mirrors/v
1
0
Fork 0
mirror of https://github.com/vlang/v.git synced 2025-09-13 14:32:26 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions 13
v/vlib/os
History
Delyan Angelov 3a3a1085cf
builtin: simplify MessageError.msg() (#21524)
2024-05-18 22:36:24 +03:00
..
bare
cmdline
filelock sync,os,thirdparty: fix cross compilation from macos to windows (#21484) 2024-05-10 22:04:52 +03:00
font all: update copyright year (#20334) 2024-01-01 23:29:54 +02:00
notify all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
args.v all: update copyright year (#20334) 2024-01-01 23:29:54 +02:00
const.v
const_nix.c.v all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
const_windows.c.v all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
debugger_darwin.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
debugger_default.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
debugger_freebsd.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
debugger_linux.c.v os,runtime: workaround for v.c generation instability 2024-05-01 21:51:28 +03:00
debugger_windows.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
dir_expansions_test.v os: fix join-path (#21425) 2024-05-13 10:37:55 +03:00
environment.c.v all: update copyright year (#20334) 2024-01-01 23:29:54 +02:00
environment.js.v
environment_test.v time: update unix time acces, fix issues related to deviating unix times (#21293) 2024-04-17 00:33:37 +03:00
fd.c.v breaking,checker: disallow initializing private struct fields outside structs module (#21183) 2024-04-12 13:53:02 +03:00
file.c.v os: add os.write_lines/2 + tests, fix deprecation notice in read_bytes_into_newline in file_test.v (#21343) 2024-04-25 08:31:01 +03:00
file.js.v os: fix File.read() in JS backends (fix #20501) (#20633) 2024-01-29 15:07:25 +02:00
file_buffering.c.v os: add File.set_buffer and related helpers + tests (#20661) 2024-01-26 20:44:23 +02:00
file_buffering_test.v ci: improve test robustness on windows (#21116) 2024-03-28 07:29:17 +02:00
file_test.v os: add os.write_lines/2 + tests, fix deprecation notice in read_bytes_into_newline in file_test.v (#21343) 2024-04-25 08:31:01 +03:00
filepath.v vlib: refactor empty string checks to use s == '' or s != '', instead of s.len == 0 (#21300) 2024-04-18 02:44:31 +03:00
filepath_test.v
filepath_windows.v
find_abs_path_of_executable_test.v ci: improve test robustness on windows (#21116) 2024-03-28 07:29:17 +02:00
glob_test.v
inode.c.v all: fix typos (#21089) 2024-03-25 12:18:27 +02:00
inode_test.v ci: improve test robustness on windows (#21116) 2024-03-28 07:29:17 +02:00
join_path_test.v os: simplify and unify os.join_path and os.join_path_single, and add more tests (#21494) 2024-05-13 17:33:10 +03:00
open_and_read_from_file_test.js.v os: fix File.read() in JS backends (fix #20501) (#20633) 2024-01-29 15:07:25 +02:00
open_uri_default.c.v
open_uri_windows.c.v
os.c.v vlib: refactor empty string checks to use s == '' or s != '', instead of s.len == 0 (#21300) 2024-04-18 02:44:31 +03:00
os.js.v os: add os.path_devnull (containing /dev/null on POSIX and \\.\nul on Windows) (#20439) 2024-01-08 18:00:36 +02:00
os.v os: simplify and unify os.join_path and os.join_path_single, and add more tests (#21494) 2024-05-13 17:33:10 +03:00
os_android_outside_termux.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_darwin.c.v all: update copyright year (#20334) 2024-01-01 23:29:54 +02:00
os_js.js.v
os_linux.c.v all: update copyright year (#20334) 2024-01-01 23:29:54 +02:00
os_nix.c.v os: fix os.execute stderr redirection (fix #20986) (#21404) 2024-05-03 00:16:02 +03:00
os_stat_default.c.v os: refactor to use os.stat and os.lstat instead of unsafe C calls (#20759) 2024-02-08 19:27:49 +02:00
os_stat_test.v time: update unix time acces, fix issues related to deviating unix times (#21293) 2024-04-17 00:33:37 +03:00
os_stat_windows.c.v os: refactor to use os.stat and os.lstat instead of unsafe C calls (#20759) 2024-02-08 19:27:49 +02:00
os_structs_dirent_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_sigaction_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_stat_default.c.v os: add os.stat() and helpers (#20739) 2024-02-07 07:12:03 +02:00
os_structs_stat_linux.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_stat_windows.v os: add os.stat() and helpers (#20739) 2024-02-07 07:12:03 +02:00
os_structs_utsname_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_test.c.v os: simplify and unify os.join_path and os.join_path_single, and add more tests (#21494) 2024-05-13 17:33:10 +03:00
os_windows.c.v vlib: refactor empty string checks to use s == '' or s != '', instead of s.len == 0 (#21300) 2024-04-18 02:44:31 +03:00
password_nix.c.v
password_windows.c.v clipboard: fix v -cstrict -cc gcc vlib/clipboard/clipboard_test.v 2023-10-15 21:21:29 +03:00
process.c.v os: add proper process termination with p.signal_term() (#20671) 2024-01-27 23:25:36 +02:00
process.js.v
process.v os: cleanup field comments of os.Process (#21023) 2024-03-15 09:11:44 +02:00
process_nix.c.v os: add proper process termination with p.signal_term() (#20671) 2024-01-27 23:25:36 +02:00
process_test.v ci: improve test robustness on windows (#21116) 2024-03-28 07:29:17 +02:00
process_windows.c.v os: add proper process termination with p.signal_term() (#20671) 2024-01-27 23:25:36 +02:00
README.md os: format readme, fix markdown inside html (#21286) 2024-04-15 14:56:44 +03:00
signal.c.v os: add a convenient way to ignore certain system signals (#19639) 2023-10-25 17:15:26 +03:00
signal.js.v
signal.v Revert "os: add a convenient way to ignore certain system signals (#19632)" (#19637) 2023-10-24 03:06:57 +03:00
signal_darwin.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
signal_default.c.v os: fix bootstrapping for OpenBSD 2023-11-16 13:43:55 +02:00
signal_linux.c.v os: fix bootstrapping for OpenBSD 2023-11-16 13:43:55 +02:00
signal_test.v builtin: simplify MessageError.msg() (#21524) 2024-05-18 22:36:24 +03:00
signal_windows.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00

README.md

Description

os provides common OS/platform independent functions for accessing command line arguments, reading/writing files, listing folders, handling processes etc.

Security advice related to TOCTOU attacks

A few os module functions can lead to the TOCTOU vulnerability if used incorrectly. TOCTOU (Time-of-Check-to-Time-of-Use problem) can occur when a file, folder or similar is checked for certain specifications (e.g. read, write permissions) and a change is made afterwards. In the time between the initial check and the edit, an attacker can then cause damage. The following example shows an attack strategy on the left and an improved variant on the right so that TOCTOU is no longer possible.

Example
Hint: os.create() opens a file in write-only mode

Possibility for TOCTOU attack TOCTOU not possible 
if os.is_writable("file") {
    // time to make a quick attack
    // (e.g. symlink /etc/passwd to `file`)

    mut f := os.create('path/to/file')!
    // do something with file
    f.close()
}

mut f := os.create('path/to/file') or {
    println("file not writable")
}

// file is locked
// do something with file

f.close()

Proven affected functions
The following functions should be used with care and only when used correctly.

  • os.is_readable()
  • os.is_writable()
  • os.is_executable()
  • os.is_link()