Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Panic if PathBuf::set_extension would add a path separator #125070

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Panic if PathBuf::set_extension would add a path separator #125070

wants to merge 1 commit into from

Conversation

tbu-
Copy link
Contributor

@tbu- tbu- commented May 13, 2024

This is likely never intended and potentially a security vulnerability if it happens.

I'd guess that it's mostly literal strings that are passed to this function in practice, so I'm guessing this doesn't break anyone.

CC #125060

@rustbot
Copy link
Collaborator

rustbot commented May 13, 2024

r? @jhpratt

rustbot has assigned @jhpratt.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

@rustbot rustbot added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-libs Relevant to the library team, which will review and decide on the PR/issue. labels May 13, 2024
@tbu- tbu- mentioned this pull request May 13, 2024
Open
@rust-log-analyzer

This comment has been minimized.

Sign in to view
@tbu-
Panic if PathBuf::set_extension would add a path separator
700b3ea 
This is likely never intended and potentially a security vulnerability
if it happens.

I'd guess that it's mostly literal strings that are passed to this
function in practice, so I'm guessing this doesn't break anyone.

CC rust-lang#125060
faptc
faptc reviewed May 13, 2024
View reviewed changes
library/std/src/path/tests.rs
@@ -1803,6 +1803,29 @@ fn test_windows_absolute() {
assert_eq!(absolute(r"COM1").unwrap().as_os_str(), Path::new(r"\\.\COM1").as_os_str());
}

#[test]
#[should_panic = "path separator"]
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would test a try_set method be better than testing a panic one?

@jhpratt
Copy link
Member

jhpratt commented May 14, 2024

imo this needs a decision from T-libs (or T-libs-api? not sure). I personally find this reasonable, but it's not a trivial thing to change.

cc @rust-lang/libs

@workingjubilee workingjubilee added the I-libs-nominated The issue / PR has been nominated for discussion during a libs team meeting. label May 14, 2024
@workingjubilee
Copy link
Contributor

this and #125060 should probably be discussed together

@ChrisDenton
Copy link
Contributor

I think this (and the other one) are an API issue. This isn't just about the implementation. This is about the public API of Path.

@workingjubilee workingjubilee added the I-libs-api-nominated The issue / PR has been nominated for discussion during a libs-api team meeting. label May 14, 2024
@m-ou-se m-ou-se added T-libs-api Relevant to the library API team, which will review and decide on the PR/issue. and removed T-libs Relevant to the library team, which will review and decide on the PR/issue. labels May 15, 2024
@joshtriplett
Copy link
Member

We discussed this in today's @rust-lang/libs meeting. We were generally in favor of panicking in set_extension here.

(We were hesitant to advocate the same for set_file_name because there might be existing code out there that depends on being able to pass things with path separators there. Though if we were confident that were not the case we'd love to do that too.)

@rfcbot merge

@rfcbot
Copy link

rfcbot commented May 15, 2024
edited by BurntSushi

Team member @joshtriplett has proposed to merge this. The next step is review by the rest of the tagged team members:

No concerns currently listed.

Once a majority of reviewers approve (and at most 2 approvals are outstanding), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up!

See this document for info about what commands tagged team members can give me.

@rfcbot rfcbot added proposed-final-comment-period Proposed to merge/close by relevant subteam, see T-<team> label. Will enter FCP once signed off. disposition-merge This issue / PR is in PFCP or FCP with a disposition to merge it. labels May 15, 2024
@Amanieu Amanieu removed I-libs-nominated The issue / PR has been nominated for discussion during a libs team meeting. I-libs-api-nominated The issue / PR has been nominated for discussion during a libs-api team meeting. labels May 15, 2024
@rfcbot rfcbot added final-comment-period In the final comment period and will be merged soon unless new substantive objections are raised. and removed proposed-final-comment-period Proposed to merge/close by relevant subteam, see T-<team> label. Will enter FCP once signed off. labels May 15, 2024
@rfcbot
Copy link

rfcbot commented May 15, 2024

🔔 This is now entering its final comment period, as per the review above. 🔔

@tbu-

This comment was marked as off-topic.

Sign in to view
jhpratt
jhpratt approved these changes May 15, 2024
View reviewed changes
Copy link
Member

@jhpratt jhpratt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

r=me upon FCP completion

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@faptc faptc faptc left review comments

@jhpratt jhpratt jhpratt approved these changes

Assignees

@jhpratt jhpratt

Labels
disposition-merge This issue / PR is in PFCP or FCP with a disposition to merge it. final-comment-period In the final comment period and will be merged soon unless new substantive objections are raised. S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-libs-api Relevant to the library API team, which will review and decide on the PR/issue.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet