From 22bd65996ce992ba81aa92f552f6b75480e6ab6a Mon Sep 17 00:00:00 2001
From: Alexey Milovidov <milovidov@yandex-team.ru>
Date: Tue, 15 Jun 2021 00:58:29 +0300
Subject: [PATCH] Fix TOCTOU in Install

---
 programs/install/Install.cpp | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/programs/install/Install.cpp b/programs/install/Install.cpp
index a7f566a78b8..8a32f542ceb 100644
--- a/programs/install/Install.cpp
+++ b/programs/install/Install.cpp
@@ -819,15 +819,25 @@ namespace
 
         if (fs::exists(pid_file))
         {
-            ReadBufferFromFile in(pid_file.string());
-            if (tryReadIntText(pid, in))
+            try
             {
-                fmt::print("{} file exists and contains pid = {}.\n", pid_file.string(), pid);
+                ReadBufferFromFile in(pid_file.string());
+                if (tryReadIntText(pid, in))
+                {
+                    fmt::print("{} file exists and contains pid = {}.\n", pid_file.string(), pid);
+                }
+                else
+                {
+                    fmt::print("{} file exists but damaged, ignoring.\n", pid_file.string());
+                    fs::remove(pid_file);
+                }
             }
-            else
+            catch (const Exception & e)
             {
-                fmt::print("{} file exists but damaged, ignoring.\n", pid_file.string());
-                fs::remove(pid_file);
+                if (e.code() != ErrorCodes::FILE_DOESNT_EXIST)
+                    throw;
+
+                /// If file does not exist (TOCTOU) - it's ok.
             }
         }