Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Panic when deleting file with a non-UTF-8 name #105

Closed
sxyazi opened this issue Apr 26, 2024 · 4 comments · Fixed by #108
Closed

Panic when deleting file with a non-UTF-8 name #105

sxyazi opened this issue Apr 26, 2024 · 4 comments · Fixed by #108
Labels
bug Something isn't working help wanted Extra attention is needed

Comments

@sxyazi
Copy link

sxyazi commented Apr 26, 2024

When deleting a file created by touch ''$'\250', the program panics:

thread 'main' panicked at /home/ika/.cargo/registry/src/index.crates.io-6f17d22bba15001f/trash-4.1.0/src/freedesktop.rs:448:31:
called `Option::unwrap()` on a `None` value
stack backtrace:
   0: rust_begin_unwind
             at /rustc/82e1608dfa6e0b5569232559e3d385fea5a93112/library/std/src/panicking.rs:645:5
   1: core::panicking::panic_fmt
             at /rustc/82e1608dfa6e0b5569232559e3d385fea5a93112/library/core/src/panicking.rs:72:14
   2: core::panicking::panic
             at /rustc/82e1608dfa6e0b5569232559e3d385fea5a93112/library/core/src/panicking.rs:127:5
   3: core::option::Option<T>::unwrap
             at /rustc/82e1608dfa6e0b5569232559e3d385fea5a93112/library/core/src/option.rs:931:21
   4: trash::platform::move_to_trash
             at /home/ika/.cargo/registry/src/index.crates.io-6f17d22bba15001f/trash-4.1.0/src/freedesktop.rs:448:13
   5: trash::platform::<impl trash::TrashContext>::delete_all_canonicalized::{{closure}}
             at /home/ika/.cargo/registry/src/index.crates.io-6f17d22bba15001f/trash-4.1.0/src/freedesktop.rs:49:21
   6: trash::platform::execute_on_mounted_trash_folders
             at /home/ika/.cargo/registry/src/index.crates.io-6f17d22bba15001f/trash-4.1.0/src/freedesktop.rs:408:9
   7: trash::platform::<impl trash::TrashContext>::delete_all_canonicalized
             at /home/ika/.cargo/registry/src/index.crates.io-6f17d22bba15001f/trash-4.1.0/src/freedesktop.rs:48:17
   8: trash::TrashContext::delete_all
             at /home/ika/.cargo/registry/src/index.crates.io-6f17d22bba15001f/trash-4.1.0/src/lib.rs:112:9
   9: trash::TrashContext::delete
             at /home/ika/.cargo/registry/src/index.crates.io-6f17d22bba15001f/trash-4.1.0/src/lib.rs:85:9
  10: trash::delete
             at /home/ika/.cargo/registry/src/index.crates.io-6f17d22bba15001f/trash-4.1.0/src/lib.rs:120:5
  11: test_trash::main
             at ./src/main.rs:9:2
  12: core::ops::function::FnOnce::call_once
             at /rustc/82e1608dfa6e0b5569232559e3d385fea5a93112/library/core/src/ops/function.rs:250:5
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.

Here's a minimal reproducing code:

use std::ffi::OsStr;

fn main() {
	// touch ''$'\250'
	let s = unsafe { OsStr::from_encoded_bytes_unchecked(&[168]) };

	std::fs::File::create(s).unwrap();

	trash::delete(s).ok();

	println!("Hello, world!");
}

I think trash should handle non-UTF-8 characters, or at least return an error instead of panicking.
This was referenced Apr 26, 2024
Closed
Closed
@Byron Byron added bug Something isn't working help wanted Extra attention is needed labels Apr 26, 2024
@Byron
Copy link
Owner

Byron commented Apr 26, 2024

Thanks a lot for reporting!

The example will probably serve as a perfect test to add to the suite, allowing a fix to be put in place easily. Generally the codebase understands the difference between String and Path, so I'd hope the issue isn't wide-spread and maybe just in this one place, facilitating a fix.

@markus-bauer
Copy link

It's this:

trash-rs/src/freedesktop.rs

Lines 445 to 448 in 46585ce

let in_trash_name = if appendage > 1 {
format!("{}.{}", filename.to_str().unwrap(), appendage)
} else {
filename.to_str().unwrap().into()

You should do this with OsString. It doesn't seem like you actually need Strings. Example:

diff --git a/src/freedesktop.rs b/src/freedesktop.rs
index 8373ef9..0344935 100644
--- a/src/freedesktop.rs
+++ b/src/freedesktop.rs
@@ -7,8 +7,9 @@
 //!

 use std::{
-    borrow::Borrow,
+    borrow::{Borrow, Cow},
     collections::HashSet,
+    ffi::OsString,
     fs::{self, File, OpenOptions},
     io::{BufRead, BufReader, Write},
     os::unix::{ffi::OsStrExt, fs::PermissionsExt},
@@ -443,11 +444,18 @@ fn move_to_trash(
     loop {
         appendage += 1;
         let in_trash_name = if appendage > 1 {
-            format!("{}.{}", filename.to_str().unwrap(), appendage)
+            let mut buf = filename.to_os_string();
+            buf.push(".");
+            buf.push(appendage.to_string());
+            Cow::Owned(buf)
         } else {
-            filename.to_str().unwrap().into()
+            Cow::Borrowed(filename)
+        };
+        let info_name = {
+            let mut buf = OsString::from(&in_trash_name);
+            buf.push(".trashinfo");
+            buf
         };
-        let info_name = format!("{in_trash_name}.trashinfo");
         let info_file_path = info_folder.join(&info_name);
         let info_result = OpenOptions::new().create_new(true).write(true).open(&info_file_path);
         match info_result {

There are many other to_str().unwrap() in this code!

@Byron
Copy link
Owner

Byron commented May 21, 2024

Thanks for researching this, a PR would definitely be welcome. Thanks again for your help.

@markus-bauer
Copy link

I wouldn't be comfortable making the PR, because I don't know the code well enough. But you should be able to fix this easily. It was just a mistake from the start to use Strings for this.

@joshuamegnauth54 joshuamegnauth54 mentioned this issue Jun 16, 2024
Merged
@Byron Byron closed this as completed in 15a15f8 Jun 18, 2024
joshuamegnauth54 added a commit to joshuamegnauth54/cosmic-files that referenced this issue Jun 19, 2024
@joshuamegnauth54
Bump trash-rs to fix panic for non-Unicode paths
17cd8fe 
See: Byron/trash-rs#105

Some operating systems or file systems support non-Unicode paths (e.g.
Linux and the BSDs). `trash-rs` panicked when trashing or listing the
trash with non-UTF8 names.

For COSMIC Files specifically, the program panics on start if the trash
contains files with invalid Unicode names. It also panics when
attempting to trash files with said names.

To replicate:
```sh
touch ''$'\250'
gio trash ''$'\250'

cosmic-files
```
@joshuamegnauth54 joshuamegnauth54 mentioned this issue Jun 19, 2024
Merged
jackpot51 pushed a commit to pop-os/cosmic-files that referenced this issue Jun 19, 2024
@joshuamegnauth54 @jackpot51
Bump trash-rs to fix panic for non-Unicode paths
cd135fc 
See: Byron/trash-rs#105

Some operating systems or file systems support non-Unicode paths (e.g.
Linux and the BSDs). `trash-rs` panicked when trashing or listing the
trash with non-UTF8 names.

For COSMIC Files specifically, the program panics on start if the trash
contains files with invalid Unicode names. It also panics when
attempting to trash files with said names.

To replicate:
```sh
touch ''$'\250'
gio trash ''$'\250'

cosmic-files
```
@xnuk xnuk mentioned this issue Jun 24, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: Support non-Unicode paths joshuamegnauth54/trash-rs
3 participants
@Byron @sxyazi @markus-bauer