mirrors/v
1
0
Fork 0
mirror of https://github.com/vlang/v.git synced 2025-09-13 22:42:26 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions 13
v/vlib/os
History
gym603 afaeb74238
os: create the folder described by XDG_CACHE_HOME, *if it is non empty, and it does not exist yet*, when calling os.cache_dir() (#20046)
2023-11-30 23:04:42 +02:00
..
bare ci: re-enable testing of ./v -freestanding run vlib/os/bare/bare_example_linux.v on ubuntu 2021-04-22 12:50:56 +03:00
cmdline builtin: remove methods that can be autogenerated (#11109) 2021-08-09 15:42:31 +03:00
filelock all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
font all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
notify all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
args.v all: 2023 copyright 2023-03-28 22:55:57 +02:00
const.v
const_nix.c.v all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
const_windows.c.v all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
debugger_darwin.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
debugger_default.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
debugger_freebsd.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
debugger_linux.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
debugger_windows.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
dir_expansions_test.v vfmt: change all '$expr' to '${expr}' (#16428) 2022-11-15 16:53:13 +03:00
environment.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
environment.js.v vlib: update doc comments (#19231) 2023-08-30 08:50:00 +03:00
environment_test.v vfmt: change all '$expr' to '${expr}' (#16428) 2022-11-15 16:53:13 +03:00
fd.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
file.c.v os: update comments (#19989) 2023-11-26 09:39:51 +03:00
file.js.v all: remove unnecessary IError() casts 2022-10-28 19:08:30 +03:00
file_test.v all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
filepath.v all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
filepath_test.v vfmt: change all '$expr' to '${expr}' (#16428) 2022-11-15 16:53:13 +03:00
filepath_windows.v os: correct description of windows_volume function (#14726) 2022-06-09 10:56:58 +03:00
find_abs_path_of_executable_test.v tests: cleanup legacy temp path (#19716) 2023-10-31 15:16:19 +02:00
glob_test.v all: change optional to result of io (#16075) 2022-10-16 09:28:57 +03:00
inode.c.v all: 2023 copyright 2023-03-28 22:55:57 +02:00
inode_test.v all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
open_uri_default.c.v vlib: update doc comments (#19231) 2023-08-30 08:50:00 +03:00
open_uri_windows.c.v vlib: update doc comments (#19231) 2023-08-30 08:50:00 +03:00
os.c.v os: flush stdout and stderr before calling _wsystem (on windows), as the MSDN doc advices (#20034) 2023-11-29 19:25:41 +02:00
os.js.v all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
os.v os: create the folder described by XDG_CACHE_HOME, *if it is non empty, and it does not exist yet*, when calling os.cache_dir() (#20046) 2023-11-30 23:04:42 +02:00
os_android_outside_termux.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_darwin.c.v all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
os_js.js.v os: return the long path for os.temp_dir() on windows, even for folders like c:\someth~1 (#17623) 2023-03-14 00:51:52 +02:00
os_linux.c.v all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
os_nix.c.v all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
os_structs_dirent_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_sigaction_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_stat_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_stat_linux.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_structs_utsname_default.c.v all: make all struct C.XYZ -> pub struct C.XYZ (#19651) 2023-10-25 15:01:50 +03:00
os_test.c.v all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
os_windows.c.v tests: make 'v test-self' pass under msys2/MINGW64 (#20010) 2023-11-28 15:03:30 +02:00
password_nix.c.v os,term.termios: add termios.set_state/2, state.disable_echo/0, use them in os.input_password, to fix v -os wasm32_emscripten examples/2048/ 2023-07-31 10:28:45 +03:00
password_windows.c.v clipboard: fix v -cstrict -cc gcc vlib/clipboard/clipboard_test.v 2023-10-15 21:21:29 +03:00
process.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
process.js.v vfmt: change all '$expr' to '${expr}' (#16428) 2022-11-15 16:53:13 +03:00
process.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
process_nix.c.v all: fix typos (#19634) 2023-10-23 21:21:15 +03:00
process_test.v all: unwrap const() blocks 2023-11-25 10:02:51 +03:00
process_windows.c.v all: assigning 0 to reference fields now requires unsafe blocks (fix #14911) (#19955) 2023-11-23 11:16:26 +02:00
README.md os: update TOCTOU example in readme, to improve readability of the module docs on mobile (#19255) 2023-09-01 16:09:04 +03:00
signal.c.v os: add a convenient way to ignore certain system signals (#19639) 2023-10-25 17:15:26 +03:00
signal.js.v os: return the long path for os.temp_dir() on windows, even for folders like c:\someth~1 (#17623) 2023-03-14 00:51:52 +02:00
signal.v Revert "os: add a convenient way to ignore certain system signals (#19632)" (#19637) 2023-10-24 03:06:57 +03:00
signal_darwin.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00
signal_default.c.v os: fix bootstrapping for OpenBSD 2023-11-16 13:43:55 +02:00
signal_linux.c.v os: fix bootstrapping for OpenBSD 2023-11-16 13:43:55 +02:00
signal_test.v os: add a convenient way to ignore certain system signals (#19639) 2023-10-25 17:15:26 +03:00
signal_windows.c.v all: update attributes to use new syntax 2023-11-15 16:16:01 +11:00

README.md

Description:

os provides common OS/platform independent functions for accessing command line arguments, reading/writing files, listing folders, handling processes etc.

Security advice related to TOCTOU attacks

A few os module functions can lead to the TOCTOU vulnerability if used incorrectly. TOCTOU (Time-of-Check-to-Time-of-Use problem) can occur when a file, folder or similar is checked for certain specifications (e.g. read, write permissions) and a change is made afterwards. In the time between the initial check and the edit, an attacker can then cause damage. The following example shows an attack strategy on the left and an improved variant on the right so that TOCTOU is no longer possible.

Example Hint: os.create() opens a file in write-only mode

Possibility for TOCTOU attack TOCTOU not possible 
if os.is_writable("file") {
    // time to make a quick attack
    // (e.g. symlink /etc/passwd to `file`)

    mut f := os.create('path/to/file')!
    // do something with file
    f.close()
}

mut f := os.create('path/to/file') or {
    println("file not writable")
}

// file is locked
// do something with file

f.close()

Proven affected functions
The following functions should be used with care and only when used correctly.

  • os.is_readable()
  • os.is_writable()
  • os.is_executable()
  • os.is_link()