From 8996aa798c774ca48432c55f7d5135ebbd9390c3 Mon Sep 17 00:00:00 2001 From: Kovid Goyal Date: Wed, 3 Jun 2026 12:17:38 +0530 Subject: [PATCH] dnd kitten: Create regular files with O_EXCL to avoid symlink attacks This is not really needed as the terminal emulator should be de duplicating directory entries anyway but no harm in defense in depth. --- kittens/dnd/drop.go | 2 +- tools/utils/file_at_fd.go | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/kittens/dnd/drop.go b/kittens/dnd/drop.go index c2b98932e..7e05c4558 100644 --- a/kittens/dnd/drop.go +++ b/kittens/dnd/drop.go @@ -823,7 +823,7 @@ func (dnd *dnd) on_remote_drop_data(cmd DC) (err error) { e.item_type = cmd.Xp switch cmd.Xp { case 0: - f, err := utils.CreateAt(e.base_dir.handle, e.name, 0o666) + f, err := utils.CreateExclusiveAt(e.base_dir.handle, e.name, 0o666) if err != nil { return err } diff --git a/tools/utils/file_at_fd.go b/tools/utils/file_at_fd.go index 7e3033f5d..398c3ceb7 100644 --- a/tools/utils/file_at_fd.go +++ b/tools/utils/file_at_fd.go @@ -79,6 +79,12 @@ func CreateAt(dirFile *os.File, name string, permissions os.FileMode) (*os.File, return openAt(dirFile, name, unix.O_RDWR|unix.O_CREAT|unix.O_TRUNC, permissions) } +// CreateExclusiveAt creates a file relative to the directory pointed to by +// dirFile. Fails if a directory entry with the same name already exists. +func CreateExclusiveAt(dirFile *os.File, name string, permissions os.FileMode) (*os.File, error) { + return openAt(dirFile, name, unix.O_RDWR|unix.O_CREAT|unix.O_EXCL, permissions) +} + // Create the specified directory, open it and return the file object. If the // directory already exists, it is opened and returned, without changing its // permissions, matching the behavior of CreateAt().