[gnome-desktop] thumbnail: Don't copy files to /tmp before using them

From: Bastien Nocera <hadess src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-desktop] thumbnail: Don't copy files to /tmp before using them
Date: Tue, 22 Aug 2017 11:09:43 +0000 (UTC)

commit 25fff6aa4a645d41aad1f6a69fc3058258192a8f
Author: Bastien Nocera <hadess hadess net>
Date:   Tue Aug 22 12:31:30 2017 +0200

    thumbnail: Don't copy files to /tmp before using them
    
    Instead of copying whole files to the sandbox, bind mount the _file_.
    This is especially important when dealing with huge files when only a
    tiny portion of the file will actually be read.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=786586

 libgnome-desktop/gnome-desktop-thumbnail-script.c |   20 +++-----------------
 1 files changed, 3 insertions(+), 17 deletions(-)
---
diff --git a/libgnome-desktop/gnome-desktop-thumbnail-script.c 
b/libgnome-desktop/gnome-desktop-thumbnail-script.c
index 1012efa..c319d0e 100644
--- a/libgnome-desktop/gnome-desktop-thumbnail-script.c
+++ b/libgnome-desktop/gnome-desktop-thumbnail-script.c
@@ -498,9 +498,6 @@ static gboolean
 add_bwrap (GPtrArray   *array,
           ScriptExec  *script)
 {
-  char *fd_str;
-  int fd;
-
   g_return_val_if_fail (script->outdir != NULL, FALSE);
   g_return_val_if_fail (script->s_infile != NULL, FALSE);
 
@@ -532,25 +529,14 @@ add_bwrap (GPtrArray   *array,
   g_ptr_array_add (array, g_strdup (script->outdir));
   g_ptr_array_add (array, g_strdup ("/tmp"));
 
-  /* Open the infile so we can pass the fd through bwrap,
-   * we make sure to also re-use the original file's original
+  /* We make sure to also re-use the original file's original
    * extension in case it's useful for the thumbnailer to
    * identify the file type */
-  fd = open (script->infile, O_RDONLY | O_CLOEXEC);
-  if (fd == -1)
-    goto bail;
-  fd_str = g_strdup_printf ("%d", fd);
-  g_ptr_array_add (array, g_strdup ("--file"));
-  g_ptr_array_add (array, fd_str);
+  g_ptr_array_add (array, g_strdup ("--ro-bind"));
+  g_ptr_array_add (array, g_strdup (script->infile));
   g_ptr_array_add (array, g_strdup (script->s_infile));
 
-  g_array_append_val (script->fd_array, fd);
-
   return TRUE;
-
-bail:
-  g_ptr_array_set_size (array, 0);
-  return FALSE;
 }
 #endif /* HAVE_BWRAP */

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]