Skip to content

install: fix simplify conditional expressions and improve error handling #11274

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
mattsu2020 wants to merge 1 commit into from
+43 −47
Closed

install: fix simplify conditional expressions and improve error handling #11274

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
90 changes: 43 additions & 47 deletions src/uu/install/src/install.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -388,13 +388,10 @@ fn behavior(matches: &ArgMatches) -> UResult<Behavior> {
}

// Check if compare is used with non-permission mode bits
// TODO use a let chain once we have a MSRV of 1.88 or greater
if compare {
if let Some(mode) = specified_mode {
let non_permission_bits = 0o7000; // setuid, setgid, sticky bits
if mode & non_permission_bits != 0 {
show_error!("{}", translate!("install-warning-compare-ignored"));
}
if compare && let Some(mode) = specified_mode {
let non_permission_bits = 0o7000; // setuid, setgid, sticky bits
if mode & non_permission_bits != 0 {
show_error!("{}", translate!("install-warning-compare-ignored"));
}
}

Expand Down Expand Up @@ -646,13 +643,11 @@ fn standard(mut paths: Vec<OsString>, b: &Behavior) -> UResult<()> {
if b.target_dir.is_none()
&& sources.len() == 1
&& !is_potential_directory_path(&target)
&& let Ok(dir_fd) = DirFd::open(to_create, SymlinkBehavior::NoFollow)
&& let Some(filename) = target.file_name()
{
if let Ok(dir_fd) = DirFd::open(to_create, SymlinkBehavior::NoFollow) {
if let Some(filename) = target.file_name() {
target_parent_fd = Some(dir_fd);
target_filename = Some(filename.to_os_string());
}
}
target_parent_fd = Some(dir_fd);
target_filename = Some(filename.to_os_string());
}
}
} else {
Expand Down Expand Up @@ -681,11 +676,10 @@ fn standard(mut paths: Vec<OsString>, b: &Behavior) -> UResult<()> {
if b.target_dir.is_none()
&& sources.len() == 1
&& !is_potential_directory_path(&target)
&& let Some(filename) = target.file_name()
{
if let Some(filename) = target.file_name() {
target_parent_fd = Some(dir_fd);
target_filename = Some(filename.to_os_string());
}
target_parent_fd = Some(dir_fd);
target_filename = Some(filename.to_os_string());
}

// Set SELinux context for all created directories if needed
Expand Down Expand Up @@ -761,13 +755,13 @@ fn standard(mut paths: Vec<OsString>, b: &Behavior) -> UResult<()> {

let backup_path = perform_backup(&target, b)?;

if let Err(e) = parent_fd.unlink_at(filename.as_os_str(), false) {
if e.kind() != std::io::ErrorKind::NotFound {
show_error!(
"{}",
translate!("install-error-failed-to-remove", "path" => target.quote(), "error" => format!("{e:?}"))
);
}
if let Err(e) = parent_fd.unlink_at(filename.as_os_str(), false)
&& e.kind() != std::io::ErrorKind::NotFound
{
show_error!(
"{}",
translate!("install-error-failed-to-remove", "path" => target.quote(), "error" => format!("{e:?}"))
);
}

copy_file_safe(source, parent_fd, filename.as_os_str())?;
Expand Down Expand Up @@ -946,10 +940,10 @@ fn copy_file_safe(from: &Path, to_parent_fd: &DirFd, to_filename: &std::ffi::OsS
///
fn copy_file(from: &Path, to: &Path) -> UResult<()> {
use std::os::unix::fs::OpenOptionsExt;
if let Ok(to_abs) = to.canonicalize() {
if from.canonicalize()? == to_abs {
return Err(InstallError::SameFile(from.to_path_buf(), to.to_path_buf()).into());
}
if let Ok(to_abs) = to.canonicalize()
&& from.canonicalize()? == to_abs
{
return Err(InstallError::SameFile(from.to_path_buf(), to.to_path_buf()).into());
}

if to.is_dir() && !from.is_dir() {
Expand All @@ -961,13 +955,13 @@ fn copy_file(from: &Path, to: &Path) -> UResult<()> {
}

// Remove existing file (create_new below provides TOCTOU protection)
if let Err(e) = fs::remove_file(to) {
if e.kind() != std::io::ErrorKind::NotFound {
show_error!(
"{}",
translate!("install-error-failed-to-remove", "path" => to.quote(), "error" => format!("{e:?}"))
);
}
if let Err(e) = fs::remove_file(to)
&& e.kind() != std::io::ErrorKind::NotFound
{
show_error!(
"{}",
translate!("install-error-failed-to-remove", "path" => to.quote(), "error" => format!("{e:?}"))
);
}

let mut handle = File::open(from)?;
Expand Down Expand Up @@ -1223,10 +1217,10 @@ fn need_copy(from: &Path, to: &Path, b: &Behavior) -> bool {
};

// Check if the destination is a symlink (should always be replaced)
if let Ok(to_symlink_meta) = fs::symlink_metadata(to) {
if to_symlink_meta.file_type().is_symlink() {
return true;
}
if let Ok(to_symlink_meta) = fs::symlink_metadata(to)
&& to_symlink_meta.file_type().is_symlink()
{
return true;
}

// Define special file mode bits (setuid, setgid, sticky).
Expand Down Expand Up @@ -1267,17 +1261,19 @@ fn need_copy(from: &Path, to: &Path, b: &Behavior) -> bool {
// TODO: if -P (#1809) and from/to contexts mismatch, return true.

// Check if the owner ID is specified and differs from the destination file's owner.
if let Some(owner_id) = b.owner_id {
if !b.unprivileged && owner_id != to_meta.uid() {
return true;
}
if let Some(owner_id) = b.owner_id
&& !b.unprivileged
&& owner_id != to_meta.uid()
{
return true;
}

// Check if the group ID is specified and differs from the destination file's group.
if let Some(group_id) = b.group_id {
if !b.unprivileged && group_id != to_meta.gid() {
return true;
}
if let Some(group_id) = b.group_id
Copy link
Contributor

@xtqqczze xtqqczze Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is a change in behavior

Copy link
Contributor

@cakebaker cakebaker Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch!

Yes, you are right, it's a change in behavior. The current implementation never returns true if group_id == to_meta.gid() whereas the proposed change might return true in such a case (depending on what needs_copy_for_ownership(to, &to_meta) returns).

Copy link
Contributor

@xtqqczze xtqqczze Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we can't make any assumptions of correctness with AI generated PRs; we have to verify everything. In particular changes that "simplify conditional expressions" are high-risk.

Copy link
Contributor

@xtqqczze xtqqczze Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@cakebaker In this case there actually are conditions that can be made much more clear, I've submitted #11280.

&& !b.unprivileged
&& group_id != to_meta.gid()
{
return true;
} else if !b.unprivileged && needs_copy_for_ownership(to, &to_meta) {
return true;
}
Expand Down
Loading