diff options
Diffstat (limited to 'guava/src/com/google/common/io/Files.java')
| -rw-r--r-- | guava/src/com/google/common/io/Files.java | 59 |
1 files changed, 26 insertions, 33 deletions
diff --git a/guava/src/com/google/common/io/Files.java b/guava/src/com/google/common/io/Files.java index ba5528ff8..499ea6a20 100644 --- a/guava/src/com/google/common/io/Files.java +++ b/guava/src/com/google/common/io/Files.java @@ -20,6 +20,7 @@ import static com.google.common.io.FileWriteMode.APPEND; import com.google.common.annotations.Beta; import com.google.common.annotations.GwtIncompatible; +import com.google.common.annotations.J2ktIncompatible; import com.google.common.base.Joiner; import com.google.common.base.Optional; import com.google.common.base.Predicate; @@ -33,6 +34,7 @@ import com.google.common.hash.HashCode; import com.google.common.hash.HashFunction; import com.google.errorprone.annotations.CanIgnoreReturnValue; import com.google.errorprone.annotations.InlineMe; +import com.google.j2objc.annotations.J2ObjCIncompatible; import java.io.BufferedReader; import java.io.BufferedWriter; import java.io.File; @@ -66,13 +68,11 @@ import org.checkerframework.checker.nullness.qual.Nullable; * @author Colin Decker * @since 1.0 */ +@J2ktIncompatible @GwtIncompatible @ElementTypesAreNonnullByDefault public final class Files { - /** Maximum loop count when creating temp directories. */ - private static final int TEMP_DIR_ATTEMPTS = 10000; - private Files() {} /** @@ -119,7 +119,9 @@ public final class Files { return new FileByteSource(file); } - private static final class FileByteSource extends ByteSource { + private static final class FileByteSource extends + ByteSource + { private final File file; @@ -394,17 +396,19 @@ public final class Files { * Atomically creates a new directory somewhere beneath the system's temporary directory (as * defined by the {@code java.io.tmpdir} system property), and returns its name. * + * <p>The temporary directory is created with permissions restricted to the current user or, in + * the case of Android, the current app. If that is not possible (as is the case under the very + * old Android Ice Cream Sandwich release), then this method throws an exception instead of + * creating a directory that would be more accessible. (This behavior is new in Guava 32.0.0. + * Previous versions would create a directory that is more accessible, as discussed in <a + * href="https://github.com/google/guava/issues/4011">CVE-2020-8908</a>.) + * * <p>Use this method instead of {@link File#createTempFile(String, String)} when you wish to * create a directory, not a regular file. A common pitfall is to call {@code createTempFile}, * delete the file and create a directory in its place, but this leads a race condition which can * be exploited to create security vulnerabilities, especially when executable files are to be * written into the directory. * - * <p>Depending on the environmment that this code is run in, the system temporary directory (and - * thus the directory this method creates) may be more visible that a program would like - files - * written to this directory may be read or overwritten by hostile programs running on the same - * machine. - * * <p>This method assumes that the temporary volume is writable, has free inodes and free blocks, * and that it will not be called thousands of times per second. * @@ -412,36 +416,26 @@ public final class Files { * java.nio.file.Files#createTempDirectory}. * * @return the newly-created directory - * @throws IllegalStateException if the directory could not be created + * @throws IllegalStateException if the directory could not be created, such as if the system does + * not support creating temporary directories securely * @deprecated For Android users, see the <a * href="https://developer.android.com/training/data-storage" target="_blank">Data and File * Storage overview</a> to select an appropriate temporary directory (perhaps {@code - * context.getCacheDir()}). For developers on Java 7 or later, use {@link - * java.nio.file.Files#createTempDirectory}, transforming it to a {@link File} using {@link - * java.nio.file.Path#toFile() toFile()} if needed. + * context.getCacheDir()}), and create your own directory under that. (For example, you might + * use {@code new File(context.getCacheDir(), "directoryname").mkdir()}, or, if you need an + * arbitrary number of temporary directories, you might have to generate multiple directory + * names in a loop until {@code mkdir()} returns {@code true}.) For developers on Java 7 or + * later, use {@link java.nio.file.Files#createTempDirectory}, transforming it to a {@link + * File} using {@link java.nio.file.Path#toFile() toFile()} if needed. To restrict permissions + * as this method does, pass {@code + * PosixFilePermissions.asFileAttribute(PosixFilePermissions.fromString("rwx------"))} to your + * call to {@code createTempDirectory}. */ @Beta @Deprecated + @J2ObjCIncompatible public static File createTempDir() { - File baseDir = new File(System.getProperty("java.io.tmpdir")); - @SuppressWarnings("GoodTime") // reading system time without TimeSource - String baseName = System.currentTimeMillis() + "-"; - - for (int counter = 0; counter < TEMP_DIR_ATTEMPTS; counter++) { - File tempDir = new File(baseDir, baseName + counter); - if (tempDir.mkdir()) { - return tempDir; - } - } - throw new IllegalStateException( - "Failed to create directory within " - + TEMP_DIR_ATTEMPTS - + " attempts (tried " - + baseName - + "0 to " - + baseName - + (TEMP_DIR_ATTEMPTS - 1) - + ')'); + return TempFileCreator.INSTANCE.createTempDir(); } /** @@ -847,7 +841,6 @@ public final class Files { * * @since 23.5 */ - @Beta public static Traverser<File> fileTraverser() { return Traverser.forTree(FILE_TREE); } |