From 571318218c5598ad841cc3dff73c9fee2c7216ef Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 15 Dec 2015 21:05:00 -0400 Subject: merge from git-annex withTmpDir security fix in git-annex merged Fix potential denial of service attack when creating temp dirs. withTmpDir now makes directory mode 700. AFAICS, propellor didn't leak any info with the old permissions, and no uses of withTmpDir in propellor are broken by the new permissions. --- src/Utility/Exception.hs | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'src/Utility/Exception.hs') diff --git a/src/Utility/Exception.hs b/src/Utility/Exception.hs index 13000e03..8b110ae6 100644 --- a/src/Utility/Exception.hs +++ b/src/Utility/Exception.hs @@ -20,7 +20,8 @@ module Utility.Exception ( catchNonAsync, tryNonAsync, tryWhenExists, - catchHardwareFault, + catchIOErrorType, + IOErrorType(..) ) where import Control.Monad.Catch as X hiding (Handler) @@ -88,11 +89,11 @@ tryWhenExists a = do v <- tryJust (guard . isDoesNotExistError) a return (eitherToMaybe v) -{- Catches only exceptions caused by hardware faults. - - Ie, disk IO error. -} -catchHardwareFault :: MonadCatch m => m a -> (IOException -> m a) -> m a -catchHardwareFault a onhardwareerr = catchIO a onlyhw +{- Catches only IO exceptions of a particular type. + - Ie, use HardwareFault to catch disk IO errors. -} +catchIOErrorType :: MonadCatch m => IOErrorType -> (IOException -> m a) -> m a -> m a +catchIOErrorType errtype onmatchingerr a = catchIO a onlymatching where - onlyhw e - | ioeGetErrorType e == HardwareFault = onhardwareerr e + onlymatching e + | ioeGetErrorType e == errtype = onmatchingerr e | otherwise = throwM e -- cgit v1.2.3