glibc/elf/chroot_canon.c

175 lines
4.3 KiB
C
Raw Normal View History

/* Return the canonical absolute name of a given file inside chroot.
Copyright (C) 1996, 1997, 1998, 1999, 2000 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, write to the Free
Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA. */
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <limits.h>
#include <sys/param.h>
#include <sys/stat.h>
#include <errno.h>
#include <stddef.h>
#include <stdint.h>
#include "ldconfig.h"
#ifndef PATH_MAX
#define PATH_MAX 1024
#endif
/* Return the canonical absolute name of file NAME as if chroot(CHROOT) was
done first. A canonical name does not contain any `.', `..' components
nor any repeated path separators ('/') or symlinks. All path components
must exist and NAME must be absolute filename. The result is malloc'd.
The returned name includes the CHROOT prefix. */
char *
chroot_canon (const char *chroot, const char *name)
{
char *rpath, *dest, *extra_buf = NULL, *rpath_root;
const char *start, *end, *rpath_limit;
int num_links = 0;
size_t chroot_len = strlen (chroot);
if (chroot_len < 1)
{
__set_errno (EINVAL);
return NULL;
}
rpath = malloc (chroot_len + PATH_MAX);
rpath_limit = rpath + chroot_len + PATH_MAX;
rpath_root = (char *) mempcpy (rpath, chroot, chroot_len) - 1;
if (*rpath_root != '/')
*++rpath_root = '/';
dest = rpath_root + 1;
for (start = end = name; *start; start = end)
{
struct stat64 st;
int n;
/* Skip sequence of multiple path-separators. */
while (*start == '/')
++start;
/* Find end of path component. */
for (end = start; *end && *end != '/'; ++end)
/* Nothing. */;
if (end - start == 0)
break;
else if (end - start == 1 && start[0] == '.')
/* nothing */;
else if (end - start == 2 && start[0] == '.' && start[1] == '.')
{
/* Back up to previous component, ignore if at root already. */
if (dest > rpath_root + 1)
while ((--dest)[-1] != '/');
}
else
{
size_t new_size;
if (dest[-1] != '/')
*dest++ = '/';
if (dest + (end - start) >= rpath_limit)
{
ptrdiff_t dest_offset = dest - rpath;
new_size = rpath_limit - rpath;
if (end - start + 1 > PATH_MAX)
new_size += end - start + 1;
else
new_size += PATH_MAX;
rpath = realloc (rpath, new_size);
rpath_limit = rpath + new_size;
if (rpath == NULL)
return NULL;
dest = rpath + dest_offset;
}
dest = mempcpy (dest, start, end - start);
*dest = '\0';
if (lstat64 (rpath, &st) < 0)
{
if (*end == '\0')
goto done;
goto error;
}
if (S_ISLNK (st.st_mode))
{
char *buf = alloca (PATH_MAX);
size_t len;
if (++num_links > MAXSYMLINKS)
{
__set_errno (ELOOP);
goto error;
}
n = readlink (rpath, buf, PATH_MAX);
if (n < 0)
{
if (*end == '\0')
goto done;
goto error;
}
buf[n] = '\0';
if (!extra_buf)
extra_buf = alloca (PATH_MAX);
len = strlen (end);
if ((long int) (n + len) >= PATH_MAX)
{
__set_errno (ENAMETOOLONG);
goto error;
}
/* Careful here, end may be a pointer into extra_buf... */
memmove (&extra_buf[n], end, len + 1);
name = end = memcpy (extra_buf, buf, n);
if (buf[0] == '/')
dest = rpath_root + 1; /* It's an absolute symlink */
else
/* Back up to previous component, ignore if at root already: */
if (dest > rpath_root + 1)
while ((--dest)[-1] != '/');
}
}
}
done:
if (dest > rpath_root + 1 && dest[-1] == '/')
--dest;
*dest = '\0';
return rpath;
error:
free (rpath);
return NULL;
}