Bump filepath-securejoin to 0.3.5

This release fixes a race in MkdirAll; the latter isn't currently used in k/k, but it seems safer to upgrade to avoid issues if it starts being used. The latest version is 0.3.6 but that only reduces the Go requirements, which isn't relevant for k/k and adds a couple hundred lines of code. Signed-off-by: Stephen Kitt <skitt@redhat.com>
2025-11-20 16:35:12 +00:00 · 2024-12-17 19:46:03 +01:00
parent cc03c6058b
commit 68ab918df7
6 changed files with 21 additions and 8 deletions
--- a/vendor/github.com/cyphar/filepath-securejoin/mkdir_linux.go
+++ b/vendor/github.com/cyphar/filepath-securejoin/mkdir_linux.go
@@ -119,7 +119,12 @@ func MkdirAllHandle(root *os.File, unsafePath string, mode int) (_ *os.File, Err
 		// NOTE: mkdir(2) will not follow trailing symlinks, so we can safely
 		// create the final component without worrying about symlink-exchange
 		// attacks.
-		if err := unix.Mkdirat(int(currentDir.Fd()), part, uint32(mode)); err != nil {
+		//
+		// If we get -EEXIST, it's possible that another program created the
+		// directory at the same time as us. In that case, just continue on as
+		// if we created it (if the created inode is not a directory, the
+		// following open call will fail).
+		if err := unix.Mkdirat(int(currentDir.Fd()), part, uint32(mode)); err != nil && !errors.Is(err, unix.EEXIST) {
 			err = &os.PathError{Op: "mkdirat", Path: currentDir.Name() + "/" + part, Err: err}
 			// Make the error a bit nicer if the directory is dead.
 			if err2 := isDeadInode(currentDir); err2 != nil {