Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork33.7k
gh-143010: Prevent a TOCTOU issue by only calling open once#143011
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
base:main
Are you sure you want to change the base?
Conversation
… TOCTOU issue by only calling open onceWe can literally just use open(path, 'xb+') for _create_carefully.
sobolevn left a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Can you please start with a failing test that can show us what's wrong?
AZero13 commentedDec 20, 2025 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
This is going to be very difficult given the fact it has to be precisely timed to the nanosecond as it is between opening of the file descriptor to the opening of the path again. |
Uh oh!
There was an error while loading.Please reload this page.
We can literally just use open(path, 'xb+') for _create_carefully
mailbox._create_carefullyhas a possible toctou error #143010