[PATCH in main] vfs: use fchmod for _fixfilemode

Adrian Buehlmann adrian at cadifra.com
Fri Oct 12 17:19:48 CDT 2012


# HG changeset patch
# User Matt Mackall <mpm at selenic.com>
# Date 1350014314 18000
# Node ID 76b73ce0ffaca8b562747564ce89f4798b2275e5
# Parent  4871c1f343fae9f38b9dc9600ab96f2017d116ce
vfs: use fchmod for _fixfilemode

On general principle, we should use fchmod instead of chmod to avoid
security pitfalls, although none is likely possible here.

diff --git a/mercurial/scmutil.py b/mercurial/scmutil.py
--- a/mercurial/scmutil.py
+++ b/mercurial/scmutil.py
@@ -255,10 +255,10 @@
     def _cansymlink(self):
         return util.checklink(self.base)
 
-    def _fixfilemode(self, name):
+    def _fixfilemode(self, fp):
         if self.createmode is None:
             return
-        os.chmod(name, self.createmode & 0666)
+        os.fchmod(fp.fileno(), self.createmode & 0666)
 
     def __call__(self, path, mode="r", text=False, atomictemp=False):
         if self._audit:
@@ -305,7 +305,7 @@
                     util.rename(util.mktempcopy(f), f)
         fp = util.posixfile(f, mode)
         if nlink == 0:
-            self._fixfilemode(f)
+            self._fixfilemode(fp)
         return fp
 
     def symlink(self, src, dst):
@@ -329,8 +329,8 @@
         else:
             f = self(dst, "w")
             f.write(src)
+            self._fixfilemode(f)
             f.close()
-            self._fixfilemode(dst)
 
     def audit(self, path):
         self.auditor(path)


More information about the Mercurial-devel mailing list