| /* provide a replacement openat function |
| Copyright (C) 2004-2016 Free Software Foundation, Inc. |
| |
| This program is free software: you can redistribute it and/or modify |
| it under the terms of the GNU General Public License as published by |
| the Free Software Foundation; either version 3 of the License, or |
| (at your option) any later version. |
| |
| This program is distributed in the hope that it will be useful, |
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| GNU General Public License for more details. |
| |
| You should have received a copy of the GNU General Public License |
| along with this program. If not, see <http://www.gnu.org/licenses/>. */ |
| |
| /* written by Jim Meyering */ |
| |
| /* If the user's config.h happens to include <fcntl.h>, let it include only |
| the system's <fcntl.h> here, so that orig_openat doesn't recurse to |
| rpl_openat. */ |
| #define __need_system_fcntl_h |
| #include <config.h> |
| |
| /* Get the original definition of open. It might be defined as a macro. */ |
| #include <fcntl.h> |
| #include <sys/types.h> |
| #undef __need_system_fcntl_h |
| |
| #if HAVE_OPENAT |
| static int |
| orig_openat (int fd, char const *filename, int flags, mode_t mode) |
| { |
| return openat (fd, filename, flags, mode); |
| } |
| #endif |
| |
| /* Write "fcntl.h" here, not <fcntl.h>, otherwise OSF/1 5.1 DTK cc eliminates |
| this include because of the preliminary #include <fcntl.h> above. */ |
| #include "fcntl.h" |
| |
| #include "openat.h" |
| |
| #include <stdarg.h> |
| #include <stdbool.h> |
| #include <stddef.h> |
| #include <string.h> |
| #include <sys/stat.h> |
| #include <errno.h> |
| |
| #if HAVE_OPENAT |
| |
| /* Like openat, but work around Solaris 9 bugs with trailing slash. */ |
| int |
| rpl_openat (int dfd, char const *filename, int flags, ...) |
| { |
| mode_t mode; |
| int fd; |
| |
| mode = 0; |
| if (flags & O_CREAT) |
| { |
| va_list arg; |
| va_start (arg, flags); |
| |
| /* We have to use PROMOTED_MODE_T instead of mode_t, otherwise GCC 4 |
| creates crashing code when 'mode_t' is smaller than 'int'. */ |
| mode = va_arg (arg, PROMOTED_MODE_T); |
| |
| va_end (arg); |
| } |
| |
| # if OPEN_TRAILING_SLASH_BUG |
| /* If the filename ends in a slash and one of O_CREAT, O_WRONLY, O_RDWR |
| is specified, then fail. |
| Rationale: POSIX <http://www.opengroup.org/susv3/basedefs/xbd_chap04.html> |
| says that |
| "A pathname that contains at least one non-slash character and that |
| ends with one or more trailing slashes shall be resolved as if a |
| single dot character ( '.' ) were appended to the pathname." |
| and |
| "The special filename dot shall refer to the directory specified by |
| its predecessor." |
| If the named file already exists as a directory, then |
| - if O_CREAT is specified, open() must fail because of the semantics |
| of O_CREAT, |
| - if O_WRONLY or O_RDWR is specified, open() must fail because POSIX |
| <http://www.opengroup.org/susv3/functions/open.html> says that it |
| fails with errno = EISDIR in this case. |
| If the named file does not exist or does not name a directory, then |
| - if O_CREAT is specified, open() must fail since open() cannot create |
| directories, |
| - if O_WRONLY or O_RDWR is specified, open() must fail because the |
| file does not contain a '.' directory. */ |
| if (flags & (O_CREAT | O_WRONLY | O_RDWR)) |
| { |
| size_t len = strlen (filename); |
| if (len > 0 && filename[len - 1] == '/') |
| { |
| errno = EISDIR; |
| return -1; |
| } |
| } |
| # endif |
| |
| fd = orig_openat (dfd, filename, flags, mode); |
| |
| # if OPEN_TRAILING_SLASH_BUG |
| /* If the filename ends in a slash and fd does not refer to a directory, |
| then fail. |
| Rationale: POSIX <http://www.opengroup.org/susv3/basedefs/xbd_chap04.html> |
| says that |
| "A pathname that contains at least one non-slash character and that |
| ends with one or more trailing slashes shall be resolved as if a |
| single dot character ( '.' ) were appended to the pathname." |
| and |
| "The special filename dot shall refer to the directory specified by |
| its predecessor." |
| If the named file without the slash is not a directory, open() must fail |
| with ENOTDIR. */ |
| if (fd >= 0) |
| { |
| /* We know len is positive, since open did not fail with ENOENT. */ |
| size_t len = strlen (filename); |
| if (filename[len - 1] == '/') |
| { |
| struct stat statbuf; |
| |
| if (fstat (fd, &statbuf) >= 0 && !S_ISDIR (statbuf.st_mode)) |
| { |
| close (fd); |
| errno = ENOTDIR; |
| return -1; |
| } |
| } |
| } |
| # endif |
| |
| return fd; |
| } |
| |
| #else /* !HAVE_OPENAT */ |
| |
| # include "dosname.h" /* solely for definition of IS_ABSOLUTE_FILE_NAME */ |
| # include "openat-priv.h" |
| # include "save-cwd.h" |
| |
| /* Replacement for Solaris' openat function. |
| <http://www.google.com/search?q=openat+site:docs.sun.com> |
| First, try to simulate it via open ("/proc/self/fd/FD/FILE"). |
| Failing that, simulate it by doing save_cwd/fchdir/open/restore_cwd. |
| If either the save_cwd or the restore_cwd fails (relatively unlikely), |
| then give a diagnostic and exit nonzero. |
| Otherwise, upon failure, set errno and return -1, as openat does. |
| Upon successful completion, return a file descriptor. */ |
| int |
| openat (int fd, char const *file, int flags, ...) |
| { |
| mode_t mode = 0; |
| |
| if (flags & O_CREAT) |
| { |
| va_list arg; |
| va_start (arg, flags); |
| |
| /* We have to use PROMOTED_MODE_T instead of mode_t, otherwise GCC 4 |
| creates crashing code when 'mode_t' is smaller than 'int'. */ |
| mode = va_arg (arg, PROMOTED_MODE_T); |
| |
| va_end (arg); |
| } |
| |
| return openat_permissive (fd, file, flags, mode, NULL); |
| } |
| |
| /* Like openat (FD, FILE, FLAGS, MODE), but if CWD_ERRNO is |
| nonnull, set *CWD_ERRNO to an errno value if unable to save |
| or restore the initial working directory. This is needed only |
| the first time remove.c's remove_dir opens a command-line |
| directory argument. |
| |
| If a previous attempt to restore the current working directory |
| failed, then we must not even try to access a '.'-relative name. |
| It is the caller's responsibility not to call this function |
| in that case. */ |
| |
| int |
| openat_permissive (int fd, char const *file, int flags, mode_t mode, |
| int *cwd_errno) |
| { |
| struct saved_cwd saved_cwd; |
| int saved_errno; |
| int err; |
| bool save_ok; |
| |
| if (fd == AT_FDCWD || IS_ABSOLUTE_FILE_NAME (file)) |
| return open (file, flags, mode); |
| |
| { |
| char buf[OPENAT_BUFFER_SIZE]; |
| char *proc_file = openat_proc_name (buf, fd, file); |
| if (proc_file) |
| { |
| int open_result = open (proc_file, flags, mode); |
| int open_errno = errno; |
| if (proc_file != buf) |
| free (proc_file); |
| /* If the syscall succeeds, or if it fails with an unexpected |
| errno value, then return right away. Otherwise, fall through |
| and resort to using save_cwd/restore_cwd. */ |
| if (0 <= open_result || ! EXPECTED_ERRNO (open_errno)) |
| { |
| errno = open_errno; |
| return open_result; |
| } |
| } |
| } |
| |
| save_ok = (save_cwd (&saved_cwd) == 0); |
| if (! save_ok) |
| { |
| if (! cwd_errno) |
| openat_save_fail (errno); |
| *cwd_errno = errno; |
| } |
| if (0 <= fd && fd == saved_cwd.desc) |
| { |
| /* If saving the working directory collides with the user's |
| requested fd, then the user's fd must have been closed to |
| begin with. */ |
| free_cwd (&saved_cwd); |
| errno = EBADF; |
| return -1; |
| } |
| |
| err = fchdir (fd); |
| saved_errno = errno; |
| |
| if (! err) |
| { |
| err = open (file, flags, mode); |
| saved_errno = errno; |
| if (save_ok && restore_cwd (&saved_cwd) != 0) |
| { |
| if (! cwd_errno) |
| { |
| /* Don't write a message to just-created fd 2. */ |
| saved_errno = errno; |
| if (err == STDERR_FILENO) |
| close (err); |
| openat_restore_fail (saved_errno); |
| } |
| *cwd_errno = errno; |
| } |
| } |
| |
| free_cwd (&saved_cwd); |
| errno = saved_errno; |
| return err; |
| } |
| |
| /* Return true if our openat implementation must resort to |
| using save_cwd and restore_cwd. */ |
| bool |
| openat_needs_fchdir (void) |
| { |
| bool needs_fchdir = true; |
| int fd = open ("/", O_SEARCH); |
| |
| if (0 <= fd) |
| { |
| char buf[OPENAT_BUFFER_SIZE]; |
| char *proc_file = openat_proc_name (buf, fd, "."); |
| if (proc_file) |
| { |
| needs_fchdir = false; |
| if (proc_file != buf) |
| free (proc_file); |
| } |
| close (fd); |
| } |
| |
| return needs_fchdir; |
| } |
| |
| #endif /* !HAVE_OPENAT */ |