git.ipfire.org Git - thirdparty/pdns.git/commit

author	Remi Gacogne <remi.gacogne@powerdns.com>
	Mon, 31 Mar 2025 09:10:34 +0000 (11:10 +0200)
committer	Remi Gacogne <remi.gacogne@powerdns.com>
	Mon, 31 Mar 2025 09:10:34 +0000 (11:10 +0200)
commit	9c313b04cd2bbd5c9ed189c4a26260cbb056bb48
tree	2be2d4dd2c9d1956e6654a63689e3e1c3b4a0962	tree
parent	4b1ee9f30764e9ef4abd3b0daf4de4ba02c0d7e4	commit \| diff

dnsdist: Fix a TOCTOU in the Async regression tests

The existing code was catching all exceptions based on `OSError`
raised by a call to `os.unlink()` , and re-throwing if the file
actually existed, in an attempt to only ignore the case where
the file did not exist and still fail if the process did not
have enough rights to remove it, for example.
Unfortunately this construct introduced a TOCTOU issue, where the
initial exception might have been raised because the file did not
exist at the time of the call, resulting in a `FileNotFoundError`
exception being raised, but had been created before the existence
check, resulting in a puzzling message:
```
ready: 8/8 workersException in thread Asynchronous Responder:
Traceback (most recent call last):
  File "/usr/lib/python3.13/threading.py", line 992, in run
    self._target(*self._args, **self._kwargs)
    ~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/pdns/regression-tests.dnsdist/test_Async.py", line 17, in AsyncResponder
    os.unlink(listenPath)
    ~~~~~~~~~^^^^^^^^^^^^
8 workers [816 items]
```

The new code only catches `FileNotFoundError` instead, so that
other errors are still causing a failure without needing a second
check.