Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent infinite loops during symlink traversal #9748

Merged
merged 1 commit into from May 3, 2021
Merged

Prevent infinite loops during symlink traversal #9748

merged 1 commit into from May 3, 2021

Conversation

Tonkpils
Copy link
Contributor

@Tonkpils Tonkpils commented Apr 29, 2021
edited

#8815 introduced a traversal strategy that used recursion.
#9703 then fixed an issue with this traversal which accounted for directories and symlinks.

When a symlink points to a parent directory that contains that symlink it'll cause this to go into a loop until the filename is too long for glob to handle.

We prevent this by checking for the inclusion of a symlink's real path in the base directory's realpath. If the base directory's path starts with the symlink's destination then we are in a loop and should skip processing the directory

Before submitting the PR make sure the following are checked:

  • The PR relates to only one subject with a clear title and description in grammatically correct, complete sentences.
  • Wrote good commit messages.
  • Commit message starts with [Fix #issue-number] (if the related issue exists).
  • Feature branch is up-to-date with master (if not - rebase it).
  • Squashed related commits together.
  • Added tests.
  • Ran bundle exec rake default. It executes all tests and runs RuboCop on its own code.
  • Added an entry (file) to the changelog folder named {change_type}_{change_description}.md if the new code introduces user-observable changes. See changelog entry format for details.

@Tonkpils Tonkpils force-pushed the tonkpils/prevent-infinite-loops-in-symlinks branch from 7751298 to e004607 Compare April 29, 2021 05:13
@Tonkpils
Prevent infinite loops during symlink traversal
f99a054 
rubocop#8815 introduced a traversal
strategy that used recursion.
rubocop#9703 then fixed an issue with
this traversal which accounted for directories and symlinks.

When a symlink points to a parent directory that contains that symlink
it'll cause this to go into a loop until the filename is too long for
glob to handle.

We prevent this by checking for the inclusion of a symlink's real path
in the base directory's realpath. If the base directory's path starts
with the symlink's destination then we are in a loop and should skip
processing the directory
@Tonkpils Tonkpils force-pushed the tonkpils/prevent-infinite-loops-in-symlinks branch from e004607 to f99a054 Compare April 29, 2021 05:14
@bbatsov bbatsov merged commit 22274c6 into rubocop:master May 3, 2021
@bbatsov
Copy link
Collaborator

bbatsov commented May 3, 2021

So many symlink-related problems. :-) Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@Tonkpils @bbatsov