Merge branch 'rs/notes-merge-no-toctou' into maint

"git notes merge" had a code to see if a path exists (and fails if
it does) and then open the path for writing (when it doesn't).
Replace it with open with O_EXCL.

* rs/notes-merge-no-toctou:
  notes-merge: use O_EXCL to avoid overwriting existing files

Author: gitster

notes-merge.c

@@ -298,12 +298,8 @@ static void write_buf_to_worktree(const unsigned char *obj,
 	char *path = git_pathdup(NOTES_MERGE_WORKTREE "/%s", sha1_to_hex(obj));
 	if (safe_create_leading_directories_const(path))
 		die_errno("unable to create directory for '%s'", path);
-	if (file_exists(path))
-		die("found existing file at '%s'", path);
 
-	fd = open(path, O_WRONLY | O_TRUNC | O_CREAT, 0666);
-	if (fd < 0)
-		die_errno("failed to open '%s'", path);
+	fd = xopen(path, O_WRONLY | O_EXCL | O_CREAT, 0666);
 
 	while (size > 0) {
 		long ret = write_in_full(fd, buf, size);