(original) (raw)

changeset: 77835:9134bb4d0578 user: Hynek Schlawack hs@ox.cx date: Thu Jun 28 15:30:47 2012 +0200 files: Lib/shutil.py description: #4489: Use dir_fd in rmdir in _rmtree_safe_fd() Now that rmdir supports dir_fd, we also use it. Attackers can't even delete empty directories anymore. diff -r 0bacbab678ed -r 9134bb4d0578 Lib/shutil.py --- a/Lib/shutil.py Thu Jun 28 13:53:43 2012 +0300 +++ b/Lib/shutil.py Thu Jun 28 15:30:47 2012 +0200 @@ -393,6 +393,10 @@ try: if os.path.samestat(orig_st, os.fstat(dirfd)): _rmtree_safe_fd(dirfd, fullname, onerror) + try: + os.rmdir(name, dir_fd=topfd) + except os.error: + onerror(os.rmdir, fullname, sys.exc_info()) finally: os.close(dirfd) else: @@ -400,10 +404,6 @@ os.unlink(name, dir_fd=topfd) except os.error: onerror(os.unlink, fullname, sys.exc_info()) - try: - os.rmdir(path) - except os.error: - onerror(os.rmdir, path, sys.exc_info()) _use_fd_functions = (os.unlink in os.supports_dir_fd and os.open in os.supports_dir_fd) @@ -445,6 +445,10 @@ if (stat.S_ISDIR(orig_st.st_mode) and os.path.samestat(orig_st, os.fstat(fd))): _rmtree_safe_fd(fd, path, onerror) + try: + os.rmdir(path) + except os.error: + onerror(os.rmdir, path, sys.exc_info()) else: raise NotADirectoryError(20, "Not a directory: '{}'".format(path)) /hs@ox.cx