elf/chroot_canon.c

   1 /* Return the canonical absolute name of a given file inside chroot.
   2    Copyright (C) 1996,1997,1998,1999,2000,2001,2004,2005,2010,2011
   3         Free Software Foundation, Inc.
   4    This file is part of the GNU C Library.
   5
   6    This program is free software; you can redistribute it and/or modify
   7    it under the terms of the GNU General Public License as published
   8    by the Free Software Foundation; version 2 of the License, or
   9    (at your option) any later version.
  10
  11    This program is distributed in the hope that it will be useful,
  12    but WITHOUT ANY WARRANTY; without even the implied warranty of
  13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14    GNU General Public License for more details.
  15
  16    You should have received a copy of the GNU General Public License
  17    along with this program; if not, write to the Free Software Foundation,
  18    Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.  */
  19
  20 #include <stdlib.h>
  21 #include <string.h>
  22 #include <unistd.h>
  23 #include <limits.h>
  24 #include <sys/param.h>
  25 #include <sys/stat.h>
  26 #include <errno.h>
  27 #include <stddef.h>
  28 #include <stdint.h>
  29
  30 #include <ldconfig.h>
  31
  32 #ifndef PATH_MAX
  33 #define PATH_MAX 1024
  34 #endif
  35
  36 /* Return the canonical absolute name of file NAME as if chroot(CHROOT) was
  37    done first.  A canonical name does not contain any `.', `..' components
  38    nor any repeated path separators ('/') or symlinks.  All path components
  39    must exist and NAME must be absolute filename.  The result is malloc'd.
  40    The returned name includes the CHROOT prefix.  */
  41
  42 char *
  43 chroot_canon (const char *chroot, const char *name)
  44 {
  45   char *rpath;
  46   char *dest;
  47   char *extra_buf = NULL;
  48   char *rpath_root;
  49   const char *start;
  50   const char *end;
  51   const char *rpath_limit;
  52   int num_links = 0;
  53   size_t chroot_len = strlen (chroot);
  54
  55   if (chroot_len < 1)
  56     {
  57       __set_errno (EINVAL);
  58       return NULL;
  59     }
  60
  61   rpath = xmalloc (chroot_len + PATH_MAX);
  62
  63   rpath_limit = rpath + chroot_len + PATH_MAX;
  64
  65   rpath_root = (char *) mempcpy (rpath, chroot, chroot_len) - 1;
  66   if (*rpath_root != '/')
  67     *++rpath_root = '/';
  68   dest = rpath_root + 1;
  69
  70   for (start = end = name; *start; start = end)
  71     {
  72       struct stat64 st;
  73       int n;
  74
  75       /* Skip sequence of multiple path-separators.  */
  76       while (*start == '/')
  77         ++start;
  78
  79       /* Find end of path component.  */
  80       for (end = start; *end && *end != '/'; ++end)
  81         /* Nothing.  */;
  82
  83       if (end - start == 0)
  84         break;
  85       else if (end - start == 1 && start[0] == '.')
  86         /* nothing */;
  87       else if (end - start == 2 && start[0] == '.' && start[1] == '.')
  88         {
  89           /* Back up to previous component, ignore if at root already.  */
  90           if (dest > rpath_root + 1)
  91             while ((--dest)[-1] != '/');
  92         }
  93       else
  94         {
  95           size_t new_size;
  96
  97           if (dest[-1] != '/')
  98             *dest++ = '/';
  99
 100           if (dest + (end - start) >= rpath_limit)
 101             {
 102               ptrdiff_t dest_offset = dest - rpath;
 103               char *new_rpath;
 104
 105               new_size = rpath_limit - rpath;
 106               if (end - start + 1 > PATH_MAX)
 107                 new_size += end - start + 1;
 108               else
 109                 new_size += PATH_MAX;
 110               new_rpath = (char *) xrealloc (rpath, new_size);
 111               rpath = new_rpath;
 112               rpath_limit = rpath + new_size;
 113
 114               dest = rpath + dest_offset;
 115             }
 116
 117           dest = mempcpy (dest, start, end - start);
 118           *dest = '\0';
 119
 120           if (lstat64 (rpath, &st) < 0)
 121             {
 122               if (*end == '\0')
 123                 goto done;
 124               goto error;
 125             }
 126
 127           if (S_ISLNK (st.st_mode))
 128             {
 129               char *buf = alloca (PATH_MAX);
 130               size_t len;
 131
 132               if (++num_links > MAXSYMLINKS)
 133                 {
 134                   __set_errno (ELOOP);
 135                   goto error;
 136                 }
 137
 138               n = readlink (rpath, buf, PATH_MAX - 1);
 139               if (n < 0)
 140                 {
 141                   if (*end == '\0')
 142                     goto done;
 143                   goto error;
 144                 }
 145               buf[n] = '\0';
 146
 147               if (!extra_buf)
 148                 extra_buf = alloca (PATH_MAX);
 149
 150               len = strlen (end);
 151               if ((long int) (n + len) >= PATH_MAX)
 152                 {
 153                   __set_errno (ENAMETOOLONG);
 154                   goto error;
 155                 }
 156
 157               /* Careful here, end may be a pointer into extra_buf... */
 158               memmove (&extra_buf[n], end, len + 1);
 159               name = end = memcpy (extra_buf, buf, n);
 160
 161               if (buf[0] == '/')
 162                 dest = rpath_root + 1;  /* It's an absolute symlink */
 163               else
 164                 /* Back up to previous component, ignore if at root already: */
 165                 if (dest > rpath_root + 1)
 166                   while ((--dest)[-1] != '/');
 167             }
 168         }
 169     }
 170  done:
 171   if (dest > rpath_root + 1 && dest[-1] == '/')
 172     --dest;
 173   *dest = '\0';
 174
 175   return rpath;
 176
 177  error:
 178   free (rpath);
 179   return NULL;
 180 }