-
Notifications
You must be signed in to change notification settings - Fork 12.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Panic if PathBuf::set_extension
would add a path separator
#125070
Conversation
This comment has been minimized.
This comment has been minimized.
This is likely never intended and potentially a security vulnerability if it happens. I'd guess that it's mostly literal strings that are passed to this function in practice, so I'm guessing this doesn't break anyone. CC rust-lang#125060
3382993
to
700b3ea
Compare
@@ -1803,6 +1803,29 @@ fn test_windows_absolute() { | |||
assert_eq!(absolute(r"COM1").unwrap().as_os_str(), Path::new(r"\\.\COM1").as_os_str()); | |||
} | |||
|
|||
#[test] | |||
#[should_panic = "path separator"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would test a try_set method be better than testing a panic one?
imo this needs a decision from T-libs (or T-libs-api? not sure). I personally find this reasonable, but it's not a trivial thing to change. cc @rust-lang/libs |
this and #125060 should probably be discussed together |
I think this (and the other one) are an API issue. This isn't just about the implementation. This is about the public API of |
We discussed this in today's @rust-lang/libs meeting. We were generally in favor of panicking in (We were hesitant to advocate the same for @rfcbot merge |
Team member @joshtriplett has proposed to merge this. The next step is review by the rest of the tagged team members: No concerns currently listed. Once a majority of reviewers approve (and at most 2 approvals are outstanding), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up! See this document for info about what commands tagged team members can give me. |
🔔 This is now entering its final comment period, as per the review above. 🔔 |
This comment was marked as off-topic.
This comment was marked as off-topic.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
r=me
upon FCP completion
The final comment period, with a disposition to merge, as per the review above, is now complete. As the automated representative of the governance process, I would like to thank the author for their work and everyone else who contributed. This will be merged soon. |
@bors r=jhpratt |
…ratt Panic if `PathBuf::set_extension` would add a path separator This is likely never intended and potentially a security vulnerability if it happens. I'd guess that it's mostly literal strings that are passed to this function in practice, so I'm guessing this doesn't break anyone. CC rust-lang#125060
Rollup of 8 pull requests Successful merges: - rust-lang#125070 (Panic if `PathBuf::set_extension` would add a path separator) - rust-lang#125307 (tidy: stop special-casing tests/ui entry limit) - rust-lang#125375 (Create a triagebot ping group for Rust for Linux) - rust-lang#125413 (drop region constraints for ambiguous goals) - rust-lang#125433 (A small diagnostic improvement for dropping_copy_types) - rust-lang#125508 (Stop SRoA'ing `DynMetadata` in MIR) - rust-lang#125530 (cleanup dependence of `ExtCtxt` in transcribe when macro expansion) - rust-lang#125544 (Also mention my-self for other check-cfg docs changes) r? `@ghost` `@rustbot` modify labels: rollup
Panic if `PathBuf::set_extension` would add a path separator This is likely never intended and potentially a security vulnerability if it happens. I'd guess that it's mostly literal strings that are passed to this function in practice, so I'm guessing this doesn't break anyone. CC rust-lang#125060
@bors retry (yield to rollup which includes this PR and which just failed due to network issues) |
Rollup of 8 pull requests Successful merges: - rust-lang#125070 (Panic if `PathBuf::set_extension` would add a path separator) - rust-lang#125307 (tidy: stop special-casing tests/ui entry limit) - rust-lang#125375 (Create a triagebot ping group for Rust for Linux) - rust-lang#125413 (drop region constraints for ambiguous goals) - rust-lang#125433 (A small diagnostic improvement for dropping_copy_types) - rust-lang#125508 (Stop SRoA'ing `DynMetadata` in MIR) - rust-lang#125530 (cleanup dependence of `ExtCtxt` in transcribe when macro expansion) - rust-lang#125544 (Also mention my-self for other check-cfg docs changes) r? `@ghost` `@rustbot` modify labels: rollup
☀️ Test successful - checks-actions |
Finished benchmarking commit (bd184cc): comparison URL. Overall result: no relevant changes - no action needed@rustbot label: -perf-regression Instruction countThis benchmark run did not return any relevant results for this metric. Max RSS (memory usage)This benchmark run did not return any relevant results for this metric. CyclesThis benchmark run did not return any relevant results for this metric. Binary sizeResults (primary 0.2%, secondary 0.5%)This is a less reliable metric that may be of interest but was not used to determine the overall result at the top of this comment.
Bootstrap: 672.481s -> 671.39s (-0.16%) |
This is likely never intended and potentially a security vulnerability if it happens.
I'd guess that it's mostly literal strings that are passed to this function in practice, so I'm guessing this doesn't break anyone.
CC #125060