Skip to content

Unsafe output file name generation in GWAlpha_GPS.py #2

Description

@rvosa

The script GWAlpha_GPS.py uses a function where output file names are generated partly randomly. Subsequently, output is written to these files without checking whether the file already exists. This can silently overwrite existing files, which is undesirable behavior. If a unique name needs to be generated, a better option is to use one of the facilities in the built-in tempfile library.

(Other unique file naming algorithms can also be conceived (e.g. the epoch time plus an autoincrementing suffix while this thing already exists) but most of these suffer from possible race conditions.)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions