| Subject: | Repository.pm safeopen() |
| Date: | Tue, 11 Dec 2007 10:04:59 -0500 |
| To: | bug-Modwheel [...] rt.cpan.org |
| From: | Kenny MacDermid <kenny [...] kmdconsulting.ca> |
Hello,
I was just taking a look through safeopen() and was wondering about some
possible bugs.
The race condition checking seems to only be run `if (-f $filename &&
$hdev && $hino)'. Unless I'm missing something it appears $hdev and
$hino haven't yet been used.
Also the check of `-f $filename' doesn't seem like a good idea here. It
would still likely allow the following race condition:
<<< file is correct
Show quoted text
>>> stat file
<<< change with link
Show quoted text>>> open file
>>> check if it's a '-f', it's not. Ignore race condition.
If you want to make sure it was a safe open of a file then set something
on the first '-f' test and test for race conditions if that's true.
Hope this helps,
Kenny