search

dilab / resumable.php

PHP backend for resumable.js
http://www.startutorial.com/articles/view/resumable-file-upload-part-1
MIT License
42 stars 40 forks source link

Prevent race condition (updated for style rules) #27

Closed nk53 closed 6 years ago

nk53 commented 6 years ago

When I test this on my machine, the last two processes to read a chunk will occasionally both attempt to write the combined file.

Cakephp can use locking to ensure no more than one process writes to a file at a time, however it does not guarantee that only one process writes to a file at all. For this, we need to open the file with the O_EXCL flag (x in PHP).

This pull request ensures only one process will write to destFile.

dilab commented 6 years ago

thanks!

nk53 commented 6 years ago

OK I have to apologize, because I apparently made a typo ("9" where a "(" should be, on line 287).

dilab commented 6 years ago

@nk53 can you create another PR to fix it?

williamdes commented 10 months ago

This fix prevents the vulnerability #34 to overwrite files