elf/chroot_canon.c

   1 /* Return the canonical absolute name of a given file inside chroot.
   2    Copyright (C) 1996,1997,1998,1999,2000,2001,2004,2005
   3         Free Software Foundation, Inc.
   4    This file is part of the GNU C Library.
   5
   6    This program is free software; you can redistribute it and/or modify
   7    it under the terms of the GNU General Public License version 2 as
   8    published by the Free Software Foundation.
   9
  10    This program is distributed in the hope that it will be useful,
  11    but WITHOUT ANY WARRANTY; without even the implied warranty of
  12    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13    GNU General Public License for more details.
  14
  15    You should have received a copy of the GNU General Public License
  16    along with this program; if not, write to the Free Software Foundation,
  17    Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.  */
  18
  19 #include <stdlib.h>
  20 #include <string.h>
  21 #include <unistd.h>
  22 #include <limits.h>
  23 #include <sys/param.h>
  24 #include <sys/stat.h>
  25 #include <errno.h>
  26 #include <stddef.h>
  27 #include <stdint.h>
  28
  29 #include <ldconfig.h>
  30
  31 #ifndef PATH_MAX
  32 #define PATH_MAX 1024
  33 #endif
  34
  35 /* Return the canonical absolute name of file NAME as if chroot(CHROOT) was
  36    done first.  A canonical name does not contain any `.', `..' components
  37    nor any repeated path separators ('/') or symlinks.  All path components
  38    must exist and NAME must be absolute filename.  The result is malloc'd.
  39    The returned name includes the CHROOT prefix.  */
  40
  41 char *
  42 chroot_canon (const char *chroot, const char *name)
  43 {
  44   char *rpath;
  45   char *dest;
  46   char *extra_buf = NULL;
  47   char *rpath_root;
  48   const char *start;
  49   const char *end;
  50   const char *rpath_limit;
  51   int num_links = 0;
  52   size_t chroot_len = strlen (chroot);
  53
  54   if (chroot_len < 1)
  55     {
  56       __set_errno (EINVAL);
  57       return NULL;
  58     }
  59
  60   rpath = malloc (chroot_len + PATH_MAX);
  61   if (rpath == NULL)
  62     return NULL;
  63
  64   rpath_limit = rpath + chroot_len + PATH_MAX;
  65
  66   rpath_root = (char *) mempcpy (rpath, chroot, chroot_len) - 1;
  67   if (*rpath_root != '/')
  68     *++rpath_root = '/';
  69   dest = rpath_root + 1;
  70
  71   for (start = end = name; *start; start = end)
  72     {
  73       struct stat64 st;
  74       int n;
  75
  76       /* Skip sequence of multiple path-separators.  */
  77       while (*start == '/')
  78         ++start;
  79
  80       /* Find end of path component.  */
  81       for (end = start; *end && *end != '/'; ++end)
  82         /* Nothing.  */;
  83
  84       if (end - start == 0)
  85         break;
  86       else if (end - start == 1 && start[0] == '.')
  87         /* nothing */;
  88       else if (end - start == 2 && start[0] == '.' && start[1] == '.')
  89         {
  90           /* Back up to previous component, ignore if at root already.  */
  91           if (dest > rpath_root + 1)
  92             while ((--dest)[-1] != '/');
  93         }
  94       else
  95         {
  96           size_t new_size;
  97
  98           if (dest[-1] != '/')
  99             *dest++ = '/';
 100
 101           if (dest + (end - start) >= rpath_limit)
 102             {
 103               ptrdiff_t dest_offset = dest - rpath;
 104               char *new_rpath;
 105
 106               new_size = rpath_limit - rpath;
 107               if (end - start + 1 > PATH_MAX)
 108                 new_size += end - start + 1;
 109               else
 110                 new_size += PATH_MAX;
 111               new_rpath = (char *) realloc (rpath, new_size);
 112               if (new_rpath == NULL)
 113                 goto error;
 114               rpath = new_rpath;
 115               rpath_limit = rpath + new_size;
 116
 117               dest = rpath + dest_offset;
 118             }
 119
 120           dest = mempcpy (dest, start, end - start);
 121           *dest = '\0';
 122
 123           if (lstat64 (rpath, &st) < 0)
 124             {
 125               if (*end == '\0')
 126                 goto done;
 127               goto error;
 128             }
 129
 130           if (S_ISLNK (st.st_mode))
 131             {
 132               char *buf = alloca (PATH_MAX);
 133               size_t len;
 134
 135               if (++num_links > MAXSYMLINKS)
 136                 {
 137                   __set_errno (ELOOP);
 138                   goto error;
 139                 }
 140
 141               n = readlink (rpath, buf, PATH_MAX);
 142               if (n < 0)
 143                 {
 144                   if (*end == '\0')
 145                     goto done;
 146                   goto error;
 147                 }
 148               buf[n] = '\0';
 149
 150               if (!extra_buf)
 151                 extra_buf = alloca (PATH_MAX);
 152
 153               len = strlen (end);
 154               if ((long int) (n + len) >= PATH_MAX)
 155                 {
 156                   __set_errno (ENAMETOOLONG);
 157                   goto error;
 158                 }
 159
 160               /* Careful here, end may be a pointer into extra_buf... */
 161               memmove (&extra_buf[n], end, len + 1);
 162               name = end = memcpy (extra_buf, buf, n);
 163
 164               if (buf[0] == '/')
 165                 dest = rpath_root + 1;  /* It's an absolute symlink */
 166               else
 167                 /* Back up to previous component, ignore if at root already: */
 168                 if (dest > rpath_root + 1)
 169                   while ((--dest)[-1] != '/');
 170             }
 171         }
 172     }
 173  done:
 174   if (dest > rpath_root + 1 && dest[-1] == '/')
 175     --dest;
 176   *dest = '\0';
 177
 178   return rpath;
 179
 180  error:
 181   free (rpath);
 182   return NULL;
 183 }