don't follow symlinks when recursively deleting a directory#2656
don't follow symlinks when recursively deleting a directory#2656netliomax25-code wants to merge 1 commit into
Conversation
🚨 TestLens detected 50 failed tests 🚨Here is what you can do:
Test SummaryBuild and test / lts (25, ubuntu-latest) > :test (first 40 of 50)
🏷️ Commit: 1ab17c8 Test Failures (first 10 of 50)BugsSTCTest > testInvokePublicMethodFromInaccessibleBase() (:test in Build and test / lts (25, ubuntu-latest))ClosuresSTCTest > testLexicalScopeVersusGetDynamicProperty() (:test in Build and test / lts (25, ubuntu-latest))ClosuresStaticCompileTest > testLexicalScopeVersusGetDynamicProperty() (:test in Build and test / lts (25, ubuntu-latest))CoercionSTCTest > testCoerceToFunctionalInterface14() (:test in Build and test / lts (25, ubuntu-latest))CoercionSTCTest > testCoerceToFunctionalInterface17() (:test in Build and test / lts (25, ubuntu-latest))CoercionStaticCompileTests > testCoerceToFunctionalInterface14() (:test in Build and test / lts (25, ubuntu-latest))CoercionStaticCompileTests > testCoerceToFunctionalInterface17() (:test in Build and test / lts (25, ubuntu-latest))FieldsAndPropertiesStaticCompileTest > testSuperPropertyAccess5() (:test in Build and test / lts (25, ubuntu-latest))GenericsSTCTest > testBoundedReturnTypeChecking2(String) > [2] "?." (:test in Build and test / lts (25, ubuntu-latest))GenericsSTCTest > testBoundedReturnTypeChecking5() (:test in Build and test / lts (25, ubuntu-latest))Muted Tests (first 20 of 50)Note Checks are currently running using the configuration below. Select tests to mute in this pull request: 🔲 BugsSTCTest > testInvokePublicMethodFromInaccessibleBase() Reuse successful test results: 🔲 ♻️ Only rerun the tests that failed or were muted before Click the checkbox to trigger a rerun: ☑️ Rerun jobs Learn more about TestLens at testlens.app. |
|
Merged as part of #2657. Thanks! |
Repro: inside a directory, place a symlink pointing at another directory that lives outside the tree, then call
deleteDir()on the outer directory. The linked-to directory's files are deleted along with the tree.Cause: recursion is gated on
File.isDirectory()/Files.isDirectory(path), both of which follow symbolic links, so a link to a directory is treated as a subdirectory and walked into. The delete then reaches files outside the tree being removed (CWE-59).Fix: check for a symbolic link first (
Files.isSymbolicLinkfor theFilepaths,LinkOption.NOFOLLOW_LINKSfor thePathpath) and remove the link itself instead of following it. Applied at the three recursive-delete sites that share this behavior:ResourceGroovyMethods.deleteDir(File)NioExtensions.deleteDir(Path)FileSystemCompiler.deleteRecursive(File)Files outside the deleted tree now survive; the tree and the link entry are still fully removed, and the return value is unchanged for the ordinary (no-symlink) case. Added regression tests for the
FileandPathvariants that skip where the platform has no symlink support.