Merge branch 'rs/notes-merge-no-toctou' into maint
authorJunio C Hamano <gitster@pobox.com>
Mon, 8 Aug 2016 21:21:35 +0000 (14:21 -0700)
committerJunio C Hamano <gitster@pobox.com>
Mon, 8 Aug 2016 21:21:35 +0000 (14:21 -0700)
"git notes merge" had a code to see if a path exists (and fails if
it does) and then open the path for writing (when it doesn't).
Replace it with open with O_EXCL.

* rs/notes-merge-no-toctou:
notes-merge: use O_EXCL to avoid overwriting existing files

notes-merge.c
index 34bfac0c685f18c635b30dbf19d7b25250faa1c6..f00059520e62b1c726640437520db64e28abbac7 100644 (file)
@@ -298,12 +298,8 @@ static void write_buf_to_worktree(const unsigned char *obj,
        char *path = git_pathdup(NOTES_MERGE_WORKTREE "/%s", sha1_to_hex(obj));
        if (safe_create_leading_directories_const(path))
                die_errno("unable to create directory for '%s'", path);
-       if (file_exists(path))
-               die("found existing file at '%s'", path);
 
-       fd = open(path, O_WRONLY | O_TRUNC | O_CREAT, 0666);
-       if (fd < 0)
-               die_errno("failed to open '%s'", path);
+       fd = xopen(path, O_WRONLY | O_EXCL | O_CREAT, 0666);
 
        while (size > 0) {
                long ret = write_in_full(fd, buf, size);