diff options
| author | Glenn Morris | 2007-08-22 03:47:35 +0000 |
|---|---|---|
| committer | Glenn Morris | 2007-08-22 03:47:35 +0000 |
| commit | e6754bfca5c4813923ca8329543e4cb8273dcd9e (patch) | |
| tree | 18727e6819a393b716657184921f8b50dbaf3680 | |
| parent | 816d4e8d283bc3811169bec3a28828117fd289b6 (diff) | |
| download | emacs-e6754bfca5c4813923ca8329543e4cb8273dcd9e.tar.gz emacs-e6754bfca5c4813923ca8329543e4cb8273dcd9e.zip | |
(backup-buffer-copy): Check backup directory is writable, to avoid
infloop deleting old backup.
| -rw-r--r-- | lisp/files.el | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/lisp/files.el b/lisp/files.el index 8ade456ee07..8281a18b34f 100644 --- a/lisp/files.el +++ b/lisp/files.el | |||
| @@ -3120,7 +3120,12 @@ BACKUPNAME is the backup file name, which is the old file renamed." | |||
| 3120 | (file-error nil)))))) | 3120 | (file-error nil)))))) |
| 3121 | 3121 | ||
| 3122 | (defun backup-buffer-copy (from-name to-name modes) | 3122 | (defun backup-buffer-copy (from-name to-name modes) |
| 3123 | (let ((umask (default-file-modes))) | 3123 | (let ((umask (default-file-modes)) |
| 3124 | (dir (or (file-name-directory to-name) | ||
| 3125 | default-directory))) | ||
| 3126 | ;; Can't delete or create files in a read-only directory. | ||
| 3127 | (unless (file-writable-p dir) | ||
| 3128 | (signal 'file-error (list "Directory is not writable" dir))) | ||
| 3124 | (unwind-protect | 3129 | (unwind-protect |
| 3125 | (progn | 3130 | (progn |
| 3126 | ;; Create temp files with strict access rights. It's easy to | 3131 | ;; Create temp files with strict access rights. It's easy to |
| @@ -3129,6 +3134,11 @@ BACKUPNAME is the backup file name, which is the old file renamed." | |||
| 3129 | (set-default-file-modes ?\700) | 3134 | (set-default-file-modes ?\700) |
| 3130 | (while (condition-case () | 3135 | (while (condition-case () |
| 3131 | (progn | 3136 | (progn |
| 3137 | ;; If we allow for the possibility of something | ||
| 3138 | ;; creating the file between delete and copy | ||
| 3139 | ;; (below), we must also allow for the | ||
| 3140 | ;; possibility of something deleting it between | ||
| 3141 | ;; a file-exists-p check and a delete. | ||
| 3132 | (condition-case nil | 3142 | (condition-case nil |
| 3133 | (delete-file to-name) | 3143 | (delete-file to-name) |
| 3134 | (file-error nil)) | 3144 | (file-error nil)) |
| @@ -3137,6 +3147,10 @@ BACKUPNAME is the backup file name, which is the old file renamed." | |||
| 3137 | (file-already-exists t)) | 3147 | (file-already-exists t)) |
| 3138 | ;; The file was somehow created by someone else between | 3148 | ;; The file was somehow created by someone else between |
| 3139 | ;; `delete-file' and `copy-file', so let's try again. | 3149 | ;; `delete-file' and `copy-file', so let's try again. |
| 3150 | ;; Does that every actually happen in practice? | ||
| 3151 | ;; This is a potential infloop, which seems bad... | ||
| 3152 | ;; rms says "I think there is also a possible race | ||
| 3153 | ;; condition for making backup files" (emacs-devel 20070821). | ||
| 3140 | nil)) | 3154 | nil)) |
| 3141 | ;; Reset the umask. | 3155 | ;; Reset the umask. |
| 3142 | (set-default-file-modes umask))) | 3156 | (set-default-file-modes umask))) |