Bug#439384: race condition in Maildir writing

Fri, 24 Aug 2007 10:08:28 -0700 

Package: offlineimap
Version: 5.99.1
Severity: normal
Tags: patch

The offlineimap Maildir code checks for file existence and then
opens a file. That's open to a race condition. It's better to open
the file and fail if it already exists. The following patch does
this. It catches OSError 17 (file exists) and re-raises all others.
I'll leave it up to you to decide whether this is appropriate.

--- /var/lib/python-support/python2.5/offlineimap/folder/Maildir.py     
2007-07-04 13:14:39.000000000 +0100
+++ /tmp/Maildir.py     2007-08-24 17:07:59.000000000 +0100
@@ -146,7 +146,8 @@
         # Otherwise, save the message in tmp/ and then call savemessageflags()
         # to give it a permanent home.
         tmpdir = os.path.join(self.getfullname(), 'tmp')
-        messagename = None
+        file = fd = None
+        messagename = tmpmessaename = None
         attempts = 0
         while 1:
             if attempts > 15:
@@ -159,19 +160,24 @@
                            socket.gethostname(),
                            uid,
                            md5.new(self.getvisiblename()).hexdigest())
-            if os.path.exists(os.path.join(tmpdir, messagename)):
-                time.sleep(2)
-                attempts += 1
-            else:
-                break
-        tmpmessagename = messagename.split(',')[0]
-        ui.debug('maildir', 'savemessage: using temporary name %s' % 
tmpmessagename)
-        file = open(os.path.join(tmpdir, tmpmessagename), "wt")
+            tmpmessagename = messagename.split(',')[0]
+            try:
+                fd = os.open(os.path.join(tmpdir, tmpmessagename),
+                        os.O_WRONLY + os.O_CREAT + os.O_EXCL)
+                file = os.fdopen(fd, 'w')
+                ui.debug('maildir', 'savemessage: using temporary name %s' % 
tmpmessagename)
+            except OSError, e:
+                if e.errno == 17:
+                    time.sleep(2)
+                    attempts += 1
+                    continue
+                raise
+
         file.write(content)
 
         # Make sure the data hits the disk
         file.flush()
-        os.fsync(file.fileno())
+        os.fsync(fd)
 
         file.close()
         if rtime != None:

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.21-2-686 (SMP w/1 CPU core)
Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages offlineimap depends on:
ii  python                        2.4.4-6    An interactive high-level object-o
ii  python-support                0.6.4      automated rebuilding support for p

offlineimap recommends no packages.

-- no debconf information

-- 
 .''`.   martin f. krafft <[EMAIL PROTECTED]>
: :'  :  proud Debian developer, author, administrator, and user
`. `'`   http://people.debian.org/~madduck - http://debiansystem.info
  `-  Debian - when you have better things to do than fixing systems

Attachment: digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)

Reply via email to