]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/basic/fileio.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Add open_memstream_unlocked() wrapper
[thirdparty/systemd.git] / src / basic / fileio.c
CommitLineData
53e1b683 1/* SPDX-License-Identifier: LGPL-2.1+ */
a5c32cff 2
8bdc9a90 3#include <ctype.h>
11c3a366
TA		 4#include <errno.h>
5#include <fcntl.h>
6#include <limits.h>
7#include <stdarg.h>
8#include <stdint.h>
35bbbf85 9#include <stdio_ext.h>
11c3a366
TA		 10#include <stdlib.h>
11#include <string.h>
12#include <sys/stat.h>
13#include <sys/types.h>
a5c32cff 14#include <unistd.h>
cda134ab 15
b5efdb8a 16#include "alloc-util.h"
3ffd4af2
LP		 17#include "fd-util.h"
18#include "fileio.h"
f4f15635 19#include "fs-util.h"
07d8c0eb 20#include "hexdecoct.h"
93cc7779
TA		 21#include "log.h"
22#include "macro.h"
1d9ed171 23#include "missing.h"
33d52ab9 24#include "parse-util.h"
0d39fa9c 25#include "path-util.h"
33d52ab9 26#include "stdio-util.h"
07630cea 27#include "string-util.h"
e4de7287 28#include "tmpfile-util.h"
a5c32cff 29
c2d11a63
VC		 30#define READ_FULL_BYTES_MAX (4U*1024U*1024U)
31
fdeea3f4
ZJS		 32int fopen_unlocked(const char *path, const char *options, FILE **ret) {
33 assert(ret);
34
35 FILE *f = fopen(path, options);
36 if (!f)
37 return -errno;
38
39 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
40
41 *ret = f;
42 return 0;
43}
44
02e23d1a
ZJS		 45int fdopen_unlocked(int fd, const char *options, FILE **ret) {
46 assert(ret);
47
48 FILE *f = fdopen(fd, options);
49 if (!f)
50 return -errno;
51
52 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
53
54 *ret = f;
55 return 0;
56}
57
2fe21124
ZJS		 58FILE* open_memstream_unlocked(char **ptr, size_t *sizeloc) {
59 FILE *f = open_memstream(ptr, sizeloc);
60 if (!f)
61 return NULL;
62
63 (void) __fsetlocking(f, FSETLOCKING_BYCALLER);
64
65 return f;
66}
67
b1837133
LP		 68int write_string_stream_ts(
69 FILE *f,
70 const char *line,
71 WriteStringFileFlags flags,
72 struct timespec *ts) {
dacd6cee 73
91dc2bf7 74 bool needs_nl;
be83711c 75 int r;
91dc2bf7 76
717603e3
LP		 77 assert(f);
78 assert(line);
79
ba8b8c9e
MG		 80 if (ferror(f))
81 return -EIO;
82
91dc2bf7
LP		 83 needs_nl = !(flags & WRITE_STRING_FILE_AVOID_NEWLINE) && !endswith(line, "\n");
84
85 if (needs_nl && (flags & WRITE_STRING_FILE_DISABLE_BUFFER)) {
86 /* If STDIO buffering was disabled, then let's append the newline character to the string itself, so
87 * that the write goes out in one go, instead of two */
88
89 line = strjoina(line, "\n");
90 needs_nl = false;
91 }
92
94d3b60f
MG		 93 if (fputs(line, f) == EOF)
94 return -errno;
95
91dc2bf7 96 if (needs_nl)
94d3b60f
MG		 97 if (fputc('\n', f) == EOF)
98 return -errno;
a5c32cff 99
be83711c
CL		 100 if (flags & WRITE_STRING_FILE_SYNC)
101 r = fflush_sync_and_check(f);
102 else
103 r = fflush_and_check(f);
104 if (r < 0)
105 return r;
106
39c38d77
ZJS		 107 if (ts) {
108 struct timespec twice[2] = {*ts, *ts};
109
110 if (futimens(fileno(f), twice) < 0)
111 return -errno;
112 }
113
be83711c 114 return 0;
a5c32cff
HH		 115}
116
2eabcc77
LP		 117static int write_string_file_atomic(
118 const char *fn,
119 const char *line,
b1837133 120 WriteStringFileFlags flags,
2eabcc77
LP		 121 struct timespec *ts) {
122
a5c32cff
HH		 123 _cleanup_fclose_ FILE *f = NULL;
124 _cleanup_free_ char *p = NULL;
125 int r;
126
127 assert(fn);
128 assert(line);
129
130 r = fopen_temporary(fn, &f, &p);
131 if (r < 0)
132 return r;
133
0d39fa9c 134 (void) fchmod_umask(fileno(f), 0644);
a5c32cff 135
b1837133 136 r = write_string_stream_ts(f, line, flags, ts);
9dd1b1e8
LP		 137 if (r < 0)
138 goto fail;
139
140 if (rename(p, fn) < 0) {
141 r = -errno;
142 goto fail;
a5c32cff
HH		 143 }
144
9dd1b1e8 145 return 0;
a5c32cff 146
9dd1b1e8
LP		 147fail:
148 (void) unlink(p);
a5c32cff
HH		 149 return r;
150}
151
b1837133
LP		 152int write_string_file_ts(
153 const char *fn,
154 const char *line,
155 WriteStringFileFlags flags,
156 struct timespec *ts) {
157
4c1fc3e4 158 _cleanup_fclose_ FILE *f = NULL;
eb3da901 159 int q, r;
4c1fc3e4
DM		 160
161 assert(fn);
162 assert(line);
163
265710c2
AJ		 164 /* We don't know how to verify whether the file contents was already on-disk. */
165 assert(!((flags & WRITE_STRING_FILE_VERIFY_ON_FAILURE) && (flags & WRITE_STRING_FILE_SYNC)));
0675e94a 166
4c1fc3e4
DM		 167 if (flags & WRITE_STRING_FILE_ATOMIC) {
168 assert(flags & WRITE_STRING_FILE_CREATE);
169
b1837133 170 r = write_string_file_atomic(fn, line, flags, ts);
eb3da901
LP		 171 if (r < 0)
172 goto fail;
173
174 return r;
39c38d77 175 } else
234519ae 176 assert(!ts);
4c1fc3e4
DM		 177
178 if (flags & WRITE_STRING_FILE_CREATE) {
41f6e627
ZJS		 179 r = fopen_unlocked(fn, "we", &f);
180 if (r < 0)
eb3da901 181 goto fail;
4c1fc3e4
DM		 182 } else {
183 int fd;
184
185 /* We manually build our own version of fopen(..., "we") that
186 * works without O_CREAT */
835d18ba 187 fd = open(fn, O_WRONLY|O_CLOEXEC|O_NOCTTY | ((flags & WRITE_STRING_FILE_NOFOLLOW) ? O_NOFOLLOW : 0));
eb3da901
LP		 188 if (fd < 0) {
189 r = -errno;
190 goto fail;
191 }
4c1fc3e4 192
02e23d1a
ZJS		 193 r = fdopen_unlocked(fd, "w", &f);
194 if (r < 0) {
4c1fc3e4 195 safe_close(fd);
eb3da901 196 goto fail;
4c1fc3e4 197 }
41f6e627 198 }
35bbbf85 199
12ec9c30
TSH		 200 if (flags & WRITE_STRING_FILE_DISABLE_BUFFER)
201 setvbuf(f, NULL, _IONBF, 0);
202
b1837133 203 r = write_string_stream_ts(f, line, flags, ts);
eb3da901
LP		 204 if (r < 0)
205 goto fail;
206
207 return 0;
208
209fail:
210 if (!(flags & WRITE_STRING_FILE_VERIFY_ON_FAILURE))
211 return r;
212
213 f = safe_fclose(f);
214
215 /* OK, the operation failed, but let's see if the right
216 * contents in place already. If so, eat up the error. */
217
218 q = verify_file(fn, line, !(flags & WRITE_STRING_FILE_AVOID_NEWLINE));
219 if (q <= 0)
220 return r;
221
222 return 0;
4c1fc3e4
DM		 223}
224
3130fca5
LP		 225int write_string_filef(
226 const char *fn,
227 WriteStringFileFlags flags,
228 const char *format, ...) {
229
230 _cleanup_free_ char *p = NULL;
231 va_list ap;
232 int r;
233
234 va_start(ap, format);
235 r = vasprintf(&p, format, ap);
236 va_end(ap);
237
238 if (r < 0)
239 return -ENOMEM;
240
241 return write_string_file(fn, p, flags);
242}
243
a5c32cff
HH		 244int read_one_line_file(const char *fn, char **line) {
245 _cleanup_fclose_ FILE *f = NULL;
fdeea3f4 246 int r;
a5c32cff
HH		 247
248 assert(fn);
249 assert(line);
250
fdeea3f4
ZJS		 251 r = fopen_unlocked(fn, "re", &f);
252 if (r < 0)
253 return r;
35bbbf85 254
d6062e3b 255 return read_line(f, LONG_LINE_MAX, line);
a5c32cff
HH		 256}
257
eb3da901
LP		 258int verify_file(const char *fn, const char *blob, bool accept_extra_nl) {
259 _cleanup_fclose_ FILE *f = NULL;
260 _cleanup_free_ char *buf = NULL;
261 size_t l, k;
fdeea3f4 262 int r;
15dee3f0 263
eb3da901
LP		 264 assert(fn);
265 assert(blob);
266
267 l = strlen(blob);
268
269 if (accept_extra_nl && endswith(blob, "\n"))
270 accept_extra_nl = false;
271
272 buf = malloc(l + accept_extra_nl + 1);
273 if (!buf)
274 return -ENOMEM;
275
fdeea3f4
ZJS		 276 r = fopen_unlocked(fn, "re", &f);
277 if (r < 0)
278 return r;
35bbbf85 279
eb3da901
LP		 280 /* We try to read one byte more than we need, so that we know whether we hit eof */
281 errno = 0;
282 k = fread(buf, 1, l + accept_extra_nl + 1, f);
283 if (ferror(f))
284 return errno > 0 ? -errno : -EIO;
285
286 if (k != l && k != l + accept_extra_nl)
287 return 0;
288 if (memcmp(buf, blob, l) != 0)
289 return 0;
290 if (k > l && buf[l] != '\n')
291 return 0;
15dee3f0 292
eb3da901 293 return 1;
15dee3f0
LP		 294}
295
15f8f026 296int read_full_stream_full(
2d78717b 297 FILE *f,
50caae7b 298 const char *filename,
15f8f026 299 ReadFullFileFlags flags,
2d78717b
LP		 300 char **ret_contents,
301 size_t *ret_size) {
302
a5c32cff
HH		 303 _cleanup_free_ char *buf = NULL;
304 struct stat st;
15f8f026
YW		 305 size_t n, n_next, l;
306 int fd, r;
a5c32cff 307
717603e3 308 assert(f);
2d78717b 309 assert(ret_contents);
07d8c0eb 310 assert(!(flags & READ_FULL_FILE_UNBASE64) || ret_size);
a5c32cff 311
15f8f026 312 n_next = LINE_MAX; /* Start size */
a5c32cff 313
c4054ddf
LP		 314 fd = fileno(f);
315 if (fd >= 0) { /* If the FILE* object is backed by an fd (as opposed to memory or such, see fmemopen(), let's
316 * optimize our buffering) */
717603e3 317
15f8f026 318 if (fstat(fd, &st) < 0)
c4054ddf
LP		 319 return -errno;
320
321 if (S_ISREG(st.st_mode)) {
717603e3 322
c4054ddf
LP		 323 /* Safety check */
324 if (st.st_size > READ_FULL_BYTES_MAX)
325 return -E2BIG;
326
327 /* Start with the right file size, but be prepared for files from /proc which generally report a file
328 * size of 0. Note that we increase the size to read here by one, so that the first read attempt
329 * already makes us notice the EOF. */
330 if (st.st_size > 0)
15f8f026 331 n_next = st.st_size + 1;
50caae7b
YW		 332
333 if (flags & READ_FULL_FILE_SECURE)
334 (void) warn_file_is_world_accessible(filename, &st, NULL, 0);
c4054ddf 335 }
717603e3 336 }
a5c32cff 337
15f8f026 338 n = l = 0;
a5c32cff
HH		 339 for (;;) {
340 char *t;
341 size_t k;
342
15f8f026
YW		 343 if (flags & READ_FULL_FILE_SECURE) {
344 t = malloc(n_next + 1);
345 if (!t) {
346 r = -ENOMEM;
347 goto finalize;
348 }
349 memcpy_safe(t, buf, n);
350 explicit_bzero_safe(buf, n);
351 } else {
352 t = realloc(buf, n_next + 1);
353 if (!t)
354 return -ENOMEM;
355 }
a5c32cff
HH		 356
357 buf = t;
15f8f026
YW		 358 n = n_next;
359
5a89faf0 360 errno = 0;
a5c32cff 361 k = fread(buf + l, 1, n - l, f);
c2d11a63
VC		 362 if (k > 0)
363 l += k;
a5c32cff 364
15f8f026
YW		 365 if (ferror(f)) {
366 r = errno > 0 ? -errno : -EIO;
367 goto finalize;
368 }
a5c32cff 369
c2d11a63 370 if (feof(f))
a5c32cff 371 break;
a5c32cff 372
c2d11a63
VC		 373 /* We aren't expecting fread() to return a short read outside
374 * of (error && eof), assert buffer is full and enlarge buffer.
375 */
376 assert(l == n);
a5c32cff
HH		 377
378 /* Safety check */
15f8f026
YW		 379 if (n >= READ_FULL_BYTES_MAX) {
380 r = -E2BIG;
381 goto finalize;
382 }
c2d11a63 383
15f8f026 384 n_next = MIN(n * 2, READ_FULL_BYTES_MAX);
a5c32cff
HH		 385 }
386
07d8c0eb
YW		 387 if (flags & READ_FULL_FILE_UNBASE64) {
388 buf[l++] = 0;
389 r = unbase64mem_full(buf, l, flags & READ_FULL_FILE_SECURE, (void **) ret_contents, ret_size);
390 goto finalize;
391 }
392
2d78717b
LP		 393 if (!ret_size) {
394 /* Safety check: if the caller doesn't want to know the size of what we just read it will rely on the
395 * trailing NUL byte. But if there's an embedded NUL byte, then we should refuse operation as otherwise
396 * there'd be ambiguity about what we just read. */
397
15f8f026
YW		 398 if (memchr(buf, 0, l)) {
399 r = -EBADMSG;
400 goto finalize;
401 }
2d78717b
LP		 402 }
403
a5c32cff 404 buf[l] = 0;
2d78717b 405 *ret_contents = TAKE_PTR(buf);
a5c32cff 406
2d78717b
LP		 407 if (ret_size)
408 *ret_size = l;
a5c32cff
HH		 409
410 return 0;
15f8f026
YW		 411
412finalize:
413 if (flags & READ_FULL_FILE_SECURE)
414 explicit_bzero_safe(buf, n);
415
416 return r;
a5c32cff
HH		 417}
418
15f8f026 419int read_full_file_full(const char *filename, ReadFullFileFlags flags, char **contents, size_t *size) {
717603e3 420 _cleanup_fclose_ FILE *f = NULL;
fdeea3f4 421 int r;
717603e3 422
15f8f026 423 assert(filename);
717603e3
LP		 424 assert(contents);
425
fdeea3f4
ZJS		 426 r = fopen_unlocked(filename, "re", &f);
427 if (r < 0)
428 return r;
35bbbf85 429
50caae7b 430 return read_full_stream_full(f, filename, flags, contents, size);
717603e3
LP		 431}
432
68fee104 433int executable_is_script(const char *path, char **interpreter) {
c8b32e11 434 _cleanup_free_ char *line = NULL;
99c61f6b 435 size_t len;
68fee104 436 char *ans;
99c61f6b 437 int r;
68fee104
ZJS		 438
439 assert(path);
440
441 r = read_one_line_file(path, &line);
99c61f6b
LP		 442 if (r == -ENOBUFS) /* First line overly long? if so, then it's not a script */
443 return 0;
68fee104
ZJS		 444 if (r < 0)
445 return r;
446
447 if (!startswith(line, "#!"))
448 return 0;
449
450 ans = strstrip(line + 2);
451 len = strcspn(ans, " \t");
452
453 if (len == 0)
454 return 0;
455
456 ans = strndup(ans, len);
457 if (!ans)
458 return -ENOMEM;
459
460 *interpreter = ans;
461 return 1;
462}
69ab8088
ZJS		 463
464/**
0a7b53bd 465 * Retrieve one field from a file like /proc/self/status. pattern
c4cd1d4d
AK		 466 * should not include whitespace or the delimiter (':'). pattern matches only
467 * the beginning of a line. Whitespace before ':' is skipped. Whitespace and
468 * zeros after the ':' will be skipped. field must be freed afterwards.
469 * terminator specifies the terminating characters of the field value (not
470 * included in the value).
69ab8088 471 */
c4cd1d4d 472int get_proc_field(const char *filename, const char *pattern, const char *terminator, char **field) {
69ab8088 473 _cleanup_free_ char *status = NULL;
90110825 474 char *t, *f;
69ab8088
ZJS		 475 size_t len;
476 int r;
477
c4cd1d4d 478 assert(terminator);
69ab8088 479 assert(filename);
7ff7394d 480 assert(pattern);
69ab8088
ZJS		 481 assert(field);
482
483 r = read_full_file(filename, &status, NULL);
484 if (r < 0)
485 return r;
486
c4cd1d4d
AK		 487 t = status;
488
489 do {
490 bool pattern_ok;
491
492 do {
493 t = strstr(t, pattern);
494 if (!t)
495 return -ENOENT;
496
497 /* Check that pattern occurs in beginning of line. */
498 pattern_ok = (t == status || t[-1] == '\n');
499
500 t += strlen(pattern);
501
502 } while (!pattern_ok);
503
504 t += strspn(t, " \t");
505 if (!*t)
506 return -ENOENT;
507
508 } while (*t != ':');
509
510 t++;
69ab8088 511
4ec29144 512 if (*t) {
1e5413f7
ZJS		 513 t += strspn(t, " \t");
514
515 /* Also skip zeros, because when this is used for
516 * capabilities, we don't want the zeros. This way the
517 * same capability set always maps to the same string,
518 * irrespective of the total capability set size. For
519 * other numbers it shouldn't matter. */
520 t += strspn(t, "0");
4ec29144
ZJS		 521 /* Back off one char if there's nothing but whitespace
522 and zeros */
1e5413f7 523 if (!*t || isspace(*t))
313cefa1 524 t--;
4ec29144 525 }
69ab8088 526
c4cd1d4d 527 len = strcspn(t, terminator);
69ab8088 528
90110825
LP		 529 f = strndup(t, len);
530 if (!f)
69ab8088
ZJS		 531 return -ENOMEM;
532
90110825 533 *field = f;
69ab8088
ZJS		 534 return 0;
535}
0d39fa9c
LP		 536
537DIR *xopendirat(int fd, const char *name, int flags) {
538 int nfd;
539 DIR *d;
540
541 assert(!(flags & O_CREAT));
542
543 nfd = openat(fd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|flags, 0);
544 if (nfd < 0)
545 return NULL;
546
547 d = fdopendir(nfd);
548 if (!d) {
549 safe_close(nfd);
550 return NULL;
551 }
552
553 return d;
554}
555
556static int search_and_fopen_internal(const char *path, const char *mode, const char *root, char **search, FILE **_f) {
557 char **i;
558
559 assert(path);
560 assert(mode);
561 assert(_f);
562
563 if (!path_strv_resolve_uniq(search, root))
564 return -ENOMEM;
565
566 STRV_FOREACH(i, search) {
567 _cleanup_free_ char *p = NULL;
568 FILE *f;
569
570 if (root)
605405c6 571 p = strjoin(root, *i, "/", path);
0d39fa9c 572 else
605405c6 573 p = strjoin(*i, "/", path);
0d39fa9c
LP		 574 if (!p)
575 return -ENOMEM;
576
577 f = fopen(p, mode);
578 if (f) {
579 *_f = f;
580 return 0;
581 }
582
583 if (errno != ENOENT)
584 return -errno;
585 }
586
587 return -ENOENT;
588}
589
590int search_and_fopen(const char *path, const char *mode, const char *root, const char **search, FILE **_f) {
591 _cleanup_strv_free_ char **copy = NULL;
592
593 assert(path);
594 assert(mode);
595 assert(_f);
596
597 if (path_is_absolute(path)) {
598 FILE *f;
599
600 f = fopen(path, mode);
601 if (f) {
602 *_f = f;
603 return 0;
604 }
605
606 return -errno;
607 }
608
609 copy = strv_copy((char**) search);
610 if (!copy)
611 return -ENOMEM;
612
613 return search_and_fopen_internal(path, mode, root, copy, _f);
614}
615
616int search_and_fopen_nulstr(const char *path, const char *mode, const char *root, const char *search, FILE **_f) {
617 _cleanup_strv_free_ char **s = NULL;
618
619 if (path_is_absolute(path)) {
620 FILE *f;
621
622 f = fopen(path, mode);
623 if (f) {
624 *_f = f;
625 return 0;
626 }
627
628 return -errno;
629 }
630
631 s = strv_split_nulstr(search);
632 if (!s)
633 return -ENOMEM;
634
635 return search_and_fopen_internal(path, mode, root, s, _f);
636}
637
0d39fa9c
LP		 638int fflush_and_check(FILE *f) {
639 assert(f);
640
641 errno = 0;
642 fflush(f);
643
644 if (ferror(f))
f5e5c28f 645 return errno > 0 ? -errno : -EIO;
0d39fa9c
LP		 646
647 return 0;
648}
649
0675e94a
AJ		 650int fflush_sync_and_check(FILE *f) {
651 int r;
652
653 assert(f);
654
655 r = fflush_and_check(f);
656 if (r < 0)
657 return r;
658
659 if (fsync(fileno(f)) < 0)
660 return -errno;
661
8ac2f74f
LP		 662 r = fsync_directory_of_file(fileno(f));
663 if (r < 0)
664 return r;
665
0675e94a
AJ		 666 return 0;
667}
668
33d52ab9
LP		 669int write_timestamp_file_atomic(const char *fn, usec_t n) {
670 char ln[DECIMAL_STR_MAX(n)+2];
671
672 /* Creates a "timestamp" file, that contains nothing but a
673 * usec_t timestamp, formatted in ASCII. */
674
675 if (n <= 0 || n >= USEC_INFINITY)
676 return -ERANGE;
677
678 xsprintf(ln, USEC_FMT "\n", n);
679
680 return write_string_file(fn, ln, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC);
681}
682
683int read_timestamp_file(const char *fn, usec_t *ret) {
684 _cleanup_free_ char *ln = NULL;
685 uint64_t t;
686 int r;
687
688 r = read_one_line_file(fn, &ln);
689 if (r < 0)
690 return r;
691
692 r = safe_atou64(ln, &t);
693 if (r < 0)
694 return r;
695
696 if (t <= 0 || t >= (uint64_t) USEC_INFINITY)
697 return -ERANGE;
698
699 *ret = (usec_t) t;
700 return 0;
701}
d390f8ef
LP		 702
703int fputs_with_space(FILE *f, const char *s, const char *separator, bool *space) {
704 int r;
705
706 assert(s);
707
708 /* Outputs the specified string with fputs(), but optionally prefixes it with a separator. The *space parameter
709 * when specified shall initially point to a boolean variable initialized to false. It is set to true after the
710 * first invocation. This call is supposed to be use in loops, where a separator shall be inserted between each
711 * element, but not before the first one. */
712
713 if (!f)
714 f = stdout;
715
716 if (space) {
717 if (!separator)
718 separator = " ";
719
720 if (*space) {
721 r = fputs(separator, f);
722 if (r < 0)
723 return r;
724 }
725
726 *space = true;
727 }
728
729 return fputs(s, f);
730}
03532f0a 731
838894b0
LP		 732/* A bitmask of the EOL markers we know */
733typedef enum EndOfLineMarker {
734 EOL_NONE = 0,
735 EOL_ZERO = 1 << 0, /* \0 (aka NUL) */
736 EOL_TEN = 1 << 1, /* \n (aka NL, aka LF) */
737 EOL_THIRTEEN = 1 << 2, /* \r (aka CR) */
738} EndOfLineMarker;
739
41f11239
LP		 740static EndOfLineMarker categorize_eol(char c, ReadLineFlags flags) {
741
742 if (!IN_SET(flags, READ_LINE_ONLY_NUL)) {
743 if (c == '\n')
744 return EOL_TEN;
745 if (c == '\r')
746 return EOL_THIRTEEN;
747 }
748
838894b0
LP		 749 if (c == '\0')
750 return EOL_ZERO;
751
752 return EOL_NONE;
753}
754
57d6f700 755DEFINE_TRIVIAL_CLEANUP_FUNC(FILE*, funlockfile);
f858e514 756
41f11239 757int read_line_full(FILE *f, size_t limit, ReadLineFlags flags, char **ret) {
4f9a66a3 758 size_t n = 0, allocated = 0, count = 0;
838894b0 759 _cleanup_free_ char *buffer = NULL;
03a7dbea 760 int r;
4f9a66a3
LP		 761
762 assert(f);
763
764 /* Something like a bounded version of getline().
765 *
838894b0
LP		 766 * Considers EOF, \n, \r and \0 end of line delimiters (or combinations of these), and does not include these
767 * delimiters in the string returned. Specifically, recognizes the following combinations of markers as line
768 * endings:
769 *
770 * • \n (UNIX)
771 * • \r (old MacOS)
772 * • \0 (C strings)
773 * • \n\0
774 * • \r\0
775 * • \r\n (Windows)
776 * • \n\r
777 * • \r\n\0
778 * • \n\r\0
4f9a66a3
LP		 779 *
780 * Returns the number of bytes read from the files (i.e. including delimiters — this hence usually differs from
781 * the number of characters in the returned string). When EOF is hit, 0 is returned.
782 *
783 * The input parameter limit is the maximum numbers of characters in the returned string, i.e. excluding
784 * delimiters. If the limit is hit we fail and return -ENOBUFS.
785 *
786 * If a line shall be skipped ret may be initialized as NULL. */
787
788 if (ret) {
789 if (!GREEDY_REALLOC(buffer, allocated, 1))
790 return -ENOMEM;
791 }
792
f858e514 793 {
3f691417 794 _unused_ _cleanup_(funlockfilep) FILE *flocked = f;
838894b0 795 EndOfLineMarker previous_eol = EOL_NONE;
f858e514 796 flockfile(f);
4f9a66a3 797
f858e514 798 for (;;) {
838894b0 799 EndOfLineMarker eol;
03a7dbea 800 char c;
4f9a66a3 801
f858e514
ZJS		 802 if (n >= limit)
803 return -ENOBUFS;
4f9a66a3 804
31fd02f0
LP		 805 if (count >= INT_MAX) /* We couldn't return the counter anymore as "int", hence refuse this */
806 return -ENOBUFS;
807
03a7dbea
LP		 808 r = safe_fgetc(f, &c);
809 if (r < 0)
810 return r;
91a306b8 811 if (r == 0) /* EOF is definitely EOL */
f858e514 812 break;
4f9a66a3 813
41f11239 814 eol = categorize_eol(c, flags);
838894b0
LP		 815
816 if (FLAGS_SET(previous_eol, EOL_ZERO) ||
817 (eol == EOL_NONE && previous_eol != EOL_NONE) ||
818 (eol != EOL_NONE && (previous_eol & eol) != 0)) {
819 /* Previous char was a NUL? This is not an EOL, but the previous char was? This type of
517b7760
LP		 820 * EOL marker has been seen right before? In either of these three cases we are
821 * done. But first, let's put this character back in the queue. (Note that we have to
822 * cast this to (unsigned char) here as ungetc() expects a positive 'int', and if we
823 * are on an architecture where 'char' equals 'signed char' we need to ensure we don't
824 * pass a negative value here. That said, to complicate things further ungetc() is
825 * actually happy with most negative characters and implicitly casts them back to
826 * positive ones as needed, except for \xff (aka -1, aka EOF), which it refuses. What a
827 * godawful API!) */
828 assert_se(ungetc((unsigned char) c, f) != EOF);
f858e514 829 break;
838894b0
LP		 830 }
831
91a306b8
LP		 832 count++;
833
838894b0
LP		 834 if (eol != EOL_NONE) {
835 previous_eol |= eol;
836 continue;
837 }
4f9a66a3 838
f858e514
ZJS		 839 if (ret) {
840 if (!GREEDY_REALLOC(buffer, allocated, n + 2))
841 return -ENOMEM;
4f9a66a3 842
03a7dbea 843 buffer[n] = c;
4f9a66a3
LP		 844 }
845
f858e514 846 n++;
4f9a66a3 847 }
4f9a66a3
LP		 848 }
849
4f9a66a3
LP		 850 if (ret) {
851 buffer[n] = 0;
852
1cc6c93a 853 *ret = TAKE_PTR(buffer);
4f9a66a3
LP		 854 }
855
856 return (int) count;
857}
285a9b27
LP		 858
859int safe_fgetc(FILE *f, char *ret) {
860 int k;
861
862 assert(f);
863
864 /* A safer version of plain fgetc(): let's propagate the error that happened while reading as such, and
865 * separate the EOF condition from the byte read, to avoid those confusion signed/unsigned issues fgetc()
866 * has. */
867
868 errno = 0;
869 k = fgetc(f);
870 if (k == EOF) {
871 if (ferror(f))
872 return errno > 0 ? -errno : -EIO;
873
874 if (ret)
875 *ret = 0;
876
877 return 0;
878 }
879
880 if (ret)
881 *ret = k;
882
883 return 1;
884}
7a309a8c
YW		 885
886int warn_file_is_world_accessible(const char *filename, struct stat *st, const char *unit, unsigned line) {
887 struct stat _st;
888
889 if (!filename)
890 return 0;
891
892 if (!st) {
893 if (stat(filename, &_st) < 0)
894 return -errno;
895 st = &_st;
896 }
897
898 if ((st->st_mode & S_IRWXO) == 0)
899 return 0;
900
901 if (unit)
902 log_syntax(unit, LOG_WARNING, filename, line, 0,
903 "%s has %04o mode that is too permissive, please adjust the access mode.",
904 filename, st->st_mode & 07777);
905 else
906 log_warning("%s has %04o mode that is too permissive, please adjust the access mode.",
907 filename, st->st_mode & 07777);
908 return 0;
909}
Unnamed repository; edit this file 'description' to name the repository.