acme/autocert: remove tempfile after dircache write failed

Per https://golang.org/pkg/io/ioutil/#TempFile description, caller should remove the file when no longer needed. Change-Id: I4c2a83c1c9bbd89f423d1a3334751e86f35b1cf6 GitHub-Last-Rev: fac91d1 GitHub-Pull-Request: #92 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/189337 Run-TryBot: Alex Vaghin <ddos@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Alex Vaghin <ddos@google.com>
golang · Aug 20, 2019 · 60c769a · 60c769a
1 parent 4def268
commit 60c769a
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 1 deletion.
diff --git a/acme/autocert/cache.go b/acme/autocert/cache.go
@@ -77,6 +77,7 @@ func (d DirCache) Put(ctx context.Context, name string, data []byte) error {
 		if tmp, err = d.writeTempFile(name, data); err != nil {
 			return
 		}
+		defer os.Remove(tmp)
 		select {
 		case <-ctx.Done():
 			// Don't overwrite the file if the context was canceled.
@@ -116,12 +117,17 @@ func (d DirCache) Delete(ctx context.Context, name string) error {
 }
 
 // writeTempFile writes b to a temporary file, closes the file and returns its path.
-func (d DirCache) writeTempFile(prefix string, b []byte) (string, error) {
+func (d DirCache) writeTempFile(prefix string, b []byte) (name string, reterr error) {
 	// TempFile uses 0600 permissions
 	f, err := ioutil.TempFile(string(d), prefix)
 	if err != nil {
 		return "", err
 	}
+	defer func() {
+		if reterr != nil {
+			os.Remove(f.Name())
+		}
+	}()
 	if _, err := f.Write(b); err != nil {
 		f.Close()
 		return "", err

diff --git a/acme/autocert/cache_test.go b/acme/autocert/cache_test.go
@@ -48,6 +48,15 @@ func TestDirCache(t *testing.T) {
 		t.Error(err)
 	}
 
+	// test put deletes temp file
+	tmp, err := filepath.Glob(name + "?*")
+	if err != nil {
+		t.Error(err)
+	}
+	if tmp != nil {
+		t.Errorf("temp file exists: %s", tmp)
+	}
+
 	// test delete
 	if err := cache.Delete(ctx, "dummy"); err != nil {
 		t.Fatalf("delete: %v", err)