rust-lang/rust
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
2150180050b71e46bb305ffdb2de615f3aa5588f
rust/library/std/src
History
Jacob Pratt 7f306d5729 Rollup merge of #141832 - workingjubilee:explain-what-toctou-races-are, r=thomcc,ChrisDenton 
library: explain TOCTOU races in `fs::remove_dir_all`

In the previous description it said there was a TOCTOU race but did not explain exactly what the problem was. I sat down with the CVE, reviewed its text, and created this explanation. This context should hopefully help people understand the actual risk as-such.

Incidentally, it also fixes the capitalization on the name of Redox OS.

Original CVE and advisory:
- CVE: https://www.cve.org/CVERecord?id=CVE-2022-21658
- security advisory: https://groups.google.com/g/rustlang-security-announcements/c/R1fZFDhnJVQ?pli=1
- github cross-post: https://github.com/rust-lang/rust/security/advisories/GHSA-r9cc-f5pr-p3j2
2025-06-01 00:35:54 +02:00
..
backtrace
collections
Docs(lib/coll/hm): Add kv pair to extract_if's first sentence
2025-05-17 02:49:57 +02:00
ffi
Rollup merge of #140936 - teor2345:wtf-surrogate-docs, r=workingjubilee
2025-05-26 03:38:17 +02:00
fs
Test(fs): Fix test_eq_windows_file_type for Windows 7
2025-05-28 12:06:25 +02:00
hash
remove const_hash feature leftovers
2024-11-02 11:27:14 +01:00
io
Rollup merge of #141109 - oconnor663:pipe_example, r=Mark-Simulacrum
2025-05-23 13:34:19 +02:00
net
ToSocketAddrs: fix typo
2025-04-04 14:47:04 +02:00
num
Add const support for float rounding methods
2025-05-31 15:26:57 -03:00
os
Rollup merge of #141019 - ehuss:android-doctest-xcompile, r=Mark-Simulacrum
2025-05-23 13:34:18 +02:00
prelude
update cfg(bootstrap)
2025-05-12 15:33:37 +02:00
process
std: Apply deprecated_safe_2024
2025-02-13 13:10:28 -08:00
sync
Rollup merge of #140369 - jplatte:mutex-rwlock-data-ptr, r=Amanieu
2025-05-28 10:28:07 -04:00
sys
Auto merge of #141685 - orlp:inplace-tls-drop, r=joboet
2025-05-31 14:56:33 +00:00
sys_common
std: get rid of sys_common::process
2025-04-28 11:13:50 +02:00
thread
update cfg(bootstrap)
2025-05-12 15:33:37 +02:00
alloc.rs
use generic Atomic type where possible
2025-04-27 02:18:08 +03:00
ascii.rs
backtrace.rs
use generic Atomic type where possible
2025-04-27 02:18:08 +03:00
bstr.rs
Implement ByteStr and ByteString types
2025-01-11 06:35:21 +02:00
env.rs
Delegate to inner vec::IntoIter from env::ArgsOs
2025-05-01 15:18:15 -07:00
error.rs
Move std::error unit tests to integration tests
2025-01-26 10:28:04 +00:00
fs.rs
library: explain TOCTOU races in fs::remove_dir_all
2025-05-31 14:05:29 -07:00
keyword_docs.rs
Rollup merge of #140197 - ktnlvr:master, r=workingjubilee
2025-05-02 22:17:01 +10:00
lib.miri.rs
lib.rs
Add const support for float rounding methods
2025-05-31 15:26:57 -03:00
macros.rs
fix doc path in std::fmt macro
2025-02-25 09:08:22 +05:30
panic.rs
rename internal panicking::try to catch_unwind
2025-05-24 16:32:00 +02:00
panicking.rs
rename internal panicking::try to catch_unwind
2025-05-24 16:32:00 +02:00
pat.rs
path.rs
Rollup merge of #141477 - tshepang:patch-1, r=ChrisDenton
2025-05-29 04:49:41 +02:00
process.rs
Rollup merge of #141019 - ehuss:android-doctest-xcompile, r=Mark-Simulacrum
2025-05-23 13:34:18 +02:00
random.rs
Unify cygwin & horizon random impl
2025-03-10 21:23:32 +08:00
rt.rs
deduplicate abort implementations
2025-05-15 11:20:13 +02:00
test_helpers.rs
std: get rid of sys_common::io
2025-02-07 16:54:07 +01:00
time.rs
Be more specific about the error in the SystemTime example
2025-04-17 11:57:28 -05:00