]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
a5c32cff | 2 | |
8bdc9a90 | 3 | #include <ctype.h> |
11c3a366 TA |
4 | #include <errno.h> |
5 | #include <fcntl.h> | |
6 | #include <limits.h> | |
7 | #include <stdarg.h> | |
8 | #include <stdint.h> | |
35bbbf85 | 9 | #include <stdio_ext.h> |
11c3a366 TA |
10 | #include <stdlib.h> |
11 | #include <string.h> | |
12 | #include <sys/stat.h> | |
13 | #include <sys/types.h> | |
a5c32cff | 14 | #include <unistd.h> |
cda134ab | 15 | |
b5efdb8a | 16 | #include "alloc-util.h" |
3ffd4af2 LP |
17 | #include "fd-util.h" |
18 | #include "fileio.h" | |
f4f15635 | 19 | #include "fs-util.h" |
07d8c0eb | 20 | #include "hexdecoct.h" |
93cc7779 TA |
21 | #include "log.h" |
22 | #include "macro.h" | |
1d9ed171 | 23 | #include "missing.h" |
33d52ab9 | 24 | #include "parse-util.h" |
0d39fa9c | 25 | #include "path-util.h" |
33d52ab9 | 26 | #include "stdio-util.h" |
07630cea | 27 | #include "string-util.h" |
e4de7287 | 28 | #include "tmpfile-util.h" |
a5c32cff | 29 | |
c2d11a63 VC |
30 | #define READ_FULL_BYTES_MAX (4U*1024U*1024U) |
31 | ||
fdeea3f4 ZJS |
32 | int fopen_unlocked(const char *path, const char *options, FILE **ret) { |
33 | assert(ret); | |
34 | ||
35 | FILE *f = fopen(path, options); | |
36 | if (!f) | |
37 | return -errno; | |
38 | ||
39 | (void) __fsetlocking(f, FSETLOCKING_BYCALLER); | |
40 | ||
41 | *ret = f; | |
42 | return 0; | |
43 | } | |
44 | ||
02e23d1a ZJS |
45 | int fdopen_unlocked(int fd, const char *options, FILE **ret) { |
46 | assert(ret); | |
47 | ||
48 | FILE *f = fdopen(fd, options); | |
49 | if (!f) | |
50 | return -errno; | |
51 | ||
52 | (void) __fsetlocking(f, FSETLOCKING_BYCALLER); | |
53 | ||
54 | *ret = f; | |
55 | return 0; | |
56 | } | |
57 | ||
2fe21124 ZJS |
58 | FILE* open_memstream_unlocked(char **ptr, size_t *sizeloc) { |
59 | FILE *f = open_memstream(ptr, sizeloc); | |
60 | if (!f) | |
61 | return NULL; | |
62 | ||
63 | (void) __fsetlocking(f, FSETLOCKING_BYCALLER); | |
64 | ||
65 | return f; | |
66 | } | |
67 | ||
b1837133 LP |
68 | int write_string_stream_ts( |
69 | FILE *f, | |
70 | const char *line, | |
71 | WriteStringFileFlags flags, | |
72 | struct timespec *ts) { | |
dacd6cee | 73 | |
91dc2bf7 | 74 | bool needs_nl; |
be83711c | 75 | int r; |
91dc2bf7 | 76 | |
717603e3 LP |
77 | assert(f); |
78 | assert(line); | |
79 | ||
ba8b8c9e MG |
80 | if (ferror(f)) |
81 | return -EIO; | |
82 | ||
91dc2bf7 LP |
83 | needs_nl = !(flags & WRITE_STRING_FILE_AVOID_NEWLINE) && !endswith(line, "\n"); |
84 | ||
85 | if (needs_nl && (flags & WRITE_STRING_FILE_DISABLE_BUFFER)) { | |
86 | /* If STDIO buffering was disabled, then let's append the newline character to the string itself, so | |
87 | * that the write goes out in one go, instead of two */ | |
88 | ||
89 | line = strjoina(line, "\n"); | |
90 | needs_nl = false; | |
91 | } | |
92 | ||
94d3b60f MG |
93 | if (fputs(line, f) == EOF) |
94 | return -errno; | |
95 | ||
91dc2bf7 | 96 | if (needs_nl) |
94d3b60f MG |
97 | if (fputc('\n', f) == EOF) |
98 | return -errno; | |
a5c32cff | 99 | |
be83711c CL |
100 | if (flags & WRITE_STRING_FILE_SYNC) |
101 | r = fflush_sync_and_check(f); | |
102 | else | |
103 | r = fflush_and_check(f); | |
104 | if (r < 0) | |
105 | return r; | |
106 | ||
39c38d77 ZJS |
107 | if (ts) { |
108 | struct timespec twice[2] = {*ts, *ts}; | |
109 | ||
110 | if (futimens(fileno(f), twice) < 0) | |
111 | return -errno; | |
112 | } | |
113 | ||
be83711c | 114 | return 0; |
a5c32cff HH |
115 | } |
116 | ||
2eabcc77 LP |
117 | static int write_string_file_atomic( |
118 | const char *fn, | |
119 | const char *line, | |
b1837133 | 120 | WriteStringFileFlags flags, |
2eabcc77 LP |
121 | struct timespec *ts) { |
122 | ||
a5c32cff HH |
123 | _cleanup_fclose_ FILE *f = NULL; |
124 | _cleanup_free_ char *p = NULL; | |
125 | int r; | |
126 | ||
127 | assert(fn); | |
128 | assert(line); | |
129 | ||
130 | r = fopen_temporary(fn, &f, &p); | |
131 | if (r < 0) | |
132 | return r; | |
133 | ||
0d39fa9c | 134 | (void) fchmod_umask(fileno(f), 0644); |
a5c32cff | 135 | |
b1837133 | 136 | r = write_string_stream_ts(f, line, flags, ts); |
9dd1b1e8 LP |
137 | if (r < 0) |
138 | goto fail; | |
139 | ||
140 | if (rename(p, fn) < 0) { | |
141 | r = -errno; | |
142 | goto fail; | |
a5c32cff HH |
143 | } |
144 | ||
9dd1b1e8 | 145 | return 0; |
a5c32cff | 146 | |
9dd1b1e8 LP |
147 | fail: |
148 | (void) unlink(p); | |
a5c32cff HH |
149 | return r; |
150 | } | |
151 | ||
b1837133 LP |
152 | int write_string_file_ts( |
153 | const char *fn, | |
154 | const char *line, | |
155 | WriteStringFileFlags flags, | |
156 | struct timespec *ts) { | |
157 | ||
4c1fc3e4 | 158 | _cleanup_fclose_ FILE *f = NULL; |
eb3da901 | 159 | int q, r; |
4c1fc3e4 DM |
160 | |
161 | assert(fn); | |
162 | assert(line); | |
163 | ||
265710c2 AJ |
164 | /* We don't know how to verify whether the file contents was already on-disk. */ |
165 | assert(!((flags & WRITE_STRING_FILE_VERIFY_ON_FAILURE) && (flags & WRITE_STRING_FILE_SYNC))); | |
0675e94a | 166 | |
4c1fc3e4 DM |
167 | if (flags & WRITE_STRING_FILE_ATOMIC) { |
168 | assert(flags & WRITE_STRING_FILE_CREATE); | |
169 | ||
b1837133 | 170 | r = write_string_file_atomic(fn, line, flags, ts); |
eb3da901 LP |
171 | if (r < 0) |
172 | goto fail; | |
173 | ||
174 | return r; | |
39c38d77 | 175 | } else |
234519ae | 176 | assert(!ts); |
4c1fc3e4 DM |
177 | |
178 | if (flags & WRITE_STRING_FILE_CREATE) { | |
41f6e627 ZJS |
179 | r = fopen_unlocked(fn, "we", &f); |
180 | if (r < 0) | |
eb3da901 | 181 | goto fail; |
4c1fc3e4 DM |
182 | } else { |
183 | int fd; | |
184 | ||
185 | /* We manually build our own version of fopen(..., "we") that | |
186 | * works without O_CREAT */ | |
835d18ba | 187 | fd = open(fn, O_WRONLY|O_CLOEXEC|O_NOCTTY | ((flags & WRITE_STRING_FILE_NOFOLLOW) ? O_NOFOLLOW : 0)); |
eb3da901 LP |
188 | if (fd < 0) { |
189 | r = -errno; | |
190 | goto fail; | |
191 | } | |
4c1fc3e4 | 192 | |
02e23d1a ZJS |
193 | r = fdopen_unlocked(fd, "w", &f); |
194 | if (r < 0) { | |
4c1fc3e4 | 195 | safe_close(fd); |
eb3da901 | 196 | goto fail; |
4c1fc3e4 | 197 | } |
41f6e627 | 198 | } |
35bbbf85 | 199 | |
12ec9c30 TSH |
200 | if (flags & WRITE_STRING_FILE_DISABLE_BUFFER) |
201 | setvbuf(f, NULL, _IONBF, 0); | |
202 | ||
b1837133 | 203 | r = write_string_stream_ts(f, line, flags, ts); |
eb3da901 LP |
204 | if (r < 0) |
205 | goto fail; | |
206 | ||
207 | return 0; | |
208 | ||
209 | fail: | |
210 | if (!(flags & WRITE_STRING_FILE_VERIFY_ON_FAILURE)) | |
211 | return r; | |
212 | ||
213 | f = safe_fclose(f); | |
214 | ||
215 | /* OK, the operation failed, but let's see if the right | |
216 | * contents in place already. If so, eat up the error. */ | |
217 | ||
218 | q = verify_file(fn, line, !(flags & WRITE_STRING_FILE_AVOID_NEWLINE)); | |
219 | if (q <= 0) | |
220 | return r; | |
221 | ||
222 | return 0; | |
4c1fc3e4 DM |
223 | } |
224 | ||
3130fca5 LP |
225 | int write_string_filef( |
226 | const char *fn, | |
227 | WriteStringFileFlags flags, | |
228 | const char *format, ...) { | |
229 | ||
230 | _cleanup_free_ char *p = NULL; | |
231 | va_list ap; | |
232 | int r; | |
233 | ||
234 | va_start(ap, format); | |
235 | r = vasprintf(&p, format, ap); | |
236 | va_end(ap); | |
237 | ||
238 | if (r < 0) | |
239 | return -ENOMEM; | |
240 | ||
241 | return write_string_file(fn, p, flags); | |
242 | } | |
243 | ||
a5c32cff HH |
244 | int read_one_line_file(const char *fn, char **line) { |
245 | _cleanup_fclose_ FILE *f = NULL; | |
fdeea3f4 | 246 | int r; |
a5c32cff HH |
247 | |
248 | assert(fn); | |
249 | assert(line); | |
250 | ||
fdeea3f4 ZJS |
251 | r = fopen_unlocked(fn, "re", &f); |
252 | if (r < 0) | |
253 | return r; | |
35bbbf85 | 254 | |
d6062e3b | 255 | return read_line(f, LONG_LINE_MAX, line); |
a5c32cff HH |
256 | } |
257 | ||
eb3da901 LP |
258 | int verify_file(const char *fn, const char *blob, bool accept_extra_nl) { |
259 | _cleanup_fclose_ FILE *f = NULL; | |
260 | _cleanup_free_ char *buf = NULL; | |
261 | size_t l, k; | |
fdeea3f4 | 262 | int r; |
15dee3f0 | 263 | |
eb3da901 LP |
264 | assert(fn); |
265 | assert(blob); | |
266 | ||
267 | l = strlen(blob); | |
268 | ||
269 | if (accept_extra_nl && endswith(blob, "\n")) | |
270 | accept_extra_nl = false; | |
271 | ||
272 | buf = malloc(l + accept_extra_nl + 1); | |
273 | if (!buf) | |
274 | return -ENOMEM; | |
275 | ||
fdeea3f4 ZJS |
276 | r = fopen_unlocked(fn, "re", &f); |
277 | if (r < 0) | |
278 | return r; | |
35bbbf85 | 279 | |
eb3da901 LP |
280 | /* We try to read one byte more than we need, so that we know whether we hit eof */ |
281 | errno = 0; | |
282 | k = fread(buf, 1, l + accept_extra_nl + 1, f); | |
283 | if (ferror(f)) | |
284 | return errno > 0 ? -errno : -EIO; | |
285 | ||
286 | if (k != l && k != l + accept_extra_nl) | |
287 | return 0; | |
288 | if (memcmp(buf, blob, l) != 0) | |
289 | return 0; | |
290 | if (k > l && buf[l] != '\n') | |
291 | return 0; | |
15dee3f0 | 292 | |
eb3da901 | 293 | return 1; |
15dee3f0 LP |
294 | } |
295 | ||
15f8f026 | 296 | int read_full_stream_full( |
2d78717b | 297 | FILE *f, |
50caae7b | 298 | const char *filename, |
15f8f026 | 299 | ReadFullFileFlags flags, |
2d78717b LP |
300 | char **ret_contents, |
301 | size_t *ret_size) { | |
302 | ||
a5c32cff HH |
303 | _cleanup_free_ char *buf = NULL; |
304 | struct stat st; | |
15f8f026 YW |
305 | size_t n, n_next, l; |
306 | int fd, r; | |
a5c32cff | 307 | |
717603e3 | 308 | assert(f); |
2d78717b | 309 | assert(ret_contents); |
07d8c0eb | 310 | assert(!(flags & READ_FULL_FILE_UNBASE64) || ret_size); |
a5c32cff | 311 | |
15f8f026 | 312 | n_next = LINE_MAX; /* Start size */ |
a5c32cff | 313 | |
c4054ddf LP |
314 | fd = fileno(f); |
315 | if (fd >= 0) { /* If the FILE* object is backed by an fd (as opposed to memory or such, see fmemopen(), let's | |
316 | * optimize our buffering) */ | |
717603e3 | 317 | |
15f8f026 | 318 | if (fstat(fd, &st) < 0) |
c4054ddf LP |
319 | return -errno; |
320 | ||
321 | if (S_ISREG(st.st_mode)) { | |
717603e3 | 322 | |
c4054ddf LP |
323 | /* Safety check */ |
324 | if (st.st_size > READ_FULL_BYTES_MAX) | |
325 | return -E2BIG; | |
326 | ||
327 | /* Start with the right file size, but be prepared for files from /proc which generally report a file | |
328 | * size of 0. Note that we increase the size to read here by one, so that the first read attempt | |
329 | * already makes us notice the EOF. */ | |
330 | if (st.st_size > 0) | |
15f8f026 | 331 | n_next = st.st_size + 1; |
50caae7b YW |
332 | |
333 | if (flags & READ_FULL_FILE_SECURE) | |
334 | (void) warn_file_is_world_accessible(filename, &st, NULL, 0); | |
c4054ddf | 335 | } |
717603e3 | 336 | } |
a5c32cff | 337 | |
15f8f026 | 338 | n = l = 0; |
a5c32cff HH |
339 | for (;;) { |
340 | char *t; | |
341 | size_t k; | |
342 | ||
15f8f026 YW |
343 | if (flags & READ_FULL_FILE_SECURE) { |
344 | t = malloc(n_next + 1); | |
345 | if (!t) { | |
346 | r = -ENOMEM; | |
347 | goto finalize; | |
348 | } | |
349 | memcpy_safe(t, buf, n); | |
350 | explicit_bzero_safe(buf, n); | |
351 | } else { | |
352 | t = realloc(buf, n_next + 1); | |
353 | if (!t) | |
354 | return -ENOMEM; | |
355 | } | |
a5c32cff HH |
356 | |
357 | buf = t; | |
15f8f026 YW |
358 | n = n_next; |
359 | ||
5a89faf0 | 360 | errno = 0; |
a5c32cff | 361 | k = fread(buf + l, 1, n - l, f); |
c2d11a63 VC |
362 | if (k > 0) |
363 | l += k; | |
a5c32cff | 364 | |
15f8f026 YW |
365 | if (ferror(f)) { |
366 | r = errno > 0 ? -errno : -EIO; | |
367 | goto finalize; | |
368 | } | |
a5c32cff | 369 | |
c2d11a63 | 370 | if (feof(f)) |
a5c32cff | 371 | break; |
a5c32cff | 372 | |
c2d11a63 VC |
373 | /* We aren't expecting fread() to return a short read outside |
374 | * of (error && eof), assert buffer is full and enlarge buffer. | |
375 | */ | |
376 | assert(l == n); | |
a5c32cff HH |
377 | |
378 | /* Safety check */ | |
15f8f026 YW |
379 | if (n >= READ_FULL_BYTES_MAX) { |
380 | r = -E2BIG; | |
381 | goto finalize; | |
382 | } | |
c2d11a63 | 383 | |
15f8f026 | 384 | n_next = MIN(n * 2, READ_FULL_BYTES_MAX); |
a5c32cff HH |
385 | } |
386 | ||
07d8c0eb YW |
387 | if (flags & READ_FULL_FILE_UNBASE64) { |
388 | buf[l++] = 0; | |
389 | r = unbase64mem_full(buf, l, flags & READ_FULL_FILE_SECURE, (void **) ret_contents, ret_size); | |
390 | goto finalize; | |
391 | } | |
392 | ||
2d78717b LP |
393 | if (!ret_size) { |
394 | /* Safety check: if the caller doesn't want to know the size of what we just read it will rely on the | |
395 | * trailing NUL byte. But if there's an embedded NUL byte, then we should refuse operation as otherwise | |
396 | * there'd be ambiguity about what we just read. */ | |
397 | ||
15f8f026 YW |
398 | if (memchr(buf, 0, l)) { |
399 | r = -EBADMSG; | |
400 | goto finalize; | |
401 | } | |
2d78717b LP |
402 | } |
403 | ||
a5c32cff | 404 | buf[l] = 0; |
2d78717b | 405 | *ret_contents = TAKE_PTR(buf); |
a5c32cff | 406 | |
2d78717b LP |
407 | if (ret_size) |
408 | *ret_size = l; | |
a5c32cff HH |
409 | |
410 | return 0; | |
15f8f026 YW |
411 | |
412 | finalize: | |
413 | if (flags & READ_FULL_FILE_SECURE) | |
414 | explicit_bzero_safe(buf, n); | |
415 | ||
416 | return r; | |
a5c32cff HH |
417 | } |
418 | ||
15f8f026 | 419 | int read_full_file_full(const char *filename, ReadFullFileFlags flags, char **contents, size_t *size) { |
717603e3 | 420 | _cleanup_fclose_ FILE *f = NULL; |
fdeea3f4 | 421 | int r; |
717603e3 | 422 | |
15f8f026 | 423 | assert(filename); |
717603e3 LP |
424 | assert(contents); |
425 | ||
fdeea3f4 ZJS |
426 | r = fopen_unlocked(filename, "re", &f); |
427 | if (r < 0) | |
428 | return r; | |
35bbbf85 | 429 | |
50caae7b | 430 | return read_full_stream_full(f, filename, flags, contents, size); |
717603e3 LP |
431 | } |
432 | ||
68fee104 | 433 | int executable_is_script(const char *path, char **interpreter) { |
c8b32e11 | 434 | _cleanup_free_ char *line = NULL; |
99c61f6b | 435 | size_t len; |
68fee104 | 436 | char *ans; |
99c61f6b | 437 | int r; |
68fee104 ZJS |
438 | |
439 | assert(path); | |
440 | ||
441 | r = read_one_line_file(path, &line); | |
99c61f6b LP |
442 | if (r == -ENOBUFS) /* First line overly long? if so, then it's not a script */ |
443 | return 0; | |
68fee104 ZJS |
444 | if (r < 0) |
445 | return r; | |
446 | ||
447 | if (!startswith(line, "#!")) | |
448 | return 0; | |
449 | ||
450 | ans = strstrip(line + 2); | |
451 | len = strcspn(ans, " \t"); | |
452 | ||
453 | if (len == 0) | |
454 | return 0; | |
455 | ||
456 | ans = strndup(ans, len); | |
457 | if (!ans) | |
458 | return -ENOMEM; | |
459 | ||
460 | *interpreter = ans; | |
461 | return 1; | |
462 | } | |
69ab8088 ZJS |
463 | |
464 | /** | |
0a7b53bd | 465 | * Retrieve one field from a file like /proc/self/status. pattern |
c4cd1d4d AK |
466 | * should not include whitespace or the delimiter (':'). pattern matches only |
467 | * the beginning of a line. Whitespace before ':' is skipped. Whitespace and | |
468 | * zeros after the ':' will be skipped. field must be freed afterwards. | |
469 | * terminator specifies the terminating characters of the field value (not | |
470 | * included in the value). | |
69ab8088 | 471 | */ |
c4cd1d4d | 472 | int get_proc_field(const char *filename, const char *pattern, const char *terminator, char **field) { |
69ab8088 | 473 | _cleanup_free_ char *status = NULL; |
90110825 | 474 | char *t, *f; |
69ab8088 ZJS |
475 | size_t len; |
476 | int r; | |
477 | ||
c4cd1d4d | 478 | assert(terminator); |
69ab8088 | 479 | assert(filename); |
7ff7394d | 480 | assert(pattern); |
69ab8088 ZJS |
481 | assert(field); |
482 | ||
483 | r = read_full_file(filename, &status, NULL); | |
484 | if (r < 0) | |
485 | return r; | |
486 | ||
c4cd1d4d AK |
487 | t = status; |
488 | ||
489 | do { | |
490 | bool pattern_ok; | |
491 | ||
492 | do { | |
493 | t = strstr(t, pattern); | |
494 | if (!t) | |
495 | return -ENOENT; | |
496 | ||
497 | /* Check that pattern occurs in beginning of line. */ | |
498 | pattern_ok = (t == status || t[-1] == '\n'); | |
499 | ||
500 | t += strlen(pattern); | |
501 | ||
502 | } while (!pattern_ok); | |
503 | ||
504 | t += strspn(t, " \t"); | |
505 | if (!*t) | |
506 | return -ENOENT; | |
507 | ||
508 | } while (*t != ':'); | |
509 | ||
510 | t++; | |
69ab8088 | 511 | |
4ec29144 | 512 | if (*t) { |
1e5413f7 ZJS |
513 | t += strspn(t, " \t"); |
514 | ||
515 | /* Also skip zeros, because when this is used for | |
516 | * capabilities, we don't want the zeros. This way the | |
517 | * same capability set always maps to the same string, | |
518 | * irrespective of the total capability set size. For | |
519 | * other numbers it shouldn't matter. */ | |
520 | t += strspn(t, "0"); | |
4ec29144 ZJS |
521 | /* Back off one char if there's nothing but whitespace |
522 | and zeros */ | |
1e5413f7 | 523 | if (!*t || isspace(*t)) |
313cefa1 | 524 | t--; |
4ec29144 | 525 | } |
69ab8088 | 526 | |
c4cd1d4d | 527 | len = strcspn(t, terminator); |
69ab8088 | 528 | |
90110825 LP |
529 | f = strndup(t, len); |
530 | if (!f) | |
69ab8088 ZJS |
531 | return -ENOMEM; |
532 | ||
90110825 | 533 | *field = f; |
69ab8088 ZJS |
534 | return 0; |
535 | } | |
0d39fa9c LP |
536 | |
537 | DIR *xopendirat(int fd, const char *name, int flags) { | |
538 | int nfd; | |
539 | DIR *d; | |
540 | ||
541 | assert(!(flags & O_CREAT)); | |
542 | ||
543 | nfd = openat(fd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|flags, 0); | |
544 | if (nfd < 0) | |
545 | return NULL; | |
546 | ||
547 | d = fdopendir(nfd); | |
548 | if (!d) { | |
549 | safe_close(nfd); | |
550 | return NULL; | |
551 | } | |
552 | ||
553 | return d; | |
554 | } | |
555 | ||
556 | static int search_and_fopen_internal(const char *path, const char *mode, const char *root, char **search, FILE **_f) { | |
557 | char **i; | |
558 | ||
559 | assert(path); | |
560 | assert(mode); | |
561 | assert(_f); | |
562 | ||
563 | if (!path_strv_resolve_uniq(search, root)) | |
564 | return -ENOMEM; | |
565 | ||
566 | STRV_FOREACH(i, search) { | |
567 | _cleanup_free_ char *p = NULL; | |
568 | FILE *f; | |
569 | ||
570 | if (root) | |
605405c6 | 571 | p = strjoin(root, *i, "/", path); |
0d39fa9c | 572 | else |
605405c6 | 573 | p = strjoin(*i, "/", path); |
0d39fa9c LP |
574 | if (!p) |
575 | return -ENOMEM; | |
576 | ||
577 | f = fopen(p, mode); | |
578 | if (f) { | |
579 | *_f = f; | |
580 | return 0; | |
581 | } | |
582 | ||
583 | if (errno != ENOENT) | |
584 | return -errno; | |
585 | } | |
586 | ||
587 | return -ENOENT; | |
588 | } | |
589 | ||
590 | int search_and_fopen(const char *path, const char *mode, const char *root, const char **search, FILE **_f) { | |
591 | _cleanup_strv_free_ char **copy = NULL; | |
592 | ||
593 | assert(path); | |
594 | assert(mode); | |
595 | assert(_f); | |
596 | ||
597 | if (path_is_absolute(path)) { | |
598 | FILE *f; | |
599 | ||
600 | f = fopen(path, mode); | |
601 | if (f) { | |
602 | *_f = f; | |
603 | return 0; | |
604 | } | |
605 | ||
606 | return -errno; | |
607 | } | |
608 | ||
609 | copy = strv_copy((char**) search); | |
610 | if (!copy) | |
611 | return -ENOMEM; | |
612 | ||
613 | return search_and_fopen_internal(path, mode, root, copy, _f); | |
614 | } | |
615 | ||
616 | int search_and_fopen_nulstr(const char *path, const char *mode, const char *root, const char *search, FILE **_f) { | |
617 | _cleanup_strv_free_ char **s = NULL; | |
618 | ||
619 | if (path_is_absolute(path)) { | |
620 | FILE *f; | |
621 | ||
622 | f = fopen(path, mode); | |
623 | if (f) { | |
624 | *_f = f; | |
625 | return 0; | |
626 | } | |
627 | ||
628 | return -errno; | |
629 | } | |
630 | ||
631 | s = strv_split_nulstr(search); | |
632 | if (!s) | |
633 | return -ENOMEM; | |
634 | ||
635 | return search_and_fopen_internal(path, mode, root, s, _f); | |
636 | } | |
637 | ||
0d39fa9c LP |
638 | int fflush_and_check(FILE *f) { |
639 | assert(f); | |
640 | ||
641 | errno = 0; | |
642 | fflush(f); | |
643 | ||
644 | if (ferror(f)) | |
f5e5c28f | 645 | return errno > 0 ? -errno : -EIO; |
0d39fa9c LP |
646 | |
647 | return 0; | |
648 | } | |
649 | ||
0675e94a AJ |
650 | int fflush_sync_and_check(FILE *f) { |
651 | int r; | |
652 | ||
653 | assert(f); | |
654 | ||
655 | r = fflush_and_check(f); | |
656 | if (r < 0) | |
657 | return r; | |
658 | ||
659 | if (fsync(fileno(f)) < 0) | |
660 | return -errno; | |
661 | ||
8ac2f74f LP |
662 | r = fsync_directory_of_file(fileno(f)); |
663 | if (r < 0) | |
664 | return r; | |
665 | ||
0675e94a AJ |
666 | return 0; |
667 | } | |
668 | ||
33d52ab9 LP |
669 | int write_timestamp_file_atomic(const char *fn, usec_t n) { |
670 | char ln[DECIMAL_STR_MAX(n)+2]; | |
671 | ||
672 | /* Creates a "timestamp" file, that contains nothing but a | |
673 | * usec_t timestamp, formatted in ASCII. */ | |
674 | ||
675 | if (n <= 0 || n >= USEC_INFINITY) | |
676 | return -ERANGE; | |
677 | ||
678 | xsprintf(ln, USEC_FMT "\n", n); | |
679 | ||
680 | return write_string_file(fn, ln, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC); | |
681 | } | |
682 | ||
683 | int read_timestamp_file(const char *fn, usec_t *ret) { | |
684 | _cleanup_free_ char *ln = NULL; | |
685 | uint64_t t; | |
686 | int r; | |
687 | ||
688 | r = read_one_line_file(fn, &ln); | |
689 | if (r < 0) | |
690 | return r; | |
691 | ||
692 | r = safe_atou64(ln, &t); | |
693 | if (r < 0) | |
694 | return r; | |
695 | ||
696 | if (t <= 0 || t >= (uint64_t) USEC_INFINITY) | |
697 | return -ERANGE; | |
698 | ||
699 | *ret = (usec_t) t; | |
700 | return 0; | |
701 | } | |
d390f8ef LP |
702 | |
703 | int fputs_with_space(FILE *f, const char *s, const char *separator, bool *space) { | |
704 | int r; | |
705 | ||
706 | assert(s); | |
707 | ||
708 | /* Outputs the specified string with fputs(), but optionally prefixes it with a separator. The *space parameter | |
709 | * when specified shall initially point to a boolean variable initialized to false. It is set to true after the | |
710 | * first invocation. This call is supposed to be use in loops, where a separator shall be inserted between each | |
711 | * element, but not before the first one. */ | |
712 | ||
713 | if (!f) | |
714 | f = stdout; | |
715 | ||
716 | if (space) { | |
717 | if (!separator) | |
718 | separator = " "; | |
719 | ||
720 | if (*space) { | |
721 | r = fputs(separator, f); | |
722 | if (r < 0) | |
723 | return r; | |
724 | } | |
725 | ||
726 | *space = true; | |
727 | } | |
728 | ||
729 | return fputs(s, f); | |
730 | } | |
03532f0a | 731 | |
838894b0 LP |
732 | /* A bitmask of the EOL markers we know */ |
733 | typedef enum EndOfLineMarker { | |
734 | EOL_NONE = 0, | |
735 | EOL_ZERO = 1 << 0, /* \0 (aka NUL) */ | |
736 | EOL_TEN = 1 << 1, /* \n (aka NL, aka LF) */ | |
737 | EOL_THIRTEEN = 1 << 2, /* \r (aka CR) */ | |
738 | } EndOfLineMarker; | |
739 | ||
41f11239 LP |
740 | static EndOfLineMarker categorize_eol(char c, ReadLineFlags flags) { |
741 | ||
742 | if (!IN_SET(flags, READ_LINE_ONLY_NUL)) { | |
743 | if (c == '\n') | |
744 | return EOL_TEN; | |
745 | if (c == '\r') | |
746 | return EOL_THIRTEEN; | |
747 | } | |
748 | ||
838894b0 LP |
749 | if (c == '\0') |
750 | return EOL_ZERO; | |
751 | ||
752 | return EOL_NONE; | |
753 | } | |
754 | ||
57d6f700 | 755 | DEFINE_TRIVIAL_CLEANUP_FUNC(FILE*, funlockfile); |
f858e514 | 756 | |
41f11239 | 757 | int read_line_full(FILE *f, size_t limit, ReadLineFlags flags, char **ret) { |
4f9a66a3 | 758 | size_t n = 0, allocated = 0, count = 0; |
838894b0 | 759 | _cleanup_free_ char *buffer = NULL; |
03a7dbea | 760 | int r; |
4f9a66a3 LP |
761 | |
762 | assert(f); | |
763 | ||
764 | /* Something like a bounded version of getline(). | |
765 | * | |
838894b0 LP |
766 | * Considers EOF, \n, \r and \0 end of line delimiters (or combinations of these), and does not include these |
767 | * delimiters in the string returned. Specifically, recognizes the following combinations of markers as line | |
768 | * endings: | |
769 | * | |
770 | * • \n (UNIX) | |
771 | * • \r (old MacOS) | |
772 | * • \0 (C strings) | |
773 | * • \n\0 | |
774 | * • \r\0 | |
775 | * • \r\n (Windows) | |
776 | * • \n\r | |
777 | * • \r\n\0 | |
778 | * • \n\r\0 | |
4f9a66a3 LP |
779 | * |
780 | * Returns the number of bytes read from the files (i.e. including delimiters — this hence usually differs from | |
781 | * the number of characters in the returned string). When EOF is hit, 0 is returned. | |
782 | * | |
783 | * The input parameter limit is the maximum numbers of characters in the returned string, i.e. excluding | |
784 | * delimiters. If the limit is hit we fail and return -ENOBUFS. | |
785 | * | |
786 | * If a line shall be skipped ret may be initialized as NULL. */ | |
787 | ||
788 | if (ret) { | |
789 | if (!GREEDY_REALLOC(buffer, allocated, 1)) | |
790 | return -ENOMEM; | |
791 | } | |
792 | ||
f858e514 | 793 | { |
3f691417 | 794 | _unused_ _cleanup_(funlockfilep) FILE *flocked = f; |
838894b0 | 795 | EndOfLineMarker previous_eol = EOL_NONE; |
f858e514 | 796 | flockfile(f); |
4f9a66a3 | 797 | |
f858e514 | 798 | for (;;) { |
838894b0 | 799 | EndOfLineMarker eol; |
03a7dbea | 800 | char c; |
4f9a66a3 | 801 | |
f858e514 ZJS |
802 | if (n >= limit) |
803 | return -ENOBUFS; | |
4f9a66a3 | 804 | |
31fd02f0 LP |
805 | if (count >= INT_MAX) /* We couldn't return the counter anymore as "int", hence refuse this */ |
806 | return -ENOBUFS; | |
807 | ||
03a7dbea LP |
808 | r = safe_fgetc(f, &c); |
809 | if (r < 0) | |
810 | return r; | |
91a306b8 | 811 | if (r == 0) /* EOF is definitely EOL */ |
f858e514 | 812 | break; |
4f9a66a3 | 813 | |
41f11239 | 814 | eol = categorize_eol(c, flags); |
838894b0 LP |
815 | |
816 | if (FLAGS_SET(previous_eol, EOL_ZERO) || | |
817 | (eol == EOL_NONE && previous_eol != EOL_NONE) || | |
818 | (eol != EOL_NONE && (previous_eol & eol) != 0)) { | |
819 | /* Previous char was a NUL? This is not an EOL, but the previous char was? This type of | |
517b7760 LP |
820 | * EOL marker has been seen right before? In either of these three cases we are |
821 | * done. But first, let's put this character back in the queue. (Note that we have to | |
822 | * cast this to (unsigned char) here as ungetc() expects a positive 'int', and if we | |
823 | * are on an architecture where 'char' equals 'signed char' we need to ensure we don't | |
824 | * pass a negative value here. That said, to complicate things further ungetc() is | |
825 | * actually happy with most negative characters and implicitly casts them back to | |
826 | * positive ones as needed, except for \xff (aka -1, aka EOF), which it refuses. What a | |
827 | * godawful API!) */ | |
828 | assert_se(ungetc((unsigned char) c, f) != EOF); | |
f858e514 | 829 | break; |
838894b0 LP |
830 | } |
831 | ||
91a306b8 LP |
832 | count++; |
833 | ||
838894b0 LP |
834 | if (eol != EOL_NONE) { |
835 | previous_eol |= eol; | |
836 | continue; | |
837 | } | |
4f9a66a3 | 838 | |
f858e514 ZJS |
839 | if (ret) { |
840 | if (!GREEDY_REALLOC(buffer, allocated, n + 2)) | |
841 | return -ENOMEM; | |
4f9a66a3 | 842 | |
03a7dbea | 843 | buffer[n] = c; |
4f9a66a3 LP |
844 | } |
845 | ||
f858e514 | 846 | n++; |
4f9a66a3 | 847 | } |
4f9a66a3 LP |
848 | } |
849 | ||
4f9a66a3 LP |
850 | if (ret) { |
851 | buffer[n] = 0; | |
852 | ||
1cc6c93a | 853 | *ret = TAKE_PTR(buffer); |
4f9a66a3 LP |
854 | } |
855 | ||
856 | return (int) count; | |
857 | } | |
285a9b27 LP |
858 | |
859 | int safe_fgetc(FILE *f, char *ret) { | |
860 | int k; | |
861 | ||
862 | assert(f); | |
863 | ||
864 | /* A safer version of plain fgetc(): let's propagate the error that happened while reading as such, and | |
865 | * separate the EOF condition from the byte read, to avoid those confusion signed/unsigned issues fgetc() | |
866 | * has. */ | |
867 | ||
868 | errno = 0; | |
869 | k = fgetc(f); | |
870 | if (k == EOF) { | |
871 | if (ferror(f)) | |
872 | return errno > 0 ? -errno : -EIO; | |
873 | ||
874 | if (ret) | |
875 | *ret = 0; | |
876 | ||
877 | return 0; | |
878 | } | |
879 | ||
880 | if (ret) | |
881 | *ret = k; | |
882 | ||
883 | return 1; | |
884 | } | |
7a309a8c YW |
885 | |
886 | int warn_file_is_world_accessible(const char *filename, struct stat *st, const char *unit, unsigned line) { | |
887 | struct stat _st; | |
888 | ||
889 | if (!filename) | |
890 | return 0; | |
891 | ||
892 | if (!st) { | |
893 | if (stat(filename, &_st) < 0) | |
894 | return -errno; | |
895 | st = &_st; | |
896 | } | |
897 | ||
898 | if ((st->st_mode & S_IRWXO) == 0) | |
899 | return 0; | |
900 | ||
901 | if (unit) | |
902 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
903 | "%s has %04o mode that is too permissive, please adjust the access mode.", | |
904 | filename, st->st_mode & 07777); | |
905 | else | |
906 | log_warning("%s has %04o mode that is too permissive, please adjust the access mode.", | |
907 | filename, st->st_mode & 07777); | |
908 | return 0; | |
909 | } |