [PATCH v5 02/15] help: move list_config_help to builtin/help emilyshaffer
2020-01-30 22:19     ` Martin Ågren
2020-02-04  0:53       ` Emily Shaffer
2020-01-24  3:34   ` [PATCH v5 03/15] bugreport: gather git version and build info emilyshaffer
2020-01-30 22:19     ` Martin Ågren
2020-02-04 22:21       ` Emily Shaffer
2020-01-24  3:34   ` [PATCH v5 04/15] help: add shell-path to --build-options emilyshaffer
2020-01-30 22:21     ` Martin Ågren
2020-01-24  3:34   ` [PATCH v5 05/15] bugreport: add uname info emilyshaffer
2020-01-24  3:34   ` [PATCH v5 06/15] bugreport: add compiler info emilyshaffer
2020-01-30 22:21     ` Martin Ågren
2020-02-04 22:51       ` Emily Shaffer
2020-02-05 19:47         ` Martin Ågren
2020-01-24  3:34   ` [PATCH v5 07/15] bugreport: add curl version emilyshaffer
2020-01-30 22:27     ` Martin Ågren
2020-02-04 22:54       ` Emily Shaffer
2020-01-24  3:34   ` [PATCH v5 08/15] bugreport: include user interactive shell emilyshaffer
2020-01-30 22:28     ` Martin Ågren
2020-02-04 23:16       ` Emily Shaffer
2020-02-05 20:06       ` Junio C Hamano
2020-02-05 20:14         ` Martin Ågren
2020-01-24  3:34   ` [PATCH v5 09/15] bugreport: generate config safelist based on docs emilyshaffer
2020-01-30 22:34     ` Martin Ågren
2020-02-05  0:44       ` Emily Shaffer
2020-02-05 19:53         ` Martin Ågren
2020-01-31 21:20     ` Martin Ågren
2020-02-05  0:30       ` Emily Shaffer
2020-02-05  0:52         ` Emily Shaffer
2020-01-24  3:34   ` [PATCH v5 10/15] bugreport: add config values from safelist emilyshaffer
2020-01-30 22:36     ` Martin Ågren
2020-02-05  1:34       ` Emily Shaffer
2020-01-31 21:25     ` Martin Ågren
2020-02-05  2:31       ` Emily Shaffer
2020-02-05 20:12         ` Martin Ågren
2020-01-24  3:34   ` [PATCH v5 11/15] bugreport: collect list of populated hooks emilyshaffer
2020-02-04 18:44     ` Junio C Hamano
2020-02-05  2:48       ` Emily Shaffer
2020-02-05  3:00         ` Emily Shaffer
2020-01-24  3:34   ` [PATCH v5 12/15] bugreport: count loose objects emilyshaffer
2020-02-04 18:48     ` Junio C Hamano
2020-02-05  2:50       ` Emily Shaffer
2020-01-24  3:34   ` [PATCH v5 13/15] bugreport: add packed object summary emilyshaffer
2020-02-04 19:00     ` Junio C Hamano
2020-02-05  3:15       ` Emily Shaffer
2020-02-04 19:03     ` Junio C Hamano
2020-02-05  3:09       ` Emily Shaffer
2020-01-24  3:34   ` [PATCH v5 14/15] bugreport: list contents of $OBJDIR/info emilyshaffer
2020-01-24  3:34   ` [PATCH v5 15/15] bugreport: summarize contents of alternates file emilyshaffer
2020-01-24  3:38   ` [PATCH v5 00/15] add git-bugreport tool Emily Shaffer
2020-01-28 23:04   ` Jonathan Tan
2020-01-28 23:26     ` Emily Shaffer
2020-01-30 22:15   ` Martin Ågren
2020-02-04  0:07     ` Emily Shaffer
2020-02-06  0:40   ` [PATCH v6 " Emily Shaffer
2020-02-06  0:40     ` [PATCH v6 01/15] help: move list_config_help to builtin/help Emily Shaffer
2020-02-06  1:35       ` Danh Doan
2020-02-13 22:58         ` Emily Shaffer
2020-02-13 23:07           ` Eric Sunshine
2020-02-13 23:24             ` Junio C Hamano
2020-02-13 23:29               ` Eric Sunshine
2020-02-14  1:20                 ` Emily Shaffer
2020-02-06  0:40     ` [PATCH v6 02/15] help: add shell-path to --build-options Emily Shaffer
2020-02-06  0:40     ` [PATCH v6 03/15] bugreport: add tool to generate debugging info Emily Shaffer
2020-02-07 14:18       ` SZEDER Gábor
2020-02-07 18:51         ` Junio C Hamano
2020-02-11 22:40           ` Emily Shaffer
2020-02-07 14:54       ` SZEDER Gábor
2020-02-12 18:06       ` Junio C Hamano
2020-02-12 22:36         ` Emily Shaffer
2020-02-06  0:40     ` [PATCH v6 04/15] bugreport: gather git version and build info Emily Shaffer
2020-02-06  0:40     ` [PATCH v6 05/15] bugreport: add uname info Emily Shaffer
2020-02-06  0:40     ` [PATCH v6 06/15] bugreport: add compiler info Emily Shaffer
2020-02-06  0:41     ` [PATCH v6 07/15] bugreport: add git-remote-https version Emily Shaffer
2020-02-06  0:41     ` [PATCH v6 08/15] bugreport: include user interactive shell Emily Shaffer
2020-02-06  0:41     ` [PATCH v6 09/15] bugreport: generate config safelist based on docs Emily Shaffer
2020-02-07 15:30       ` SZEDER Gábor
2020-02-13 23:14         ` Emily Shaffer
2020-02-06  0:41     ` [PATCH v6 10/15] bugreport: add config values from safelist Emily Shaffer
2020-02-07 14:47       ` SZEDER Gábor
2020-02-07 15:08         ` SZEDER Gábor
2020-02-07 16:24           ` Eric Sunshine
2020-02-07 16:51             ` Andreas Schwab
2020-02-13 22:02               ` Emily Shaffer
2020-02-06  0:41     ` [PATCH v6 11/15] bugreport: collect list of populated hooks Emily Shaffer
2020-02-06  0:41     ` [PATCH v6 12/15] bugreport: count loose objects Emily Shaffer
2020-02-06  0:41     ` [PATCH v6 13/15] bugreport: add packed object summary Emily Shaffer
2020-02-06  0:41     ` [PATCH v6 14/15] bugreport: list contents of $OBJDIR/info Emily Shaffer
2020-02-06  0:41     ` [PATCH v6 15/15] bugreport: summarize contents of alternates file Emily Shaffer
2020-02-14  1:53     ` [PATCH v7 00/15] add git-bugreport tool Emily Shaffer
2020-02-14  1:53       ` [PATCH v7 01/15] help: move list_config_help to builtin/help Emily Shaffer
2020-02-14  1:53       ` [PATCH v7 02/15] help: add shell-path to --build-options Emily Shaffer
2020-02-14  1:53       ` [PATCH v7 03/15] bugreport: add tool to generate debugging info Emily Shaffer
2020-02-14 17:25         ` Junio C Hamano
2020-02-15  1:57           ` Emily Shaffer
2020-02-15 18:24             ` Junio C Hamano
2020-02-18 23:46               ` Emily Shaffer
2020-02-18 23:56                 ` Emily Shaffer
2020-02-19 23:15                   ` Emily Shaffer
2020-02-19 23:24                     ` Junio C Hamano
2020-02-19 14:18         ` Johannes Schindelin
2020-02-19 16:55           ` Junio C Hamano
2020-02-19 21:52             ` Emily Shaffer
2020-02-19 22:09               ` Junio C Hamano
2020-02-19 23:06                 ` Emily Shaffer
2020-02-14  1:53       ` [PATCH v7 04/15] bugreport: gather git version and build info Emily Shaffer
2020-02-14  1:53       ` [PATCH v7 05/15] bugreport: add uname info Emily Shaffer
2020-02-14  1:53       ` [PATCH v7 06/15] bugreport: add compiler info Emily Shaffer
2020-02-19 14:23         ` Johannes Schindelin
2020-02-19 22:45           ` Emily Shaffer
2020-02-20 22:33             ` Johannes Schindelin
2020-02-20 23:33               ` Emily Shaffer
2020-02-21 15:22                 ` Johannes Schindelin
2020-02-22  0:04                   ` Emily Shaffer
2020-02-24  2:55                     ` Junio C Hamano
2020-02-14  1:53       ` [PATCH v7 07/15] bugreport: add git-remote-https version Emily Shaffer
2020-02-19 14:28         ` Johannes Schindelin
2020-02-19 22:28           ` Emily Shaffer
2020-02-19 22:33             ` Junio C Hamano
2020-02-20 22:33               ` Johannes Schindelin
2020-02-14  1:53       ` [PATCH v7 08/15] bugreport: include user interactive shell Emily Shaffer
2020-02-14  1:53       ` [PATCH v7 09/15] bugreport: generate config safelist based on docs Emily Shaffer
2020-02-14  1:53       ` [PATCH v7 10/15] bugreport: add config values from safelist Emily Shaffer
2020-02-14  1:53       ` [PATCH v7 11/15] bugreport: collect list of populated hooks Emily Shaffer
2020-02-14  1:53       ` [PATCH v7 12/15] bugreport: count loose objects Emily Shaffer
2020-02-14  1:53       ` [PATCH v7 13/15] bugreport: add packed object summary Emily Shaffer
2020-02-14  1:53       ` [PATCH v7 14/15] bugreport: list contents of $OBJDIR/info Emily Shaffer
2020-02-14 17:04         ` Junio C Hamano
2020-02-18 23:59           ` Emily Shaffer
2020-02-14  1:53       ` [PATCH v7 15/15] bugreport: summarize contents of alternates file Emily Shaffer
2020-02-14 17:32       ` [PATCH v7 00/15] add git-bugreport tool Junio C Hamano
2020-02-14 22:00         ` Emily Shaffer
2020-02-14 22:30           ` Junio C Hamano
2020-02-20  1:58       ` [PATCH v8 " Emily Shaffer
2020-02-20  1:58         ` [PATCH v8 01/15] help: move list_config_help to builtin/help Emily Shaffer
2020-02-20  1:58         ` [PATCH v8 02/15] help: add shell-path to --build-options Emily Shaffer
2020-02-20 19:03           ` Junio C Hamano
2020-02-20 21:15             ` Emily Shaffer
2020-02-20  1:58         ` [PATCH v8 03/15] bugreport: add tool to generate debugging info Emily Shaffer
2020-02-20 19:33           ` Junio C Hamano [this message]
2020-02-20 22:33             ` Emily Shaffer
2020-02-26 16:12           ` Johannes Schindelin
2020-02-20  1:58         ` [PATCH v8 04/15] bugreport: gather git version and build info Emily Shaffer
2020-02-20 20:07           ` Junio C Hamano
2020-02-20 23:03             ` Emily Shaffer
2020-02-20 23:18               ` Junio C Hamano
2020-02-20  1:58         ` [PATCH v8 05/15] bugreport: add uname info Emily Shaffer
2020-02-20 20:12           ` Junio C Hamano
2020-02-20 23:20             ` Emily Shaffer
2020-02-20  1:58         ` [PATCH v8 06/15] bugreport: add compiler info Emily Shaffer
2020-02-20  2:49           ` Danh Doan
2020-02-20 23:23             ` Emily Shaffer
2020-02-20 20:23           ` Junio C Hamano
2020-02-21  0:26           ` Junio C Hamano
2020-02-20  1:58         ` [PATCH v8 07/15] bugreport: add git-remote-https version Emily Shaffer
2020-02-20 20:35           ` Junio C Hamano
2020-02-20 23:28             ` Emily Shaffer
2020-02-21  3:44               ` Junio C Hamano
2020-02-25 22:08                 ` Emily Shaffer
2020-02-25 22:26                   ` Junio C Hamano
2020-02-25 23:29                     ` Emily Shaffer
2020-02-25 23:29                   ` Junio C Hamano
2020-02-25 23:55                     ` Emily Shaffer
2020-02-20  1:58         ` [PATCH v8 08/15] bugreport: include user interactive shell Emily Shaffer
2020-02-20  1:58         ` [PATCH v8 09/15] bugreport: generate config safelist based on docs Emily Shaffer
2020-02-20 20:40           ` Junio C Hamano
2020-02-26 16:13           ` Johannes Schindelin
2020-02-26 16:49             ` Junio C Hamano
2020-02-20  1:58         ` [PATCH v8 10/15] bugreport: add config values from safelist Emily Shaffer
2020-02-20 20:47           ` Junio C Hamano
2020-02-20  1:58         ` [PATCH v8 11/15] bugreport: collect list of populated hooks Emily Shaffer
2020-02-20 20:58           ` Junio C Hamano
2020-02-25 23:19             ` Emily Shaffer
2020-02-20  1:58         ` [PATCH v8 12/15] bugreport: count loose objects Emily Shaffer
2020-02-20 21:04           ` Junio C Hamano
2020-02-25 23:22             ` Emily Shaffer
2020-02-25 23:26               ` Emily Shaffer
2020-02-20  1:58         ` [PATCH v8 13/15] bugreport: add packed object summary Emily Shaffer
2020-02-20 22:04           ` Junio C Hamano
2020-02-25 23:58             ` Emily Shaffer
2020-02-20  1:58         ` [PATCH v8 14/15] bugreport: list contents of $OBJDIR/info Emily Shaffer
2020-02-20 22:18           ` Junio C Hamano
2020-02-20  1:58         ` [PATCH v8 15/15] bugreport: summarize contents of alternates file Emily Shaffer
2020-02-20 14:08           ` Johannes Schindelin
2020-02-20 22:22           ` Junio C Hamano
2020-03-02 23:03         ` [PATCH v9 0/5] add git-bugreport tool Emily Shaffer
2020-03-02 23:03           ` [PATCH v9 1/5] help: move list_config_help to builtin/help Emily Shaffer
2020-03-02 23:03           ` [PATCH v9 2/5] bugreport: add tool to generate debugging info Emily Shaffer
2020-03-03 14:18             ` Johannes Schindelin
2020-03-04 21:35             ` Johannes Schindelin
2020-03-05 23:34               ` Jeff Hostetler
2020-03-06 13:57                 ` Johannes Schindelin
2020-03-06 18:25                   ` Junio C Hamano
2020-03-06 18:08                 ` Junio C Hamano
2020-03-06 18:58                   ` Jeff Hostetler
2020-03-08 22:24                   ` Johannes Schindelin
2020-03-09 14:59                     ` Junio C Hamano
2020-03-09 19:17                       ` Johannes Schindelin
2020-03-09 19:47                         ` Junio C Hamano
2020-03-10 11:42                           ` Johannes Schindelin
2020-03-10 18:37                             ` Junio C Hamano
2020-03-10 22:08                               ` Johannes Schindelin
2020-03-19 21:39               ` Emily Shaffer
2020-03-20  0:28                 ` Junio C Hamano
2020-03-20 15:35                   ` Johannes Schindelin
2020-03-23 18:52                     ` Emily Shaffer
2020-03-20 15:42                 ` Johannes Schindelin
2020-03-23 18:50                   ` Emily Shaffer
2020-03-20 17:43                 ` Junio C Hamano
2020-03-20 22:38                   ` Johannes Schindelin
2020-03-20 22:47                     ` Junio C Hamano
2020-03-21 10:53                       ` Johannes Schindelin
2020-03-02 23:03           ` [PATCH v9 3/5] bugreport: gather git version and build info Emily Shaffer
2020-03-23 21:20             ` Junio C Hamano
2020-03-02 23:03           ` [PATCH v9 4/5] bugreport: add uname info Emily Shaffer
2020-03-02 23:04           ` [PATCH v9 5/5] bugreport: add compiler info Emily Shaffer
2020-03-03 11:46             ` Danh Doan
2020-03-03 14:07             ` Junio C Hamano
2020-03-04 21:39             ` Johannes Schindelin
2020-03-23 21:27               ` Emily Shaffer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=xmqq8skxawah.fsf@gitster-ct.c.googlers.com \
    --to=gitster@pobox.com \
    --cc=emilyshaffer@google.com \
    --cc=git@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Git Mailing List Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/git/0 git/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 git git/ https://lore.kernel.org/git \
		git@vger.kernel.org
	public-inbox-index git

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.git


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git