Patch #35539
Race condition (possible filename collision) in Attachment.disk_filename
| Status: | Closed | Start date: | ||
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: |  Go MAEDA | % Done: | 0% | |
| Category: | Attachments | |||
| Target version: | 5.0.0 |
Description
When two (or more) files with the same name are uploaded at the same time, it may happen that two or more of the resulting attachment records end up using the same disk file, resulting in data loss if the files actually differ in content. This was already previously mentioned in #34479-2 (but was unrelated to that issue and hence got "lost")
The problem is that Attachment.disk_filename finds a non-existant filename, but fails to "claim" this name in the file system while doing so. So nothing stops a parallel process to end up using the same name if it tries to do so before the first process actually creates the file.
This patch, extracted from Planio , instead tries to create a file directly, with the File::EXCL flag set, catches the error which means 'filename taken already' and retries until the file is created. This way, filenames are guaranteed to be unique by the underlying file system.
Associated revisions
Ensure unique attachment filenames (#35539).
Patch by Jens Krämer.
Updated by