execute, spawn-pipe: Make multithread-safe on native Windows.
[gnulib.git] / lib / canonicalize.c
blob1fb3878ef2a8ffe6f99c3d3ca774a542a08ef56b
1 /* Return the canonical absolute name of a given file.
2 Copyright (C) 1996-2020 Free Software Foundation, Inc.
4 This program is free software: you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; either version 3 of the License, or
7 (at your option) any later version.
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <https://www.gnu.org/licenses/>. */
17 #include <config.h>
19 #include "canonicalize.h"
21 #include <errno.h>
22 #include <stdlib.h>
23 #include <string.h>
24 #include <sys/stat.h>
25 #include <unistd.h>
27 #include "areadlink.h"
28 #include "file-set.h"
29 #include "hash-triple.h"
30 #include "pathmax.h"
31 #include "xalloc.h"
32 #include "xgetcwd.h"
33 #include "filename.h"
35 #define MULTIPLE_BITS_SET(i) (((i) & ((i) - 1)) != 0)
37 /* In this file, we cannot handle file names longer than PATH_MAX.
38 On systems with no file name length limit, use a fallback. */
39 #ifndef PATH_MAX
40 # define PATH_MAX 8192
41 #endif
43 #ifndef DOUBLE_SLASH_IS_DISTINCT_ROOT
44 # define DOUBLE_SLASH_IS_DISTINCT_ROOT 0
45 #endif
47 #if ISSLASH ('\\')
48 # define SLASHES "/\\"
49 #else
50 # define SLASHES "/"
51 #endif
53 #if !((HAVE_CANONICALIZE_FILE_NAME && FUNC_REALPATH_WORKS) \
54 || GNULIB_CANONICALIZE_LGPL)
55 /* Return the canonical absolute name of file NAME. A canonical name
56 does not contain any ".", ".." components nor any repeated file name
57 separators ('/') or symlinks. All components must exist.
58 The result is malloc'd. */
60 char *
61 canonicalize_file_name (const char *name)
63 return canonicalize_filename_mode (name, CAN_EXISTING);
65 #endif /* !HAVE_CANONICALIZE_FILE_NAME */
67 /* Return true if we've already seen the triple, <FILENAME, dev, ino>.
68 If *HT is not initialized, initialize it. */
69 static bool
70 seen_triple (Hash_table **ht, char const *filename, struct stat const *st)
72 if (*ht == NULL)
74 size_t initial_capacity = 7;
75 *ht = hash_initialize (initial_capacity,
76 NULL,
77 triple_hash,
78 triple_compare_ino_str,
79 triple_free);
80 if (*ht == NULL)
81 xalloc_die ();
84 if (seen_file (*ht, filename, st))
85 return true;
87 record_file (*ht, filename, st);
88 return false;
91 /* Return the canonical absolute name of file NAME, while treating
92 missing elements according to CAN_MODE. A canonical name
93 does not contain any ".", ".." components nor any repeated file name
94 separators ('/') or, depending on other CAN_MODE flags, symlinks.
95 Whether components must exist or not depends on canonicalize mode.
96 The result is malloc'd. */
98 char *
99 canonicalize_filename_mode (const char *name, canonicalize_mode_t can_mode)
101 char *rname, *dest, *extra_buf = NULL;
102 char const *start;
103 char const *end;
104 char const *rname_limit;
105 size_t extra_len = 0;
106 Hash_table *ht = NULL;
107 int saved_errno;
108 int can_flags = can_mode & ~CAN_MODE_MASK;
109 bool logical = can_flags & CAN_NOLINKS;
110 size_t prefix_len;
112 can_mode &= CAN_MODE_MASK;
114 if (MULTIPLE_BITS_SET (can_mode))
116 errno = EINVAL;
117 return NULL;
120 if (name == NULL)
122 errno = EINVAL;
123 return NULL;
126 if (name[0] == '\0')
128 errno = ENOENT;
129 return NULL;
132 /* This is always zero for Posix hosts, but can be 2 for MS-Windows
133 and MS-DOS X:/foo/bar file names. */
134 prefix_len = FILE_SYSTEM_PREFIX_LEN (name);
136 if (!IS_ABSOLUTE_FILE_NAME (name))
138 rname = xgetcwd ();
139 if (!rname)
140 return NULL;
141 size_t rnamelen = strlen (rname);
142 size_t rnamesize = rnamelen; /* Lower bound on size; good enough. */
143 if (rnamesize < PATH_MAX)
145 rnamesize = PATH_MAX;
146 rname = xrealloc (rname, rnamesize);
148 dest = rname + rnamelen;
149 rname_limit = rname + rnamesize;
150 start = name;
151 prefix_len = FILE_SYSTEM_PREFIX_LEN (rname);
153 else
155 rname = xmalloc (PATH_MAX);
156 rname_limit = rname + PATH_MAX;
157 dest = rname;
158 if (prefix_len)
160 memcpy (rname, name, prefix_len);
161 dest += prefix_len;
163 *dest++ = '/';
164 if (DOUBLE_SLASH_IS_DISTINCT_ROOT)
166 if (prefix_len == 0 /* implies ISSLASH (name[0]) */
167 && ISSLASH (name[1]) && !ISSLASH (name[2]))
169 *dest++ = '/';
170 #if defined _WIN32 && !defined __CYGWIN__
171 /* For UNC file names '\\server\path\to\file', extend the prefix
172 to include the server: '\\server\'. */
174 size_t i;
175 for (i = 2; name[i] != '\0' && !ISSLASH (name[i]); )
176 i++;
177 if (name[i] != '\0' /* implies ISSLASH (name[i]) */
178 && i + 1 < rname_limit - rname)
180 prefix_len = i;
181 memcpy (dest, name + 2, i - 2 + 1);
182 dest += i - 2 + 1;
184 else
186 /* Either name = '\\server'; this is an invalid file name.
187 Or name = '\\server\...' and server is more than
188 PATH_MAX - 4 bytes long. In either case, stop the UNC
189 processing. */
192 #endif
194 *dest = '\0';
196 start = name + prefix_len;
199 for ( ; *start; start = end)
201 /* Skip sequence of multiple file name separators. */
202 while (ISSLASH (*start))
203 ++start;
205 /* Find end of component. */
206 for (end = start; *end && !ISSLASH (*end); ++end)
207 /* Nothing. */;
209 if (end - start == 0)
210 break;
211 else if (end - start == 1 && start[0] == '.')
212 /* nothing */;
213 else if (end - start == 2 && start[0] == '.' && start[1] == '.')
215 /* Back up to previous component, ignore if at root already. */
216 if (dest > rname + prefix_len + 1)
217 for (--dest; dest > rname && !ISSLASH (dest[-1]); --dest)
218 continue;
219 if (DOUBLE_SLASH_IS_DISTINCT_ROOT && dest == rname + 1
220 && !prefix_len && ISSLASH (*dest) && !ISSLASH (dest[1]))
221 dest++;
223 else
225 struct stat st;
227 if (!ISSLASH (dest[-1]))
228 *dest++ = '/';
230 if (rname_limit - dest <= end - start)
232 ptrdiff_t dest_offset = dest - rname;
233 size_t new_size = rname_limit - rname;
235 if (end - start + 1 > PATH_MAX)
236 new_size += end - start + 1;
237 else
238 new_size += PATH_MAX;
239 rname = xrealloc (rname, new_size);
240 rname_limit = rname + new_size;
242 dest = rname + dest_offset;
245 dest = memcpy (dest, start, end - start);
246 dest += end - start;
247 *dest = '\0';
249 if (logical && (can_mode == CAN_MISSING))
251 /* Avoid the stat in this case as it's inconsequential.
252 i.e. we're neither resolving symlinks or testing
253 component existence. */
254 st.st_mode = 0;
256 else if ((logical ? stat (rname, &st) : lstat (rname, &st)) != 0)
258 /* FIXME: If errno == EOVERFLOW here, the entry exists. */
259 saved_errno = errno;
260 if (can_mode == CAN_EXISTING)
261 goto error;
262 if (can_mode == CAN_ALL_BUT_LAST)
264 if (end[strspn (end, SLASHES)] || saved_errno != ENOENT)
265 goto error;
266 continue;
268 st.st_mode = 0;
271 if (S_ISLNK (st.st_mode))
273 char *buf;
274 size_t n, len;
276 /* Detect loops. We cannot use the cycle-check module here,
277 since it's actually possible to encounter the same symlink
278 more than once in a given traversal. However, encountering
279 the same symlink,NAME pair twice does indicate a loop. */
280 if (seen_triple (&ht, name, &st))
282 if (can_mode == CAN_MISSING)
283 continue;
284 saved_errno = ELOOP;
285 goto error;
288 buf = areadlink_with_size (rname, st.st_size);
289 if (!buf)
291 if (can_mode == CAN_MISSING && errno != ENOMEM)
292 continue;
293 saved_errno = errno;
294 goto error;
297 n = strlen (buf);
298 len = strlen (end);
300 if (!extra_len)
302 extra_len =
303 ((n + len + 1) > PATH_MAX) ? (n + len + 1) : PATH_MAX;
304 extra_buf = xmalloc (extra_len);
306 else if ((n + len + 1) > extra_len)
308 extra_len = n + len + 1;
309 extra_buf = xrealloc (extra_buf, extra_len);
312 /* Careful here, end may be a pointer into extra_buf... */
313 memmove (&extra_buf[n], end, len + 1);
314 name = end = memcpy (extra_buf, buf, n);
316 if (IS_ABSOLUTE_FILE_NAME (buf))
318 size_t pfxlen = FILE_SYSTEM_PREFIX_LEN (buf);
320 if (pfxlen)
321 memcpy (rname, buf, pfxlen);
322 dest = rname + pfxlen;
323 *dest++ = '/'; /* It's an absolute symlink */
324 if (DOUBLE_SLASH_IS_DISTINCT_ROOT)
326 if (ISSLASH (buf[1]) && !ISSLASH (buf[2]) && !pfxlen)
327 *dest++ = '/';
328 *dest = '\0';
330 /* Install the new prefix to be in effect hereafter. */
331 prefix_len = pfxlen;
333 else
335 /* Back up to previous component, ignore if at root
336 already: */
337 if (dest > rname + prefix_len + 1)
338 for (--dest; dest > rname && !ISSLASH (dest[-1]); --dest)
339 continue;
340 if (DOUBLE_SLASH_IS_DISTINCT_ROOT && dest == rname + 1
341 && ISSLASH (*dest) && !ISSLASH (dest[1]) && !prefix_len)
342 dest++;
345 free (buf);
347 else
349 if (!S_ISDIR (st.st_mode) && *end && (can_mode != CAN_MISSING))
351 saved_errno = ENOTDIR;
352 goto error;
357 if (dest > rname + prefix_len + 1 && ISSLASH (dest[-1]))
358 --dest;
359 if (DOUBLE_SLASH_IS_DISTINCT_ROOT && dest == rname + 1 && !prefix_len
360 && ISSLASH (*dest) && !ISSLASH (dest[1]))
361 dest++;
362 *dest = '\0';
363 if (rname_limit != dest + 1)
364 rname = xrealloc (rname, dest - rname + 1);
366 free (extra_buf);
367 if (ht)
368 hash_free (ht);
369 return rname;
371 error:
372 free (extra_buf);
373 free (rname);
374 if (ht)
375 hash_free (ht);
376 errno = saved_errno;
377 return NULL;