[Bf-committers] Critical error in Blender!
Ton Roosendaal
ton at blender.org
Thu Dec 16 15:39:48 CET 2004
Hi,
Waiting and waiting for the release (hey Kester where are you!) has
advantages too. This morning I got a mail in from an OSX user who
managed Blender to delete his complete Desktop directory on saving a
runtime.app. Although he said he could redo twice, he didn't say
exectly how nor I could redo - until I checked the actual code for
writing runtimes.
There's bad code residing there deleting and moving things with
system() commands that fail easily. Here's the system() command for
example when you accidentally name the runtime output file " rt":
(writefile.c)
/bin/cp -R /bl/obj/darwin-7.5.0-powerpc/bin/blenderplayer.app
/Users/ton/Desktop/ rt.app
And yes I tried, and yes I got my entire desktop deleted! (have backups
:)
Although this error only happens in OSX, there's more bad code in
Blender. For example the fileops.c file has bad code in BLI_delete(),
used in the fileselector when you (SHIFT+R) ask for recursively
deleting a directory. Deleting a path like this;
"Users/ton/Desktop/ rt/blah/"
Will result deleting the entire Desktop as well. :/
The solution obviously is securing the filenames passed on to system()
with quotes. My upcoming commit will do that. for example like:
sprintf(str, "/bin/rm -rf \"%s\"", file);
So, now file operations like on:
" rt.blend"
"blah:untitled.blend"
"blah.blend;rf -f ."
Go fine now. I've also secured (return with warning) deletion of names
like this:
r"t.blend
(Note that saving .blend files themselves goes already fine with spaces
in names)
I would like interested/experienced C developers to check on this too.
There seem to be much better methods for (recursive) operations on
files. Probably worth a recode. And/or maybe even stick to OS specific
calls, which (I guess) for OSX could mean a delete would move things to
the ~/.trash folder?
Commit follows in a couple of minutes.
-Ton-
------------------------------------------------------------------------
--
Ton Roosendaal Blender Foundation ton at blender.org
http://www.blender.org
More information about the Bf-committers
mailing list