Defect #35539
Race condition (possible filename collision) in Attachment.disk_filename
Status: | Closed | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | % Done: | 0% | ||
Category: | Attachments | |||
Target version: | 5.0.0 | |||
Resolution: | Affected version: |
Description
When two (or more) files with the same name are uploaded at the same time, it may happen that two or more of the resulting attachment records end up using the same disk file, resulting in data loss if the files actually differ in content. This was already previously mentioned in #34479-2 (but was unrelated to that issue and hence got "lost")
The problem is that Attachment.disk_filename
finds a non-existant filename, but fails to "claim" this name in the file system while doing so. So nothing stops a parallel process to end up using the same name if it tries to do so before the first process actually creates the file.
This patch, extracted from Planio , instead tries to create a file directly, with the File::EXCL
flag set, catches the error which means 'filename taken already' and retries until the file is created. This way, filenames are guaranteed to be unique by the underlying file system.
Related issues
History
#4
Updated by Go MAEDA 11 months ago
- Related to Patch #35720: Defect: Binmode specified twice added
#5
Updated by Go MAEDA 11 months ago
- Related to Patch #35721: Unlink files after they're closed added