From a71f5568304fa2c9d596d52374c7e69ac98f8ad7 Mon Sep 17 00:00:00 2001
From: Thiago Macieira <thiago.macieira@intel.com>
Date: Wed, 20 Sep 2023 17:42:38 -0700
Subject: moveToTrash/Unix: avoid mkdir/chmod race condition for the trash dir

QDir::mkdir() followed by QFile::setPermissions() is a race condition
because an attacker could enter the directory before we set the
permissions. QDir::mkdir() got an overload with the permissions in 6.3,
but I decided to go a level lower and use QFileSystemEngine directly
here.

Pick-to: 6.5 6.6
Change-Id: I9d43e5b91eb142d6945cfffd1786c338e21c129e
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
---
 src/corelib/io/qfilesystemengine_unix.cpp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'src/corelib/io/qfilesystemengine_unix.cpp')

diff --git a/src/corelib/io/qfilesystemengine_unix.cpp b/src/corelib/io/qfilesystemengine_unix.cpp
index a3d71aeeab..cf33dde975 100644
--- a/src/corelib/io/qfilesystemengine_unix.cpp
+++ b/src/corelib/io/qfilesystemengine_unix.cpp
@@ -1193,8 +1193,10 @@ static QString freeDesktopTrashLocation(const QString &sourcePath)
                         | QFileDevice::ExeOwner;
         QString targetDir = topDir.filePath(trashDir);
         // deliberately not using mkpath, since we want to fail if topDir doesn't exist
-        if (topDir.mkdir(trashDir))
-            QFile::setPermissions(targetDir, ownerPerms);
+        bool created = QFileSystemEngine::createDirectory(QFileSystemEntry(targetDir), false, ownerPerms);
+        if (created)
+            return targetDir;
+        // maybe it already exists and is a directory
         if (QFileInfo(targetDir).isDir())
             return targetDir;
         return QString();
-- 
cgit v1.2.3