Gitiles
Code Review Sign In
review.blissroms.org / platform_external_bash / refs/heads/n2 / . / examples / loadables / pathchk.c
blob: 6c510e185bfaa01d7d4516a826fa48e98f87be37 [file] [log] [blame]
Jari Aaltoccc6cda1996-12-23 17:02:34 +0000[diff] [blame]1/* pathchk - check pathnames for validity and portability */
2
3/* Usage: pathchk [-p] path ...
4
5 For each PATH, print a message if any of these conditions are false:
6 * all existing leading directories in PATH have search (execute) permission
7 * strlen (PATH) <= PATH_MAX
8 * strlen (each_directory_in_PATH) <= NAME_MAX
9
10 Exit status:
11 0 All PATH names passed all of the tests.
12 1 An error occurred.
13
14 Options:
15 -p Instead of performing length checks on the
16 underlying filesystem, test the length of the
17 pathname and its components against the POSIX.1
18 minimum limits for portability, _POSIX_NAME_MAX
19 and _POSIX_PATH_MAX in 2.9.2. Also check that
20 the pathname contains no character not in the
21 portable filename character set. */
22
23/* See Makefile for compilation details. */
24
Jari Aalto31859422009-01-12 13:36:28 +0000[diff] [blame]25/*
26 Copyright (C) 1999-2009 Free Software Foundation, Inc.
27
28 This file is part of GNU Bash.
29 Bash is free software: you can redistribute it and/or modify
30 it under the terms of the GNU General Public License as published by
31 the Free Software Foundation, either version 3 of the License, or
32 (at your option) any later version.
33
34 Bash is distributed in the hope that it will be useful,
35 but WITHOUT ANY WARRANTY; without even the implied warranty of
36 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
37 GNU General Public License for more details.
38
39 You should have received a copy of the GNU General Public License
40 along with Bash. If not, see <http://www.gnu.org/licenses/>.
41*/
42
Jari Aaltoccc6cda1996-12-23 17:02:34 +0000[diff] [blame]43#include <config.h>
44
45#include <sys/types.h>
46#include "posixstat.h"
47
48#if defined (HAVE_UNISTD_H)
49# include <unistd.h>
50#endif
51
52#if defined (HAVE_LIMITS_H)
53# include <limits.h>
54#endif
55
56#include "bashansi.h"
57
58#include <stdio.h>
59#include <errno.h>
60
61#include "builtins.h"
62#include "shell.h"
63#include "stdc.h"
64#include "bashgetopt.h"
65#include "maxpath.h"
Jari Aalto31859422009-01-12 13:36:28 +0000[diff] [blame]66#include "common.h"
Jari Aaltoccc6cda1996-12-23 17:02:34 +0000[diff] [blame]67
68#if !defined (errno)
Ricardo Cerqueiraa02fbff2013-07-25 22:35:34 +0100[diff] [blame]69#include <errno.h>
Jari Aaltoccc6cda1996-12-23 17:02:34 +0000[diff] [blame]70#endif
71
72#if !defined (_POSIX_PATH_MAX)
73# define _POSIX_PATH_MAX 255
74#endif
75#if !defined (_POSIX_NAME_MAX)
76# define _POSIX_NAME_MAX 14
77#endif
78
79/* How do we get PATH_MAX? */
80#if defined (_POSIX_VERSION) && !defined (PATH_MAX)
81# define PATH_MAX_FOR(p) pathconf ((p), _PC_PATH_MAX)
82#endif
83
84/* How do we get NAME_MAX? */
85#if defined (_POSIX_VERSION) && !defined (NAME_MAX)
86# define NAME_MAX_FOR(p) pathconf ((p), _PC_NAME_MAX)
87#endif
88
89#if !defined (PATH_MAX_FOR)
90# define PATH_MAX_FOR(p) PATH_MAX
91#endif
92
93#if !defined (NAME_MAX_FOR)
94# define NAME_MAX_FOR(p) NAME_MAX
95#endif
96
97extern char *strerror ();
98
99static int validate_path ();
100
101pathchk_builtin (list)
102 WORD_LIST *list;
103{
104 int retval, pflag, opt;
105
106 reset_internal_getopt ();
107 while ((opt = internal_getopt (list, "p")) != -1)
108 {
109 switch (opt)
110 {
111 case 'p':
112 pflag = 1;
113 break;
114 default:
115 builtin_usage ();
116 return (EX_USAGE);
117 }
118 }
119 list = loptend;
120
121 if (list == 0)
122 {
123 builtin_usage ();
124 return (EX_USAGE);
125 }
126
127 for (retval = 0; list; list = list->next)
128 retval |= validate_path (list->word->word, pflag);
129
130 return (retval ? EXECUTION_FAILURE : EXECUTION_SUCCESS);
131}
132
133char *pathchk_doc[] = {
Jari Aalto31859422009-01-12 13:36:28 +0000[diff] [blame]134 "Check pathnames for validity.",
135 "",
Jari Aaltoccc6cda1996-12-23 17:02:34 +0000[diff] [blame]136 "Check each pathname argument for validity (i.e., it may be used to",
137 "create or access a file without casuing syntax errors) and portability",
138 "(i.e., no filename truncation will result). If the `-p' option is",
139 "supplied, more extensive portability checks are performed.",
140 (char *)NULL
141};
142
143/* The standard structure describing a builtin command. bash keeps an array
144 of these structures. */
145struct builtin pathchk_struct = {
146 "pathchk", /* builtin name */
147 pathchk_builtin, /* function implementing the builtin */
148 BUILTIN_ENABLED, /* initial flags for builtin */
149 pathchk_doc, /* array of long documentation strings. */
150 "pathchk [-p] pathname ...", /* usage synopsis */
151 0 /* reserved for internal use */
152};
153
154/* The remainder of this file is stolen shamelessly from `pathchk.c' in
155 the sh-utils-1.12 distribution, by
156
157 David MacKenzie <djm@gnu.ai.mit.edu>
158 and Jim Meyering <meyering@cs.utexas.edu> */
159
160/* Each element is nonzero if the corresponding ASCII character is
161 in the POSIX portable character set, and zero if it is not.
162 In addition, the entry for `/' is nonzero to simplify checking. */
163static char const portable_chars[256] =
164{
165 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0-15 */
166 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 16-31 */
167 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, /* 32-47 */
168 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, /* 48-63 */
169 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* 64-79 */
170 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, /* 80-95 */
171 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* 96-111 */
172 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, /* 112-127 */
173 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
174 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
175 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
176 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
177 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
178 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
179 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
180 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
181};
182
183/* If PATH contains only portable characters, return 1, else 0. */
184
185static int
186portable_chars_only (path)
187 const char *path;
188{
189 const char *p;
190
191 for (p = path; *p; ++p)
192 if (portable_chars[(const unsigned char) *p] == 0)
193 {
Jari Aaltob72432f1999-02-19 17:11:39 +0000[diff] [blame]194 builtin_error ("path `%s' contains nonportable character `%c'", path, *p);
Jari Aaltoccc6cda1996-12-23 17:02:34 +0000[diff] [blame]195 return 0;
196 }
197 return 1;
198}
199
200/* On some systems, stat can return EINTR. */
201
202#ifndef EINTR
203# define SAFE_STAT(name, buf) stat (name, buf)
204#else
205# define SAFE_STAT(name, buf) safe_stat (name, buf)
206static inline int
207safe_stat (name, buf)
208 const char *name;
209 struct stat *buf;
210{
211 int ret;
212
213 do
214 ret = stat (name, buf);
215 while (ret < 0 && errno == EINTR);
216
217 return ret;
218}
219#endif
220
221/* Return 1 if PATH is a usable leading directory, 0 if not,
222 2 if it doesn't exist. */
223
224static int
225dir_ok (path)
226 const char *path;
227{
228 struct stat stats;
229
230 if (SAFE_STAT (path, &stats))
231 return 2;
232
233 if (!S_ISDIR (stats.st_mode))
234 {
Jari Aaltob72432f1999-02-19 17:11:39 +0000[diff] [blame]235 builtin_error ("`%s' is not a directory", path);
Jari Aaltoccc6cda1996-12-23 17:02:34 +0000[diff] [blame]236 return 0;
237 }
238
239 /* Use access to test for search permission because
240 testing permission bits of st_mode can lose with new
241 access control mechanisms. Of course, access loses if you're
242 running setuid. */
243 if (access (path, X_OK) != 0)
244 {
245 if (errno == EACCES)
246 builtin_error ("directory `%s' is not searchable", path);
247 else
248 builtin_error ("%s: %s", path, strerror (errno));
249 return 0;
250 }
251
252 return 1;
253}
254
255static char *
256xstrdup (s)
257 char *s;
258{
259 return (savestring (s));
260}
261
262/* Make sure that
263 strlen (PATH) <= PATH_MAX
264 && strlen (each-existing-directory-in-PATH) <= NAME_MAX
265
266 If PORTABILITY is nonzero, compare against _POSIX_PATH_MAX and
267 _POSIX_NAME_MAX instead, and make sure that PATH contains no
268 characters not in the POSIX portable filename character set, which
269 consists of A-Z, a-z, 0-9, ., _, -.
270
271 Make sure that all leading directories along PATH that exist have
272 `x' permission.
273
274 Return 0 if all of these tests are successful, 1 if any fail. */
275
276static int
277validate_path (path, portability)
278 char *path;
279 int portability;
280{
281 int path_max;
282 int last_elem; /* Nonzero if checking last element of path. */
283 int exists; /* 2 if the path element exists. */
284 char *slash;
285 char *parent; /* Last existing leading directory so far. */
286
287 if (portability && !portable_chars_only (path))
288 return 1;
289
290 if (*path == '\0')
291 return 0;
292
293#ifdef lint
294 /* Suppress `used before initialized' warning. */
295 exists = 0;
296#endif
297
298 /* Figure out the parent of the first element in PATH. */
299 parent = xstrdup (*path == '/' ? "/" : ".");
300
301 slash = path;
302 last_elem = 0;
303 while (1)
304 {
305 int name_max;
306 int length; /* Length of partial path being checked. */
307 char *start; /* Start of path element being checked. */
308
309 /* Find the end of this element of the path.
310 Then chop off the rest of the path after this element. */
311 while (*slash == '/')
312 slash++;
313 start = slash;
314 slash = strchr (slash, '/');
315 if (slash != NULL)
316 *slash = '\0';
317 else
318 {
319 last_elem = 1;
320 slash = strchr (start, '\0');
321 }
322
323 if (!last_elem)
324 {
325 exists = dir_ok (path);
326 if (dir_ok == 0)
327 {
328 free (parent);
329 return 1;
330 }
331 }
332
333 length = slash - start;
334 /* Since we know that `parent' is a directory, it's ok to call
335 pathconf with it as the argument. (If `parent' isn't a directory
336 or doesn't exist, the behavior of pathconf is undefined.)
337 But if `parent' is a directory and is on a remote file system,
338 it's likely that pathconf can't give us a reasonable value
339 and will return -1. (NFS and tempfs are not POSIX . . .)
340 In that case, we have no choice but to assume the pessimal
341 POSIX minimums. */
342 name_max = portability ? _POSIX_NAME_MAX : NAME_MAX_FOR (parent);
343 if (name_max < 0)
344 name_max = _POSIX_NAME_MAX;
345 if (length > name_max)
346 {
Jari Aaltob72432f1999-02-19 17:11:39 +0000[diff] [blame]347 builtin_error ("name `%s' has length %d; exceeds limit of %d",
Jari Aaltoccc6cda1996-12-23 17:02:34 +0000[diff] [blame]348 start, length, name_max);
349 free (parent);
350 return 1;
351 }
352
353 if (last_elem)
354 break;
355
356 if (exists == 1)
357 {
358 free (parent);
359 parent = xstrdup (path);
360 }
361
362 *slash++ = '/';
363 }
364
365 /* `parent' is now the last existing leading directory in the whole path,
366 so it's ok to call pathconf with it as the argument. */
367 path_max = portability ? _POSIX_PATH_MAX : PATH_MAX_FOR (parent);
368 if (path_max < 0)
369 path_max = _POSIX_PATH_MAX;
370 free (parent);
371 if (strlen (path) > path_max)
372 {
Jari Aaltob72432f1999-02-19 17:11:39 +0000[diff] [blame]373 builtin_error ("path `%s' has length %d; exceeds limit of %d",
Jari Aaltoccc6cda1996-12-23 17:02:34 +0000[diff] [blame]374 path, strlen (path), path_max);
375 return 1;
376 }
377
378 return 0;
379}