New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Return error for current_exe on nonexistent file #69557
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -328,6 +328,22 @@ pub fn current_exe() -> io::Result<PathBuf> { | |
#[cfg(any(target_os = "linux", target_os = "android", target_os = "emscripten"))] | ||
pub fn current_exe() -> io::Result<PathBuf> { | ||
match crate::fs::read_link("/proc/self/exe") { | ||
Ok(path) => { | ||
let path_str = path.to_str().ok_or(io::Error::new( | ||
io::ErrorKind::InvalidData, | ||
"path contains invalid UTF-8 data", | ||
))?; | ||
unsafe { | ||
if libc::access(path_str.as_ptr() as *const i8, libc::F_OK) == 0 { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Does this FFI call require a NUL-terminated string? Rust strings are not. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Either way I don't know; there's no good fool-proof way to do this; we're just trying to dodge the throwing knives someone is sending our way at this point. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @clarfon outlined a possible approach, but that takes at least 4 syscalls. #69343 (comment) I'm not sure if that's worth it because under race conditions paths must be considered stale the very moment you get them from a syscall. The only race-free way to do these things is to operate on file descriptors instead of paths. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Yup, although I will say that the number of syscalls for this seems incredibly reasonable for an API that will be called extremely infrequently (likely seconds between invocations). There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Note that once the symlink is broken due to the target being deleted, it is always broken, so it's at least a one-way gate here. But that cannot rely on |
||
Ok(path) | ||
} else { | ||
Err(io::Error::new( | ||
io::ErrorKind::NotFound, | ||
"executable file does not exist anymore", | ||
)) | ||
} | ||
} | ||
} | ||
Err(ref e) if e.kind() == io::ErrorKind::NotFound => Err(io::Error::new( | ||
io::ErrorKind::Other, | ||
"no /proc/self/exe available. Is /proc mounted?", | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems likely to be incorrect... we shouldn't need to require a path to be UTF-8; that's the entire reason we have
Path(Buf)
andOsStr(ing)
.