mirrors/v
1
0
Fork 0
mirror of https://github.com/vlang/v.git synced 2025-09-13 14:32:26 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions 13
v/vlib/os
History
Felipe Pena 83b4167c19
fmt: fix interface fields alignment (#19866)
2023-11-15 18:17:35 +02:00
..
bare
cmdline
filelock all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
font all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
notify fmt: fix interface fields alignment (#19866) 2023-11-15 18:17:35 +02:00
args.v all: 2023 copyright 2023-03-28 22:55:57 +02:00
const.v
const_nix.c.v os: reduce heap allocations done by os.real_path, os.executable, os.getwd 2022-08-17 17:06:38 +03:00
const_windows.c.v checker: check int overflow for const vars (#16332) 2022-11-06 08:22:28 +03:00
debugger_darwin.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
debugger_default.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
debugger_freebsd.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
debugger_linux.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
debugger_windows.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
dir_expansions_test.v vfmt: change all '$expr' to '${expr}' (#16428) 2022-11-15 16:53:13 +03:00
environment.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
environment.js.v vlib: update doc comments (#19231) 2023-08-30 08:50:00 +03:00
environment_test.v vfmt: change all '$expr' to '${expr}' (#16428) 2022-11-15 16:53:13 +03:00
fd.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
file.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
file.js.v all: remove unnecessary IError() casts 2022-10-28 19:08:30 +03:00
file_test.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
filepath.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
filepath_test.v vfmt: change all '$expr' to '${expr}' (#16428) 2022-11-15 16:53:13 +03:00
filepath_windows.v os: correct description of windows_volume function (#14726) 2022-06-09 10:56:58 +03:00
find_abs_path_of_executable_test.v tests: cleanup legacy temp path (#19716) 2023-10-31 15:16:19 +02:00
glob_test.v all: change optional to result of io (#16075) 2022-10-16 09:28:57 +03:00
inode.c.v all: 2023 copyright 2023-03-28 22:55:57 +02:00
inode_test.v tests: cleanup legacy temp path (#19716) 2023-10-31 15:16:19 +02:00
open_uri_default.c.v vlib: update doc comments (#19231) 2023-08-30 08:50:00 +03:00
open_uri_windows.c.v vlib: update doc comments (#19231) 2023-08-30 08:50:00 +03:00
os.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
os.js.v os: cleanup APIs returning !bool to either return ! or bool (#16111) 2022-10-20 13:56:06 +03:00
os.v os: ignore empty path segments in join_path (#19877) 2023-11-15 10:54:20 +02:00
os_android_outside_termux.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_darwin.c.v all: 2023 copyright 2023-03-28 22:55:57 +02:00
os_js.js.v os: return the long path for os.temp_dir() on windows, even for folders like c:\someth~1 (#17623) 2023-03-14 00:51:52 +02:00
os_linux.c.v all: 2023 copyright 2023-03-28 22:55:57 +02:00
os_nix.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
os_structs_dirent_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_sigaction_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_stat_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_stat_linux.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_utsname_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_test.c.v os: ignore empty path segments in join_path (#19877) 2023-11-15 10:54:20 +02:00
os_windows.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
password_nix.c.v os,term.termios: add termios.set_state/2, state.disable_echo/0, use them in os.input_password, to fix v -os wasm32_emscripten examples/2048/ 2023-07-31 10:28:45 +03:00
password_windows.c.v clipboard: fix v -cstrict -cc gcc vlib/clipboard/clipboard_test.v 2023-10-15 21:21:29 +03:00
process.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
process.js.v vfmt: change all '$expr' to '${expr}' (#16428) 2022-11-15 16:53:13 +03:00
process.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
process_nix.c.v all: fix typos (#19634) 2023-10-23 21:21:15 +03:00
process_test.v tests: cleanup legacy temp path (#19716) 2023-10-31 15:16:19 +02:00
process_windows.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
README.md os: update TOCTOU example in readme, to improve readability of the module docs on mobile (#19255) 2023-09-01 16:09:04 +03:00
signal.c.v os: add a convenient way to ignore certain system signals (#19639) 2023-10-25 17:15:26 +03:00
signal.js.v os: return the long path for os.temp_dir() on windows, even for folders like c:\someth~1 (#17623) 2023-03-14 00:51:52 +02:00
signal.v Revert "os: add a convenient way to ignore certain system signals (#19632)" (#19637) 2023-10-24 03:06:57 +03:00
signal_darwin.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
signal_default.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
signal_test.v os: add a convenient way to ignore certain system signals (#19639) 2023-10-25 17:15:26 +03:00
signal_windows.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00

README.md

Description:

os provides common OS/platform independent functions for accessing command line arguments, reading/writing files, listing folders, handling processes etc.

Security advice related to TOCTOU attacks

A few os module functions can lead to the TOCTOU vulnerability if used incorrectly. TOCTOU (Time-of-Check-to-Time-of-Use problem) can occur when a file, folder or similar is checked for certain specifications (e.g. read, write permissions) and a change is made afterwards. In the time between the initial check and the edit, an attacker can then cause damage. The following example shows an attack strategy on the left and an improved variant on the right so that TOCTOU is no longer possible.

Example Hint: os.create() opens a file in write-only mode

Possibility for TOCTOU attack TOCTOU not possible 
if os.is_writable("file") {
    // time to make a quick attack
    // (e.g. symlink /etc/passwd to `file`)

    mut f := os.create('path/to/file')!
    // do something with file
    f.close()
}

mut f := os.create('path/to/file') or {
    println("file not writable")
}

// file is locked
// do something with file

f.close()

Proven affected functions
The following functions should be used with care and only when used correctly.

  • os.is_readable()
  • os.is_writable()
  • os.is_executable()
  • os.is_link()