From: Eric Wong <e@80x24.org>
Date: Sun, 1 Oct 2023 09:54:21 +0000 (+0000)
Subject: git: packed_bytes: deal with glob+stat TOCTTOU
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f7bb1094391e45978d40a79da05a6ce96823725e;p=thirdparty%2Fpublic-inbox.git

git: packed_bytes: deal with glob+stat TOCTTOU

There's not much we can do about this aside from just ignoring
errors and considering un-stat-able files as zero-sized.
There's no syscalls which expose FUSE3 `readdirplus' type
functionality to userspace to avoid this problem.
---

diff --git a/lib/PublicInbox/Git.pm b/lib/PublicInbox/Git.pm
index 1dbd10b77..0fd621e1c 100644
--- a/lib/PublicInbox/Git.pm
+++ b/lib/PublicInbox/Git.pm
@@ -486,9 +486,7 @@ sub packed_bytes {
 	my ($self) = @_;
 	my $n = 0;
 	my $pack_dir = git_path($self, 'objects/pack');
-	foreach my $p (bsd_glob("$pack_dir/*.pack", GLOB_NOSORT)) {
-		$n += -s $p;
-	}
+	$n += (-s $_ // 0) for (bsd_glob("$pack_dir/*.pack", GLOB_NOSORT));
 	$n
 }