[reportlab-users] setup.py findFile() logic fragile to symlink loops
Michał Górny
mgorny at gentoo.org
Mon Mar 28 04:40:32 EDT 2022
Hi,
I've just gotten a report from a Gentoo user that reportlab's setup.py
hangs on build command. After short debugging, we've discovered that
the findFile() function used to look for freetype2 headers is fragile to
symlink loops.
For example, nodejs installs the following symlink:
/usr/include/nodejs/src -> .
Since the function uses os.walk() with follow_symlinks=True, it nests
infinitely while trying to follow the symlink. After adding a print-
debug, we get the following output:
findFile: /usr/include/node
findFile: /usr/include/node/libplatform
findFile: /usr/include/node/src
findFile: /usr/include/node/src/libplatform
findFile: /usr/include/node/src/src
findFile: /usr/include/node/src/src/libplatform
findFile: /usr/include/node/src/src/src
findFile: /usr/include/node/src/src/src/libplatform
findFile: /usr/include/node/src/src/src/src
findFile: /usr/include/node/src/src/src/src/libplatform
and so on. Note that reproducing the issue depends on whether
os.walk() happens to hit the symlink loop before finding freetype2
headers, i.e. on the filesystem path order.
--
Best regards,
Michał Górny
More information about the reportlab-users
mailing list