Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork33.7k
gh-113356: Ignore errors in "._ABC.pth"#113357
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Conversation
On macOS the system can create a "._" file next to aregular file when the system needs to store metadatathat is not supported by the filesystem (such as storingextended attributes on an exFAT filesystem).Those files are binary data and cause startup failures whenthe base file is a ".pth" file.
ronaldoussoren commentedDec 21, 2023 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
I don't check the filename before trying to open it out of an abundance of caution. There's bound to be someone that intentionally uses a filename with "._" as a prefix in the name. |
serhiy-storchaka left a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
I think it is better to skip all dot-files inaddsitedir().
ronaldoussoren commentedDec 22, 2023
I agree, but that is a change of functionality. I'd like to back port this to 3.11 and 3.12 as the issue affects users. I can do a follow-up PR for just main that ignores all dot-files (probably with a whatsnew entry) |
serhiy-storchaka commentedDec 22, 2023
I think that it is very unlikely that anybody intentionally uses a pth file with a name starting with a dot. Should not the base name match the package name, which cannot start with a dot? And if it is used intentionally, it looks like a malicious use, since dot-files are "hidden" by default. So we can fix a minor security issue of executing code in hidden files (normally dot-files cannot be imported). The heuristic used in this PR is not completely reliable, because by accident the first line can be decodable. Even if macOS only supports UTF-8 locale (does it?), the disk mounted on macOS can later be used on other OS with Latin1 or other 8-bit locale. |
ronaldoussoren commentedDec 23, 2023
The ._ file is in AppleDouble format, which is binary. I don't expect this to ever be compatible with ASCII, this is the output of Note that there are bytes with value 0xFF on the line starting at |
ronaldoussoren commentedDec 23, 2023 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
@Yhg1s and@pablogsal: This PR attempts to fix an issue where macOS can create "._" files next to regular files on (in particular) exFAT files when the filesystem driver needs to store metadata that is not supported by the operating system. File listing of a directory with a file "text.txt" where I added a single extended attribute: The PR currently tries to be fairly targeted to this particular issue. Would it be acceptable to just ignore all ".pth" files whose name starts with a dot? As@serhiy-storchaka notes such files can be seen as security risk because they are hidden by default and can execute arbitrary code. UPDATE: asked the wrong release manager for the 3.11 back port. Sorry,@pablogsal and@ambv... |
ronaldoussoren commentedDec 24, 2023
I've slightly tweaked the approach:
|
serhiy-storchaka commentedJan 2, 2024
Opened a security issue#113659. |
ronaldoussoren commentedJan 18, 2024
The fix in#113659 is better than this very targeted PR and has been merged. I'm therefore closing this PR. |
Uh oh!
There was an error while loading.Please reload this page.
On macOS the system can create a "._" file next to a regular file when the system needs to store metadata that is not supported by the filesystem (such as storing extended attributes on an exFAT filesystem).
Those files are binary data and cause startup failures when the base file is a ".pth" file.