fix(storage/local): stop deleting prior to forbidden items check #57421
+42
−20
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…in rename Signed-off-by: Josh <[email protected]>
On case-insensitive filesystems, the copy+unlink fallback shouldn't be attempted since source/destination can "overlap". Also adds some additional logging for error conditions + one at debug level for a more common scenario. Otherwise just some additional tidying for readability. Signed-off-by: Josh <[email protected]>
joshtrichards
changed the title
Signed-off-by: Josh <[email protected]>
joshtrichards
requested review from
Altahrim,
artonge,
nfebe and
provokateurin
and removed request for
a team
Altahrim
approved these changes
Jan 9, 2026
| return false; | ||
| } | ||
|
|
||
| $dstParent = dirname($target); |
Collaborator
There was a problem hiding this comment.
Maybe also rename this variable $targetParent
| $this->rmdir($target); | ||
| } elseif ($this->is_file($target)) { | ||
| $this->unlink($target); | ||
| if (!$this->remove($target)) { |
Collaborator
There was a problem hiding this comment.
Even if it's current behaviour, I am not sure we need to remove the target when it's a file.
It should be overwritten by the rename. Not sure if it's dependant from filesystem…
Comment on lines
+379
to
+380
| } | ||
| if ($copySuccess && !$unlinkSuccess) { |
Collaborator
There was a problem hiding this comment.
Suggested change
| } | |
| if ($copySuccess && !$unlinkSuccess) { | |
| } elseif (!$unlinkSuccess) { |
Or maybe with early returns?
Open
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
During rename operations, if something already exists in the destination path, it gets deleted prior to the forbidden items check. If the check doesn't pass, the operation is aborted but deletion has already occurred.
This PR moves the forbidden items check up so it takes place before any destructive activities occur (see
checkTreeForForbiddenItems).The 2nd commit also addresses an edge case where the copy+unlink fallback could still be triggered for case-only renames on case-insensitive filesystems.
Also included throughout:
remove()TODO
Checklist
3. to review, feature component)stable32)