search

lunarmodules / luafilesystem

LuaFileSystem is a Lua library developed to complement the set of functions related to file systems offered by the standard Lua distribution.
https://lunarmodules.github.io/luafilesystem/
MIT License
900 stars 291 forks source link

fix for stat(2) path traversal using fstat #138

Open jaromil opened 4 years ago

jaromil commented 4 years ago

Hi there!

Here is my fix to retrieve correct file information on POSX systems when along the path traversal a directory has no executable flag.

From stat(2) manpage:

"No permissions are required on the file itself, but—in the case of stat(), fstatat(), and lstat() execute (search) permission is required on all of the directories in pathname that lead to the file."

At the moment this is an incomplete fix: it breaks usage of lstat(2) on POSIX systems, due to change of the function signature passed to _file_info_().

Kindly provide feedback on how to proceed. IMHO the usage of a function pointer passed as argument of _fileinfo is a design burden: a simple flag can be used.

ciao

p.s. for the impatient, a quick non-breaking fix is applied in the lfs version shipped in my software.

hishamhm commented 4 years ago

@jaromil Feel free to simplify the internals if it aids with the bugfix and preserves portability!

jaromil commented 4 years ago

Thanks for your feedbacks, knowing your interest now I'll rework the PR into something more presentable and passing tests.