I think the race condition can be removed by doing something like this
(It's similar to what mkstemp does):
while True:
try:
fd = os.open(os.path.join(settings.MEDIA_ROOT, filename),
os.O_RDWR | os.O_CREAT | os.O_EXCL)
fp = os.fdopen(fd, 'wb')
fp.write(raw_contents)
fp.close()
break;
except OSError, e:
if e.errno != errno.EEXIST:
raise
try:
dot_index = filename.rindex('.')
except ValueError: # filename has no dot
filename += '_'
else:
filename = filename[:dot_index] + '_' + filename[dot_index:]
Does this look reasonable?
Regards
Enrico
On Tue, 2007-04-24 at 22:45 +1000, Malcolm Tredinnick wrote:
> On Tue, 2007-04-24 at 21:06 +1200, Enrico de Klerk wrote:
> > Hi there,
> >
> > I've noticed a possible race condition in django/db/models/base.py.
> >
> > When a file field is saved in the _save_FIELD_file function it first
> > checks whether a file with the same name already exists, and then adds
> > underscores to the filename until it generates a unique name and then
> > saves the file.
> >
> > # If the filename already exists, keep adding an underscore to the name
> > of
> > # the file until the filename doesn't exist.
> > while os.path.exists(os.path.join(settings.MEDIA_ROOT,
> > filename)):
> > try:
> > dot_index = filename.rindex('.')
> > except ValueError: # filename has no dot
> > filename += '_'
> > else:
> > filename = filename[:dot_index] + '_' +
> > filename[dot_index:]
> >
> > # Write the file to disk.
> > setattr(self, field.attname, filename)
> >
> > full_filename = self._get_FIELD_filename(field)
> > fp = open(full_filename, 'wb')
> > fp.write(raw_contents)
> > fp.close()
> >
> > It looks like there may be a timing window where if two files with the
> > same name are saved at roughly the same time, the first one will be
> > overwritten. Shouldn't this use something like mkstemp that does this
> > atomically?
>
> The problem is that mkstemp doesn't give you a filename that looks
> anything like the original. Even if you control the prefix and suffix,
> there's still a large random block in the filename. Your analysis is
> correct, though -- it is vulnerable to a race. Worth thinking about if
> there's something we can do that's even less likely to collide.
>
> Regards,
> Malcolm
>
>
>
> >
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
