From f3e34e94668070c0fc8d5eea627045f40b24dc57 Mon Sep 17 00:00:00 2001 From: Thiago Macieira Date: Wed, 20 Sep 2023 17:42:38 -0700 Subject: [PATCH] moveToTrash/Unix: avoid mkdir/chmod race condition for the trash dir QDir::mkdir() followed by QFile::setPermissions() is a race condition because an attacker could enter the directory before we set the permissions. QDir::mkdir() got an overload with the permissions in 6.3, but I decided to go a level lower and use QFileSystemEngine directly here. Pick-to: 6.5 Change-Id: I9d43e5b91eb142d6945cfffd1786c338e21c129e Reviewed-by: Volker Hilsheimer (cherry picked from commit a71f5568304fa2c9d596d52374c7e69ac98f8ad7) Reviewed-by: Qt Cherry-pick Bot --- src/corelib/io/qfilesystemengine_unix.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/corelib/io/qfilesystemengine_unix.cpp b/src/corelib/io/qfilesystemengine_unix.cpp index 3e73133e31d..bf8ccfc2c80 100644 --- a/src/corelib/io/qfilesystemengine_unix.cpp +++ b/src/corelib/io/qfilesystemengine_unix.cpp @@ -1192,8 +1192,10 @@ static QString freeDesktopTrashLocation(const QString &sourcePath) | QFileDevice::ExeOwner; QString targetDir = topDir.filePath(trashDir); // deliberately not using mkpath, since we want to fail if topDir doesn't exist - if (topDir.mkdir(trashDir)) - QFile::setPermissions(targetDir, ownerPerms); + bool created = QFileSystemEngine::createDirectory(QFileSystemEntry(targetDir), false, ownerPerms); + if (created) + return targetDir; + // maybe it already exists and is a directory if (QFileInfo(targetDir).isDir()) return targetDir; return QString();