andreacavalli/rocksdb
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
618d07b068
rocksdb/util
History
Jim Meyering 0a91bca5db test: avoid vuln-inducing use of temporary directory 
Summary:
Without this change, someone on the machine on which
I run "make check" could cause me to overwrite arbitrary
files owned by me, via a symlink attack.

Instead of using a predictable temporary directory and
accepting to use a preexisting one, always create a new
one using mkdtemp.  If $TEST_IOCTL_FRIENDLY_TMPDIR is
set and usable, attempt first to find a usable
temporary directory therein.  If not, or if unusable,
then try /var/tmp and /tmp.  If none of those is usable
abort with a diagnostic.

To do that, I added a new class.
Its constructor finds a suitable directory or aborts,
the sole member prints that directory's name, and the
destructor unlinks what should be an empty directory.

Note that while the code before this did not remove
its temporary directory, there was only one per $UID.
Now, there would be at least one per run or one per
test, depending on implementation, so it is important
to remove them.

Test Plan:
  Run this on a fedora rawhide system, where /tmp
  is a tmpfs file system, and /var/tmp is ext4.

  # This gives a diagnostic that /dev/shm is not suitable
  # and ends up using /var/tmp.
  TEST_IOCTL_FRIENDLY_TMPDIR=/dev/shm ./env_test

  # Uses /var/tmp; same as when envvar not set.
  TEST_IOCTL_FRIENDLY_TMPDIR=/var/tmp ./env_test

  # Uses /tmp unless it's tmpfs, in which case it gives
  # a diagnostic and uses /var/tmp.
  TEST_IOCTL_FRIENDLY_TMPDIR=/tmp ./env_test

Reviewers: ljin, rven, igor.sugak, yhchiang, sdong, igor

Reviewed By: igor

Subscribers: dhruba

Differential Revision: https://reviews.facebook.net/D37287
2015-04-23 08:00:56 -07:00
..
allocator.h Enforce write buffer memory limit across column families 2014-12-02 12:09:20 -08:00
arena_test.cc rocksdb: switch to gtest 2015-03-17 14:08:00 -07:00
arena.cc Make arena use hugepage if possible 2014-11-21 14:11:40 -08:00
arena.h Removing unnecessary kInlineSize 2015-03-12 21:13:53 +03:00
auto_roll_logger_test.cc rocksdb: switch to gtest 2015-03-17 14:08:00 -07:00
auto_roll_logger.cc Add Header to logging to capture application level information 2015-02-06 10:37:45 -08:00
auto_roll_logger.h rocksdb: Add missing override 2015-02-26 11:28:41 -08:00
autovector_test.cc rocksdb: Remove #include "util/string_util.h" from util/testharness.h 2015-03-19 17:29:37 -07:00
autovector.h Replace exception by assertion in autovector 2014-12-04 11:41:56 -08:00
bloom_test.cc rocksdb: switch to gtest 2015-03-17 14:08:00 -07:00
bloom.cc Turn on -Wshorten-64-to-32 and fix all the errors 2014-11-11 16:47:22 -05:00
build_version.h build: do not relink every single binary just for a timestamp 2015-02-19 13:11:10 -08:00
cache_bench.cc Fix -Wshadow for tools 2014-11-07 15:04:30 -08:00
cache_test.cc rocksdb: Remove #include "util/string_util.h" from util/testharness.h 2015-03-19 17:29:37 -07:00
cache.cc Deprecate removeScanCountLimit in NewLRUCache 2015-03-17 15:04:37 -07:00
coding_test.cc rocksdb: switch to gtest 2015-03-17 14:08:00 -07:00
coding.cc Removing BitStream* functions 2014-08-19 06:48:21 -07:00
coding.h Turn on -Wshorten-64-to-32 and fix all the errors 2014-11-11 16:47:22 -05:00
comparator.cc rocksdb: Add missing override 2015-02-26 11:28:41 -08:00
compression.h Clean up compression logging 2015-04-06 12:50:44 -07:00
crc32c_test.cc rocksdb: switch to gtest 2015-03-17 14:08:00 -07:00
crc32c.cc Turn on -Wshorten-64-to-32 and fix all the errors 2014-11-11 16:47:22 -05:00
crc32c.h Add appropriate LICENSE and Copyright message. 2013-10-16 17:48:41 -07:00
db_info_dumper.cc Fix iOS compile with -Wshorten-64-to-32 2014-11-13 14:39:30 -05:00
db_info_dumper.h Fix iOS compile with -Wshorten-64-to-32 2014-11-13 14:39:30 -05:00
dynamic_bloom_test.cc rocksdb: switch to gtest 2015-03-17 14:08:00 -07:00
dynamic_bloom.cc Enforce write buffer memory limit across column families 2014-12-02 12:09:20 -08:00
dynamic_bloom.h Enforce write buffer memory limit across column families 2014-12-02 12:09:20 -08:00
env_hdfs.cc Add rocksdb::ToString() to address cases where std::to_string is not available. 2014-11-24 20:44:49 -08:00
env_posix.cc Using chrono as a fallback 2015-03-18 11:26:10 -07:00
env_test.cc test: avoid vuln-inducing use of temporary directory 2015-04-23 08:00:56 -07:00
env.cc Add Header to logging to capture application level information 2015-02-06 10:37:45 -08:00
event_logger_test.cc rocksdb: switch to gtest 2015-03-17 14:08:00 -07:00
event_logger.cc Include chrono 2015-03-13 10:29:32 -07:00
event_logger.h Include chrono 2015-03-13 10:29:32 -07:00
file_util.cc Provide openable snapshots 2014-11-14 11:38:26 -08:00
file_util.h Provide openable snapshots 2014-11-14 11:38:26 -08:00
filelock_test.cc rocksdb: switch to gtest 2015-03-17 14:08:00 -07:00
filter_policy.cc Add appropriate LICENSE and Copyright message. 2013-10-16 17:48:41 -07:00
hash_cuckoo_rep.cc Enforce write buffer memory limit across column families 2014-12-02 12:09:20 -08:00
hash_cuckoo_rep.h Enforce write buffer memory limit across column families 2014-12-02 12:09:20 -08:00
hash_linklist_rep.cc rocksdb: Add missing override 2015-02-26 11:28:41 -08:00
hash_linklist_rep.h Enforce write buffer memory limit across column families 2014-12-02 12:09:20 -08:00
hash_skiplist_rep.cc rocksdb: Add missing override 2015-02-26 11:28:41 -08:00
hash_skiplist_rep.h Enforce write buffer memory limit across column families 2014-12-02 12:09:20 -08:00
hash.cc Turn on -Wshorten-64-to-32 and fix all the errors 2014-11-11 16:47:22 -05:00
hash.h Introduce GetThreadList API 2014-11-20 10:49:32 -08:00
histogram_test.cc rocksdb: switch to gtest 2015-03-17 14:08:00 -07:00
histogram.cc Fix iOS compile with -Wshorten-64-to-32 2014-11-13 14:39:30 -05:00
histogram.h Fix iOS compile with -Wshorten-64-to-32 2014-11-13 14:39:30 -05:00
instrumented_mutex.cc Perf Context to report DB mutex waiting time 2015-02-09 17:55:12 -08:00
instrumented_mutex.h Add a counter for collecting the wait time on db mutex. 2015-02-04 21:39:45 -08:00
iostats_context_imp.h Fix ios compile 2014-08-28 12:46:05 -04:00
iostats_context.cc Fix ios compile 2014-08-28 12:46:05 -04:00
ldb_cmd_execute_result.h rocksdb: Small refactoring before migrating to gtest 2015-03-16 18:08:59 -07:00
ldb_cmd.cc Speed up reduce_levels_test 2015-04-16 19:31:34 -07:00
ldb_cmd.h rocksdb: Small refactoring before migrating to gtest 2015-03-16 18:08:59 -07:00
ldb_tool.cc Added 'dump_live_files' command to ldb tool. 2014-12-12 17:50:36 -08:00
log_buffer.cc Enlarge log size cap when printing file summary 2014-09-23 16:56:34 -07:00
log_buffer.h RocksDB on FreeBSD support 2015-02-26 15:19:17 -08:00
log_write_bench.cc Fix more gflag namespace issues 2014-05-09 08:41:02 -07:00
logging.cc Make the benchmark scripts configurable and add tests 2015-03-30 11:28:25 -07:00
logging.h Make the benchmark scripts configurable and add tests 2015-03-30 11:28:25 -07:00
manual_compaction_test.cc rocksdb: switch to gtest 2015-03-17 14:08:00 -07:00
memenv_test.cc rocksdb: switch to gtest 2015-03-17 14:08:00 -07:00
memenv.cc rocksdb: Add missing override 2015-02-26 11:28:41 -08:00
mock_env_test.cc Fix flakiness of WalManagerTest 2015-04-13 16:15:05 -07:00
mock_env.cc Fix flakiness of WalManagerTest 2015-04-13 16:15:05 -07:00
mock_env.h Fix flakiness of WalManagerTest 2015-04-13 16:15:05 -07:00
murmurhash.cc Add appropriate LICENSE and Copyright message. 2013-10-16 17:48:41 -07:00
murmurhash.h Turn on -Wshorten-64-to-32 and fix all the errors 2014-11-11 16:47:22 -05:00
mutable_cf_options.cc options.level_compaction_dynamic_level_bytes to allow RocksDB to pick size bases of levels dynamically. 2015-03-02 22:40:41 -08:00
mutable_cf_options.h Universal Compactions with Small Files 2015-03-30 15:12:02 -07:00
mutexlock.h Add separate Read/WriteUnlock methods in MutexRW. 2014-06-16 15:41:46 -07:00
options_builder.cc Remove the compability check on log2 OS_ANDROID as it's already blocked by ROCKSDB_LITE 2014-12-04 13:56:14 -08:00
options_helper.cc Deprecate removeScanCountLimit in NewLRUCache 2015-03-17 15:04:37 -07:00
options_helper.h Missing header in build on CentOS 2014-11-18 22:21:02 +01:00
options_test.cc rocksdb: Remove #include "util/random.h" from util/testharness.h 2015-03-19 17:06:02 -07:00
options.cc Fixed xfunc related compile errors in ROCKSDB_LITE 2015-04-09 21:05:18 -07:00
perf_context_imp.h Refactor PerfStepTimer to stop on destruct 2014-09-02 12:04:22 -07:00
perf_context.cc Adding stats for the merge and filter operation 2015-03-24 14:42:04 -07:00
posix_logger.h rocksdb: Add missing override 2015-02-26 11:28:41 -08:00
random.h Add appropriate LICENSE and Copyright message. 2013-10-16 17:48:41 -07:00
rate_limiter_test.cc Enable dynamic changing of rate limiter's bytes_per_second 2015-03-18 15:35:55 -07:00
rate_limiter.cc Enable dynamic changing of rate limiter's bytes_per_second 2015-03-18 15:35:55 -07:00
rate_limiter.h Enable dynamic changing of rate limiter's bytes_per_second 2015-03-18 15:35:55 -07:00
scoped_arena_iterator.h Remove path with arena==nullptr from NewInternalIterator 2014-09-04 17:40:41 -07:00
skiplistrep.cc Enforce write buffer memory limit across column families 2014-12-02 12:09:20 -08:00
slice_transform_test.cc rocksdb: switch to gtest 2015-03-17 14:08:00 -07:00
slice.cc rocksdb: Add missing override 2015-02-26 11:28:41 -08:00
sst_dump_test.cc A new call back to TablePropertiesCollector to allow users know the entry is add, delete or merge 2015-04-06 10:27:21 -07:00
sst_dump_tool_imp.h Disable pre-fetching of index and filter blocks for sst_dump_tool. 2015-02-25 16:34:26 -08:00
sst_dump_tool.cc Make SSTDumpTest.GetProperties less noisy 2015-03-23 14:30:11 -07:00
statistics.cc Fix assert in histogramData 2015-01-23 18:10:52 -08:00
statistics.h make statistics forward-able 2014-07-28 12:10:49 -07:00
status.cc Turn on -Wshorten-64-to-32 and fix all the errors 2014-11-11 16:47:22 -05:00
stl_wrappers.h Killing Transform Rep 2013-12-03 12:42:15 -08:00
stop_watch.h Change StopWatch interface 2014-07-28 12:22:37 -07:00
string_util.cc Clean up StringSplit 2014-11-21 11:05:28 -05:00
string_util.h Add rocksdb::ToString() to address cases where std::to_string is not available. 2014-11-24 20:44:49 -08:00
sync_point.cc SyncPoint to allow a callback with an argument and use it to get DBTest.DynamicLevelCompressionPerLevel2 more straight-forward 2015-04-14 16:18:50 -07:00
sync_point.h SyncPoint to allow a callback with an argument and use it to get DBTest.DynamicLevelCompressionPerLevel2 more straight-forward 2015-04-14 16:18:50 -07:00
testharness.cc rocksdb: print status error message when (ASSERT|EXPECT)_OK fails 2015-03-19 17:32:43 -07:00
testharness.h rocksdb: print status error message when (ASSERT|EXPECT)_OK fails 2015-03-19 17:32:43 -07:00
testutil.cc Merger test 2014-09-08 22:24:40 -07:00
testutil.h rocksdb: Add missing override 2015-02-26 11:28:41 -08:00
thread_list_test.cc rocksdb: switch to gtest 2015-03-17 14:08:00 -07:00
thread_local_test.cc rocksdb: switch to gtest 2015-03-17 14:08:00 -07:00
thread_local.cc Use ustricter consistency in thread local operations 2015-01-27 13:56:03 -08:00
thread_local.h Improve the comment of util/thread_local.h 2014-10-21 17:28:31 -07:00
thread_operation.h Allow GetThreadList() to report operation stage. 2015-03-13 10:45:40 -07:00
thread_status_impl.cc Make the benchmark scripts configurable and add tests 2015-03-30 11:28:25 -07:00
thread_status_updater_debug.cc Allow GetThreadList() to indicate a thread is doing Compaction. 2015-01-13 00:04:08 -08:00
thread_status_updater.cc Report elapsed time in micros in ThreadStatus instead of start time. 2015-03-24 11:32:25 -07:00
thread_status_updater.h Report elapsed time in micros in ThreadStatus instead of start time. 2015-03-24 11:32:25 -07:00
thread_status_util_debug.cc Fix bad performance in debug mode 2015-04-13 15:58:45 -07:00
thread_status_util.cc Report elapsed time in micros in ThreadStatus instead of start time. 2015-03-24 11:32:25 -07:00
thread_status_util.h Fix compile warning in thread_status_util.h on Mac 2015-03-13 18:09:01 -07:00
vectorrep.cc assert(sorted) in vector rep 2015-04-13 17:33:24 -07:00
xfunc.cc Fixed xfunc related compile errors in ROCKSDB_LITE 2015-04-09 21:05:18 -07:00
xfunc.h Fixed xfunc related compile errors in ROCKSDB_LITE 2015-04-09 21:05:18 -07:00
xxhash.cc Prevent xxhash symbols from polluting global namespace 2015-03-12 12:07:10 -07:00
xxhash.h Prevent xxhash symbols from polluting global namespace 2015-03-12 12:07:10 -07:00