Merge pull request mixxxdj#12457 from fwcd/fix-sandbox-access-2.4

Sandbox: Fix regression that caused `Sandbox::canAccess` to fail
daschuer · Dec 22, 2023 · bbc610d · bbc610d
2 parents 17b53f0 + 58ddbb7
commit bbc610d
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 6 deletions.
diff --git a/src/util/sandbox.cpp b/src/util/sandbox.cpp
@@ -75,13 +75,17 @@ bool Sandbox::canAccess(mixxx::FileInfo* pFileInfo) {
     VERIFY_OR_DEBUG_ASSERT(pFileInfo) {
         return false;
     }
-    openSecurityToken(pFileInfo, true);
+    // NOTE: The token must be assigned to a variable, otherwise it will be
+    // invalidated immediately (causing `isReadable` to fail).
+    auto token = openSecurityToken(pFileInfo, true);
     return pFileInfo->isReadable();
 }
 
 //static
 bool Sandbox::canAccessDir(const QDir& dir) {
-    openSecurityTokenForDir(dir, true);
+    // NOTE: The token must be assigned to a variable, otherwise it will be
+    // invalidated immediately (causing `isReadable` to fail).
+    auto token = openSecurityTokenForDir(dir, true);
     return QFileInfo(dir.canonicalPath()).isReadable();
 }
 

diff --git a/src/util/sandbox.h b/src/util/sandbox.h
@@ -53,17 +53,28 @@ class Sandbox {
         return createSecurityToken(dir.canonicalPath(), true);
     }
 
-    static SecurityTokenPointer openSecurityToken(mixxx::FileInfo* pFileInfo, bool create);
-    static SecurityTokenPointer openSecurityTokenForDir(const QDir& dir, bool create);
+#if defined(__GNUC__) && __cplusplus < 201907L
+#define SECURITY_TOKEN_NODISCARD_RATIONALE
+#else
+#define SECURITY_TOKEN_NODISCARD_RATIONALE                             \
+    ("A new security token should be used, e.g. by assigning it to a " \
+     "variable, otherwise it will be invalidated immediately.")
+#endif
+
+    [[nodiscard SECURITY_TOKEN_NODISCARD_RATIONALE]] static SecurityTokenPointer
+    openSecurityToken(mixxx::FileInfo* pFileInfo, bool create);
+    [[nodiscard SECURITY_TOKEN_NODISCARD_RATIONALE]] static SecurityTokenPointer
+    openSecurityTokenForDir(const QDir& dir, bool create);
 
   private:
     Sandbox() = delete;
 
     static ConfigKey keyForCanonicalPath(const QString& canonicalPath);
 
     // Must hold s_mutex to call this.
-    static SecurityTokenPointer openTokenFromBookmark(const QString& canonicalPath,
-                                                      const QString& bookmarkBase64);
+    [[nodiscard SECURITY_TOKEN_NODISCARD_RATIONALE]] static SecurityTokenPointer
+    openTokenFromBookmark(
+            const QString& canonicalPath, const QString& bookmarkBase64);
 
     // Creates a security token. s_mutex is not needed for this method.
     static bool createSecurityToken(const QString& canonicalPath, bool isDirectory);