1 /* Miscellaneous functions, not really specific to GNU tar.
2
3 Copyright 1988-2021 Free Software Foundation, Inc.
4
5 This program is free software; you can redistribute it and/or modify it
6 under the terms of the GNU General Public License as published by the
7 Free Software Foundation; either version 3, or (at your option) any later
8 version.
9
10 This program is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
13 Public License for more details.
14
15 You should have received a copy of the GNU General Public License along
16 with this program. If not, see <http://www.gnu.org/licenses/>. */
17
18 #define COMMON_INLINE _GL_EXTERN_INLINE
19 #include <system.h>
20 #include <rmt.h>
21 #include "common.h"
22 #include <quotearg.h>
23 #include <xgetcwd.h>
24 #include <unlinkdir.h>
25 #include <utimens.h>
26
27 #ifndef DOUBLE_SLASH_IS_DISTINCT_ROOT
28 # define DOUBLE_SLASH_IS_DISTINCT_ROOT 0
29 #endif
30
31 static void namebuf_add_dir (namebuf_t, char const *);
32 static char *namebuf_finish (namebuf_t);
33 static const char *tar_getcdpath (int);
34
35 char const *
quote_n_colon(int n,char const * arg)36 quote_n_colon (int n, char const *arg)
37 {
38 return quotearg_n_style_colon (n, get_quoting_style (NULL), arg);
39 }
40
41 /* Handling strings. */
42
43 /* Assign STRING to a copy of VALUE if not zero, or to zero. If
44 STRING was nonzero, it is freed first. */
45 void
assign_string(char ** string,const char * value)46 assign_string (char **string, const char *value)
47 {
48 free (*string);
49 *string = value ? xstrdup (value) : 0;
50 }
51
52 void
assign_string_n(char ** string,const char * value,size_t n)53 assign_string_n (char **string, const char *value, size_t n)
54 {
55 free (*string);
56 if (value)
57 {
58 size_t l = strnlen (value, n);
59 char *p = xmalloc (l + 1);
60 memcpy (p, value, l);
61 p[l] = 0;
62 *string = p;
63 }
64 }
65
66 #if 0
67 /* This function is currently unused; perhaps it should be removed? */
68
69 /* Allocate a copy of the string quoted as in C, and returns that. If
70 the string does not have to be quoted, it returns a null pointer.
71 The allocated copy should normally be freed with free() after the
72 caller is done with it.
73
74 This is used in one context only: generating the directory file in
75 incremental dumps. The quoted string is not intended for human
76 consumption; it is intended only for unquote_string. The quoting
77 is locale-independent, so that users needn't worry about locale
78 when reading directory files. This means that we can't use
79 quotearg, as quotearg is locale-dependent and is meant for human
80 consumption. */
81 static char *
82 quote_copy_string (const char *string)
83 {
84 const char *source = string;
85 char *destination = 0;
86 char *buffer = 0;
87 int copying = 0;
88
89 while (*source)
90 {
91 int character = *source++;
92
93 switch (character)
94 {
95 case '\n': case '\\':
96 if (!copying)
97 {
98 size_t length = (source - string) - 1;
99
100 copying = 1;
101 buffer = xmalloc (length + 2 + 2 * strlen (source) + 1);
102 memcpy (buffer, string, length);
103 destination = buffer + length;
104 }
105 *destination++ = '\\';
106 *destination++ = character == '\\' ? '\\' : 'n';
107 break;
108
109 default:
110 if (copying)
111 *destination++ = character;
112 break;
113 }
114 }
115 if (copying)
116 {
117 *destination = '\0';
118 return buffer;
119 }
120 return 0;
121 }
122 #endif
123
124 /* Takes a quoted C string (like those produced by quote_copy_string)
125 and turns it back into the un-quoted original. This is done in
126 place. Returns 0 only if the string was not properly quoted, but
127 completes the unquoting anyway.
128
129 This is used for reading the saved directory file in incremental
130 dumps. It is used for decoding old 'N' records (demangling names).
131 But also, it is used for decoding file arguments, would they come
132 from the shell or a -T file, and for decoding the --exclude
133 argument. */
134 int
unquote_string(char * string)135 unquote_string (char *string)
136 {
137 int result = 1;
138 char *source = string;
139 char *destination = string;
140
141 /* Escape sequences other than \\ and \n are no longer generated by
142 quote_copy_string, but accept them for backwards compatibility,
143 and also because unquote_string is used for purposes other than
144 parsing the output of quote_copy_string. */
145
146 while (*source)
147 if (*source == '\\')
148 switch (*++source)
149 {
150 case '\\':
151 *destination++ = '\\';
152 source++;
153 break;
154
155 case 'a':
156 *destination++ = '\a';
157 source++;
158 break;
159
160 case 'b':
161 *destination++ = '\b';
162 source++;
163 break;
164
165 case 'f':
166 *destination++ = '\f';
167 source++;
168 break;
169
170 case 'n':
171 *destination++ = '\n';
172 source++;
173 break;
174
175 case 'r':
176 *destination++ = '\r';
177 source++;
178 break;
179
180 case 't':
181 *destination++ = '\t';
182 source++;
183 break;
184
185 case 'v':
186 *destination++ = '\v';
187 source++;
188 break;
189
190 case '?':
191 *destination++ = 0177;
192 source++;
193 break;
194
195 case '0':
196 case '1':
197 case '2':
198 case '3':
199 case '4':
200 case '5':
201 case '6':
202 case '7':
203 {
204 int value = *source++ - '0';
205
206 if (*source < '0' || *source > '7')
207 {
208 *destination++ = value;
209 break;
210 }
211 value = value * 8 + *source++ - '0';
212 if (*source < '0' || *source > '7')
213 {
214 *destination++ = value;
215 break;
216 }
217 value = value * 8 + *source++ - '0';
218 *destination++ = value;
219 break;
220 }
221
222 default:
223 result = 0;
224 *destination++ = '\\';
225 if (*source)
226 *destination++ = *source++;
227 break;
228 }
229 else if (source != destination)
230 *destination++ = *source++;
231 else
232 source++, destination++;
233
234 if (source != destination)
235 *destination = '\0';
236 return result;
237 }
238
239 /* Zap trailing slashes. */
240 char *
zap_slashes(char * name)241 zap_slashes (char *name)
242 {
243 char *q;
244
245 if (!name || *name == 0)
246 return name;
247 q = name + strlen (name) - 1;
248 while (q > name && ISSLASH (*q))
249 *q-- = '\0';
250 return name;
251 }
252
253 /* Normalize FILE_NAME by removing redundant slashes and "."
254 components, including redundant trailing slashes.
255 Leave ".." alone, as it may be significant in the presence
256 of symlinks and on platforms where "/.." != "/".
257
258 Destructive version: modifies its argument. */
259 void
normalize_filename_x(char * file_name)260 normalize_filename_x (char *file_name)
261 {
262 char *name = file_name + FILE_SYSTEM_PREFIX_LEN (file_name);
263 char *p;
264 char const *q;
265 char c;
266
267 /* Don't squeeze leading "//" to "/", on hosts where they're distinct. */
268 name += (DOUBLE_SLASH_IS_DISTINCT_ROOT
269 && ISSLASH (*name) && ISSLASH (name[1]) && ! ISSLASH (name[2]));
270
271 /* Omit redundant leading "." components. */
272 for (q = p = name; (*p = *q) == '.' && ISSLASH (q[1]); p += !*q)
273 for (q += 2; ISSLASH (*q); q++)
274 continue;
275
276 /* Copy components from Q to P, omitting redundant slashes and
277 internal "." components. */
278 while ((*p++ = c = *q++) != '\0')
279 if (ISSLASH (c))
280 while (ISSLASH (q[*q == '.']))
281 q += (*q == '.') + 1;
282
283 /* Omit redundant trailing "." component and slash. */
284 if (2 < p - name)
285 {
286 p -= p[-2] == '.' && ISSLASH (p[-3]);
287 p -= 2 < p - name && ISSLASH (p[-2]);
288 p[-1] = '\0';
289 }
290 }
291
292 /* Normalize NAME by removing redundant slashes and "." components,
293 including redundant trailing slashes.
294
295 Return a normalized newly-allocated copy. */
296
297 char *
normalize_filename(int cdidx,const char * name)298 normalize_filename (int cdidx, const char *name)
299 {
300 char *copy = NULL;
301
302 if (IS_RELATIVE_FILE_NAME (name))
303 {
304 /* Set COPY to the absolute path for this name.
305
306 FIXME: There should be no need to get the absolute file name.
307 tar_getcdpath does not return a true "canonical" path, so
308 this following approach may lead to situations where the same
309 file or directory is processed twice under different absolute
310 paths without that duplication being detected. Perhaps we
311 should use dev+ino pairs instead of names? (See listed03.at for
312 a related test case.) */
313 const char *cdpath = tar_getcdpath (cdidx);
314 size_t copylen;
315 bool need_separator;
316
317 copylen = strlen (cdpath);
318 need_separator = ! (DOUBLE_SLASH_IS_DISTINCT_ROOT
319 && copylen == 2 && ISSLASH (cdpath[1]));
320 copy = xmalloc (copylen + need_separator + strlen (name) + 1);
321 strcpy (copy, cdpath);
322 copy[copylen] = DIRECTORY_SEPARATOR;
323 strcpy (copy + copylen + need_separator, name);
324 }
325
326 if (!copy)
327 copy = xstrdup (name);
328 normalize_filename_x (copy);
329 return copy;
330 }
331
332
333 void
replace_prefix(char ** pname,const char * samp,size_t slen,const char * repl,size_t rlen)334 replace_prefix (char **pname, const char *samp, size_t slen,
335 const char *repl, size_t rlen)
336 {
337 char *name = *pname;
338 size_t nlen = strlen (name);
339 if (nlen > slen && memcmp (name, samp, slen) == 0 && ISSLASH (name[slen]))
340 {
341 if (rlen > slen)
342 {
343 name = xrealloc (name, nlen - slen + rlen + 1);
344 *pname = name;
345 }
346 memmove (name + rlen, name + slen, nlen - slen + 1);
347 memcpy (name, repl, rlen);
348 }
349 }
350
351
352 /* Handling numbers. */
353
354 /* Convert VALUE, which is converted from a system integer type whose
355 minimum value is MINVAL and maximum MINVAL, to an decimal
356 integer string. Use the storage in BUF and return a pointer to the
357 converted string. If VALUE is converted from a negative integer in
358 the range MINVAL .. -1, represent it with a string representation
359 of the negative integer, using leading '-'. */
360 #if ! (INTMAX_MAX <= UINTMAX_MAX / 2)
361 # error "sysinttostr: uintmax_t cannot represent all intmax_t values"
362 #endif
363 char *
sysinttostr(uintmax_t value,intmax_t minval,uintmax_t maxval,char buf[SYSINT_BUFSIZE])364 sysinttostr (uintmax_t value, intmax_t minval, uintmax_t maxval,
365 char buf[SYSINT_BUFSIZE])
366 {
367 if (value <= maxval)
368 return umaxtostr (value, buf);
369 else
370 {
371 intmax_t i = value - minval;
372 return imaxtostr (i + minval, buf);
373 }
374 }
375
376 /* Convert a prefix of the string ARG to a system integer type whose
377 minimum value is MINVAL and maximum MAXVAL. If MINVAL is negative,
378 negative integers MINVAL .. -1 are assumed to be represented using
379 leading '-' in the usual way. If the represented value exceeds
380 INTMAX_MAX, return a negative integer V such that (uintmax_t) V
381 yields the represented value. If ARGLIM is nonnull, store into
382 *ARGLIM a pointer to the first character after the prefix.
383
384 This is the inverse of sysinttostr.
385
386 On a normal return, set errno = 0.
387 On conversion error, return 0 and set errno = EINVAL.
388 On overflow, return an extreme value and set errno = ERANGE. */
389 #if ! (INTMAX_MAX <= UINTMAX_MAX)
390 # error "strtosysint: nonnegative intmax_t does not fit in uintmax_t"
391 #endif
392 intmax_t
strtosysint(char const * arg,char ** arglim,intmax_t minval,uintmax_t maxval)393 strtosysint (char const *arg, char **arglim, intmax_t minval, uintmax_t maxval)
394 {
395 errno = 0;
396 if (maxval <= INTMAX_MAX)
397 {
398 if (ISDIGIT (arg[*arg == '-']))
399 {
400 intmax_t i = strtoimax (arg, arglim, 10);
401 intmax_t imaxval = maxval;
402 if (minval <= i && i <= imaxval)
403 return i;
404 errno = ERANGE;
405 return i < minval ? minval : maxval;
406 }
407 }
408 else
409 {
410 if (ISDIGIT (*arg))
411 {
412 uintmax_t i = strtoumax (arg, arglim, 10);
413 if (i <= maxval)
414 return represent_uintmax (i);
415 errno = ERANGE;
416 return maxval;
417 }
418 }
419
420 errno = EINVAL;
421 return 0;
422 }
423
424 /* Output fraction and trailing digits appropriate for a nanoseconds
425 count equal to NS, but don't output unnecessary '.' or trailing
426 zeros. */
427
428 void
code_ns_fraction(int ns,char * p)429 code_ns_fraction (int ns, char *p)
430 {
431 if (ns == 0)
432 *p = '\0';
433 else
434 {
435 int i = 9;
436 *p++ = '.';
437
438 while (ns % 10 == 0)
439 {
440 ns /= 10;
441 i--;
442 }
443
444 p[i] = '\0';
445
446 for (;;)
447 {
448 p[--i] = '0' + ns % 10;
449 if (i == 0)
450 break;
451 ns /= 10;
452 }
453 }
454 }
455
456 char const *
code_timespec(struct timespec t,char sbuf[TIMESPEC_STRSIZE_BOUND])457 code_timespec (struct timespec t, char sbuf[TIMESPEC_STRSIZE_BOUND])
458 {
459 time_t s = t.tv_sec;
460 int ns = t.tv_nsec;
461 char *np;
462 bool negative = s < 0;
463
464 /* ignore invalid values of ns */
465 if (BILLION <= ns || ns < 0)
466 ns = 0;
467
468 if (negative && ns != 0)
469 {
470 s++;
471 ns = BILLION - ns;
472 }
473
474 np = umaxtostr (negative ? - (uintmax_t) s : (uintmax_t) s, sbuf + 1);
475 if (negative)
476 *--np = '-';
477 code_ns_fraction (ns, sbuf + UINTMAX_STRSIZE_BOUND);
478 return np;
479 }
480
481 struct timespec
decode_timespec(char const * arg,char ** arg_lim,bool parse_fraction)482 decode_timespec (char const *arg, char **arg_lim, bool parse_fraction)
483 {
484 time_t s = TYPE_MINIMUM (time_t);
485 int ns = -1;
486 char const *p = arg;
487 bool negative = *arg == '-';
488 struct timespec r;
489
490 if (! ISDIGIT (arg[negative]))
491 errno = EINVAL;
492 else
493 {
494 errno = 0;
495
496 if (negative)
497 {
498 intmax_t i = strtoimax (arg, arg_lim, 10);
499 if (TYPE_SIGNED (time_t) ? TYPE_MINIMUM (time_t) <= i : 0 <= i)
500 s = i;
501 else
502 errno = ERANGE;
503 }
504 else
505 {
506 uintmax_t i = strtoumax (arg, arg_lim, 10);
507 if (i <= TYPE_MAXIMUM (time_t))
508 s = i;
509 else
510 errno = ERANGE;
511 }
512
513 p = *arg_lim;
514 ns = 0;
515
516 if (parse_fraction && *p == '.')
517 {
518 int digits = 0;
519 bool trailing_nonzero = false;
520
521 while (ISDIGIT (*++p))
522 if (digits < LOG10_BILLION)
523 digits++, ns = 10 * ns + (*p - '0');
524 else
525 trailing_nonzero |= *p != '0';
526
527 while (digits < LOG10_BILLION)
528 digits++, ns *= 10;
529
530 if (negative)
531 {
532 /* Convert "-1.10000000000001" to s == -2, ns == 89999999.
533 I.e., truncate time stamps towards minus infinity while
534 converting them to internal form. */
535 ns += trailing_nonzero;
536 if (ns != 0)
537 {
538 if (s == TYPE_MINIMUM (time_t))
539 ns = -1;
540 else
541 {
542 s--;
543 ns = BILLION - ns;
544 }
545 }
546 }
547 }
548
549 if (errno == ERANGE)
550 ns = -1;
551 }
552
553 *arg_lim = (char *) p;
554 r.tv_sec = s;
555 r.tv_nsec = ns;
556 return r;
557 }
558
559 /* File handling. */
560
561 /* Saved names in case backup needs to be undone. */
562 static char *before_backup_name;
563 static char *after_backup_name;
564
565 /* Return 1 if FILE_NAME is obviously "." or "/". */
566 bool
must_be_dot_or_slash(char const * file_name)567 must_be_dot_or_slash (char const *file_name)
568 {
569 file_name += FILE_SYSTEM_PREFIX_LEN (file_name);
570
571 if (ISSLASH (file_name[0]))
572 {
573 for (;;)
574 if (ISSLASH (file_name[1]))
575 file_name++;
576 else if (file_name[1] == '.'
577 && ISSLASH (file_name[2 + (file_name[2] == '.')]))
578 file_name += 2 + (file_name[2] == '.');
579 else
580 return ! file_name[1];
581 }
582 else
583 {
584 while (file_name[0] == '.' && ISSLASH (file_name[1]))
585 {
586 file_name += 2;
587 while (ISSLASH (*file_name))
588 file_name++;
589 }
590
591 return ! file_name[0] || (file_name[0] == '.' && ! file_name[1]);
592 }
593 }
594
595 /* Some implementations of rmdir let you remove '.' or '/'.
596 Report an error with errno set to zero for obvious cases of this;
597 otherwise call rmdir. */
598 static int
safer_rmdir(const char * file_name)599 safer_rmdir (const char *file_name)
600 {
601 if (must_be_dot_or_slash (file_name))
602 {
603 errno = 0;
604 return -1;
605 }
606
607 if (unlinkat (chdir_fd, file_name, AT_REMOVEDIR) == 0)
608 {
609 remove_delayed_set_stat (file_name);
610 return 0;
611 }
612 return -1;
613 }
614
615 /* Remove FILE_NAME, returning 1 on success. If FILE_NAME is a directory,
616 then if OPTION is RECURSIVE_REMOVE_OPTION is set remove FILE_NAME
617 recursively; otherwise, remove it only if it is empty. If FILE_NAME is
618 a directory that cannot be removed (e.g., because it is nonempty)
619 and if OPTION is WANT_DIRECTORY_REMOVE_OPTION, then return -1.
620 Return 0 on error, with errno set; if FILE_NAME is obviously the working
621 directory return zero with errno set to zero. */
622 int
remove_any_file(const char * file_name,enum remove_option option)623 remove_any_file (const char *file_name, enum remove_option option)
624 {
625 /* Try unlink first if we cannot unlink directories, as this saves
626 us a system call in the common case where we're removing a
627 non-directory. */
628 bool try_unlink_first = cannot_unlink_dir ();
629
630 if (try_unlink_first)
631 {
632 if (unlinkat (chdir_fd, file_name, 0) == 0)
633 return 1;
634
635 /* POSIX 1003.1-2001 requires EPERM when attempting to unlink a
636 directory without appropriate privileges, but many Linux
637 kernels return the more-sensible EISDIR. */
638 if (errno != EPERM && errno != EISDIR)
639 return 0;
640 }
641
642 if (safer_rmdir (file_name) == 0)
643 return 1;
644
645 switch (errno)
646 {
647 case ENOTDIR:
648 return !try_unlink_first && unlinkat (chdir_fd, file_name, 0) == 0;
649
650 case 0:
651 case EEXIST:
652 #if defined ENOTEMPTY && ENOTEMPTY != EEXIST
653 case ENOTEMPTY:
654 #endif
655 switch (option)
656 {
657 case ORDINARY_REMOVE_OPTION:
658 break;
659
660 case WANT_DIRECTORY_REMOVE_OPTION:
661 return -1;
662
663 case RECURSIVE_REMOVE_OPTION:
664 {
665 char *directory = tar_savedir (file_name, 0);
666 char const *entry;
667 size_t entrylen;
668
669 if (! directory)
670 return 0;
671
672 for (entry = directory;
673 (entrylen = strlen (entry)) != 0;
674 entry += entrylen + 1)
675 {
676 char *file_name_buffer = make_file_name (file_name, entry);
677 int r = remove_any_file (file_name_buffer,
678 RECURSIVE_REMOVE_OPTION);
679 int e = errno;
680 free (file_name_buffer);
681
682 if (! r)
683 {
684 free (directory);
685 errno = e;
686 return 0;
687 }
688 }
689
690 free (directory);
691 return safer_rmdir (file_name) == 0;
692 }
693 }
694 break;
695 }
696
697 return 0;
698 }
699
700 /* Check if FILE_NAME already exists and make a backup of it right now.
701 Return success (nonzero) only if the backup is either unneeded, or
702 successful. For now, directories are considered to never need
703 backup. If THIS_IS_THE_ARCHIVE is nonzero, this is the archive and
704 so, we do not have to backup block or character devices, nor remote
705 entities. */
706 bool
maybe_backup_file(const char * file_name,bool this_is_the_archive)707 maybe_backup_file (const char *file_name, bool this_is_the_archive)
708 {
709 struct stat file_stat;
710
711 assign_string (&before_backup_name, file_name);
712
713 /* A run situation may exist between Emacs or other GNU programs trying to
714 make a backup for the same file simultaneously. If theoretically
715 possible, real problems are unlikely. Doing any better would require a
716 convention, GNU-wide, for all programs doing backups. */
717
718 assign_string (&after_backup_name, 0);
719
720 /* Check if we really need to backup the file. */
721
722 if (this_is_the_archive && _remdev (file_name))
723 return true;
724
725 if (deref_stat (file_name, &file_stat) != 0)
726 {
727 if (errno == ENOENT)
728 return true;
729
730 stat_error (file_name);
731 return false;
732 }
733
734 if (S_ISDIR (file_stat.st_mode))
735 return true;
736
737 if (this_is_the_archive
738 && (S_ISBLK (file_stat.st_mode) || S_ISCHR (file_stat.st_mode)))
739 return true;
740
741 after_backup_name = find_backup_file_name (chdir_fd, file_name, backup_type);
742 if (! after_backup_name)
743 xalloc_die ();
744
745 if (renameat (chdir_fd, before_backup_name, chdir_fd, after_backup_name)
746 == 0)
747 {
748 if (verbose_option)
749 fprintf (stdlis, _("Renaming %s to %s\n"),
750 quote_n (0, before_backup_name),
751 quote_n (1, after_backup_name));
752 return true;
753 }
754 else
755 {
756 /* The backup operation failed. */
757 int e = errno;
758 ERROR ((0, e, _("%s: Cannot rename to %s"),
759 quotearg_colon (before_backup_name),
760 quote_n (1, after_backup_name)));
761 assign_string (&after_backup_name, 0);
762 return false;
763 }
764 }
765
766 /* Try to restore the recently backed up file to its original name.
767 This is usually only needed after a failed extraction. */
768 void
undo_last_backup(void)769 undo_last_backup (void)
770 {
771 if (after_backup_name)
772 {
773 if (renameat (chdir_fd, after_backup_name, chdir_fd, before_backup_name)
774 != 0)
775 {
776 int e = errno;
777 ERROR ((0, e, _("%s: Cannot rename to %s"),
778 quotearg_colon (after_backup_name),
779 quote_n (1, before_backup_name)));
780 }
781 if (verbose_option)
782 fprintf (stdlis, _("Renaming %s back to %s\n"),
783 quote_n (0, after_backup_name),
784 quote_n (1, before_backup_name));
785 assign_string (&after_backup_name, 0);
786 }
787 }
788
789 /* Apply either stat or lstat to (NAME, BUF), depending on the
790 presence of the --dereference option. NAME is relative to the
791 most-recent argument to chdir_do. */
792 int
deref_stat(char const * name,struct stat * buf)793 deref_stat (char const *name, struct stat *buf)
794 {
795 return fstatat (chdir_fd, name, buf, fstatat_flags);
796 }
797
798 /* Read from FD into the buffer BUF with COUNT bytes. Attempt to fill
799 BUF. Wait until input is available; this matters because files are
800 opened O_NONBLOCK for security reasons, and on some file systems
801 this can cause read to fail with errno == EAGAIN. Return the
802 actual number of bytes read, zero for EOF, or
803 SAFE_READ_ERROR upon error. */
804 size_t
blocking_read(int fd,void * buf,size_t count)805 blocking_read (int fd, void *buf, size_t count)
806 {
807 size_t bytes = safe_read (fd, buf, count);
808
809 #if defined F_SETFL && O_NONBLOCK
810 if (bytes == SAFE_READ_ERROR && errno == EAGAIN)
811 {
812 int flags = fcntl (fd, F_GETFL);
813 if (0 <= flags && flags & O_NONBLOCK
814 && fcntl (fd, F_SETFL, flags & ~O_NONBLOCK) != -1)
815 bytes = safe_read (fd, buf, count);
816 }
817 #endif
818
819 return bytes;
820 }
821
822 /* Write to FD from the buffer BUF with COUNT bytes. Do a full write.
823 Wait until an output buffer is available; this matters because
824 files are opened O_NONBLOCK for security reasons, and on some file
825 systems this can cause write to fail with errno == EAGAIN. Return
826 the actual number of bytes written, setting errno if that is less
827 than COUNT. */
828 size_t
blocking_write(int fd,void const * buf,size_t count)829 blocking_write (int fd, void const *buf, size_t count)
830 {
831 size_t bytes = full_write (fd, buf, count);
832
833 #if defined F_SETFL && O_NONBLOCK
834 if (bytes < count && errno == EAGAIN)
835 {
836 int flags = fcntl (fd, F_GETFL);
837 if (0 <= flags && flags & O_NONBLOCK
838 && fcntl (fd, F_SETFL, flags & ~O_NONBLOCK) != -1)
839 {
840 char const *buffer = buf;
841 bytes += full_write (fd, buffer + bytes, count - bytes);
842 }
843 }
844 #endif
845
846 return bytes;
847 }
848
849 /* Set FD's (i.e., assuming the working directory is PARENTFD, FILE's)
850 access time to ATIME. */
851 int
set_file_atime(int fd,int parentfd,char const * file,struct timespec atime)852 set_file_atime (int fd, int parentfd, char const *file, struct timespec atime)
853 {
854 struct timespec ts[2];
855 ts[0] = atime;
856 ts[1].tv_nsec = UTIME_OMIT;
857 return fdutimensat (fd, parentfd, file, ts, fstatat_flags);
858 }
859
860 /* A description of a working directory. */
861 struct wd
862 {
863 /* The directory's name. */
864 char const *name;
865 /* "Absolute" path representing this directory; in the contrast to
866 the real absolute pathname, it can contain /../ components (see
867 normalize_filename_x for the reason of it). It is NULL if the
868 absolute path could not be determined. */
869 char *abspath;
870 /* If nonzero, the file descriptor of the directory, or AT_FDCWD if
871 the working directory. If zero, the directory needs to be opened
872 to be used. */
873 int fd;
874 };
875
876 /* A vector of chdir targets. wd[0] is the initial working directory. */
877 static struct wd *wd;
878
879 /* The number of working directories in the vector. */
880 static size_t wd_count;
881
882 /* The allocated size of the vector. */
883 static size_t wd_alloc;
884
885 /* The maximum number of chdir targets with open directories.
886 Don't make it too large, as many operating systems have a small
887 limit on the number of open file descriptors. Also, the current
888 implementation does not scale well. */
889 enum { CHDIR_CACHE_SIZE = 16 };
890
891 /* Indexes into WD of chdir targets with open file descriptors, sorted
892 most-recently used first. Zero indexes are unused. */
893 static int wdcache[CHDIR_CACHE_SIZE];
894
895 /* Number of nonzero entries in WDCACHE. */
896 static size_t wdcache_count;
897
898 int
chdir_count(void)899 chdir_count (void)
900 {
901 if (wd_count == 0)
902 return wd_count;
903 return wd_count - 1;
904 }
905
906 /* DIR is the operand of a -C option; add it to vector of chdir targets,
907 and return the index of its location. */
908 int
chdir_arg(char const * dir)909 chdir_arg (char const *dir)
910 {
911 if (wd_count == wd_alloc)
912 {
913 if (wd_alloc == 0)
914 wd_alloc = 2;
915 wd = x2nrealloc (wd, &wd_alloc, sizeof *wd);
916
917 if (! wd_count)
918 {
919 wd[wd_count].name = ".";
920 wd[wd_count].abspath = NULL;
921 wd[wd_count].fd = AT_FDCWD;
922 wd_count++;
923 }
924 }
925
926 /* Optimize the common special case of the working directory,
927 or the working directory as a prefix. */
928 if (dir[0])
929 {
930 while (dir[0] == '.' && ISSLASH (dir[1]))
931 for (dir += 2; ISSLASH (*dir); dir++)
932 continue;
933 if (! dir[dir[0] == '.'])
934 return wd_count - 1;
935 }
936
937 wd[wd_count].name = dir;
938 wd[wd_count].abspath = NULL;
939 wd[wd_count].fd = 0;
940 return wd_count++;
941 }
942
943 /* Index of current directory. */
944 int chdir_current;
945
946 /* Value suitable for use as the first argument to openat, and in
947 similar locations for fstatat, etc. This is an open file
948 descriptor, or AT_FDCWD if the working directory is current. It is
949 valid until the next invocation of chdir_do. */
950 int chdir_fd = AT_FDCWD;
951
952 /* Change to directory I, in a virtual way. This does not actually
953 invoke chdir; it merely sets chdir_fd to an int suitable as the
954 first argument for openat, etc. If I is 0, change to the initial
955 working directory; otherwise, I must be a value returned by
956 chdir_arg. */
957 void
chdir_do(int i)958 chdir_do (int i)
959 {
960 if (chdir_current != i)
961 {
962 struct wd *curr = &wd[i];
963 int fd = curr->fd;
964
965 if (! fd)
966 {
967 if (! IS_ABSOLUTE_FILE_NAME (curr->name))
968 chdir_do (i - 1);
969 fd = openat (chdir_fd, curr->name,
970 open_searchdir_flags & ~ O_NOFOLLOW);
971 if (fd < 0)
972 open_fatal (curr->name);
973
974 curr->fd = fd;
975
976 /* Add I to the cache, tossing out the lowest-ranking entry if the
977 cache is full. */
978 if (wdcache_count < CHDIR_CACHE_SIZE)
979 wdcache[wdcache_count++] = i;
980 else
981 {
982 struct wd *stale = &wd[wdcache[CHDIR_CACHE_SIZE - 1]];
983 if (close (stale->fd) != 0)
984 close_diag (stale->name);
985 stale->fd = 0;
986 wdcache[CHDIR_CACHE_SIZE - 1] = i;
987 }
988 }
989
990 if (0 < fd)
991 {
992 /* Move the i value to the front of the cache. This is
993 O(CHDIR_CACHE_SIZE), but the cache is small. */
994 size_t ci;
995 int prev = wdcache[0];
996 for (ci = 1; prev != i; ci++)
997 {
998 int cur = wdcache[ci];
999 wdcache[ci] = prev;
1000 if (cur == i)
1001 break;
1002 prev = cur;
1003 }
1004 wdcache[0] = i;
1005 }
1006
1007 chdir_current = i;
1008 chdir_fd = fd;
1009 }
1010 }
1011
1012 const char *
tar_dirname(void)1013 tar_dirname (void)
1014 {
1015 return wd[chdir_current].name;
1016 }
1017
1018 /* Return the absolute path that represents the working
1019 directory referenced by IDX.
1020
1021 If wd is empty, then there were no -C options given, and
1022 chdir_args() has never been called, so we simply return the
1023 process's actual cwd. (Note that in this case IDX is ignored,
1024 since it should always be 0.) */
1025 static const char *
tar_getcdpath(int idx)1026 tar_getcdpath (int idx)
1027 {
1028 if (!wd)
1029 {
1030 static char *cwd;
1031 if (!cwd)
1032 {
1033 cwd = xgetcwd ();
1034 if (!cwd)
1035 call_arg_fatal ("getcwd", ".");
1036 }
1037 return cwd;
1038 }
1039
1040 if (!wd[idx].abspath)
1041 {
1042 int i;
1043 int save_cwdi = chdir_current;
1044
1045 for (i = idx; i >= 0; i--)
1046 if (wd[i].abspath)
1047 break;
1048
1049 while (++i <= idx)
1050 {
1051 chdir_do (i);
1052 if (i == 0)
1053 {
1054 if ((wd[i].abspath = xgetcwd ()) == NULL)
1055 call_arg_fatal ("getcwd", ".");
1056 }
1057 else if (IS_ABSOLUTE_FILE_NAME (wd[i].name))
1058 /* If the given name is absolute, use it to represent this
1059 directory; otherwise, construct a name based on the
1060 previous -C option. */
1061 wd[i].abspath = xstrdup (wd[i].name);
1062 else
1063 {
1064 namebuf_t nbuf = namebuf_create (wd[i - 1].abspath);
1065 namebuf_add_dir (nbuf, wd[i].name);
1066 wd[i].abspath = namebuf_finish (nbuf);
1067 }
1068 }
1069
1070 chdir_do (save_cwdi);
1071 }
1072
1073 return wd[idx].abspath;
1074 }
1075
1076 void
close_diag(char const * name)1077 close_diag (char const *name)
1078 {
1079 if (ignore_failed_read_option)
1080 {
1081 if (WARNING_ENABLED(WARN_FAILED_READ))
1082 close_warn (name);
1083 }
1084 else
1085 close_error (name);
1086 }
1087
1088 void
open_diag(char const * name)1089 open_diag (char const *name)
1090 {
1091 if (ignore_failed_read_option)
1092 {
1093 if (WARNING_ENABLED(WARN_FAILED_READ))
1094 open_warn (name);
1095 }
1096 else
1097 open_error (name);
1098 }
1099
1100 void
read_diag_details(char const * name,off_t offset,size_t size)1101 read_diag_details (char const *name, off_t offset, size_t size)
1102 {
1103 if (ignore_failed_read_option)
1104 {
1105 if (WARNING_ENABLED(WARN_FAILED_READ))
1106 read_warn_details (name, offset, size);
1107 }
1108 else
1109 read_error_details (name, offset, size);
1110 }
1111
1112 void
readlink_diag(char const * name)1113 readlink_diag (char const *name)
1114 {
1115 if (ignore_failed_read_option)
1116 {
1117 if (WARNING_ENABLED(WARN_FAILED_READ))
1118 readlink_warn (name);
1119 }
1120 else
1121 readlink_error (name);
1122 }
1123
1124 void
savedir_diag(char const * name)1125 savedir_diag (char const *name)
1126 {
1127 if (ignore_failed_read_option)
1128 {
1129 if (WARNING_ENABLED(WARN_FAILED_READ))
1130 savedir_warn (name);
1131 }
1132 else
1133 savedir_error (name);
1134 }
1135
1136 void
seek_diag_details(char const * name,off_t offset)1137 seek_diag_details (char const *name, off_t offset)
1138 {
1139 if (ignore_failed_read_option)
1140 {
1141 if (WARNING_ENABLED(WARN_FAILED_READ))
1142 seek_warn_details (name, offset);
1143 }
1144 else
1145 seek_error_details (name, offset);
1146 }
1147
1148 void
stat_diag(char const * name)1149 stat_diag (char const *name)
1150 {
1151 if (ignore_failed_read_option)
1152 {
1153 if (WARNING_ENABLED(WARN_FAILED_READ))
1154 stat_warn (name);
1155 }
1156 else
1157 stat_error (name);
1158 }
1159
1160 void
file_removed_diag(const char * name,bool top_level,void (* diagfn)(char const * name))1161 file_removed_diag (const char *name, bool top_level,
1162 void (*diagfn) (char const *name))
1163 {
1164 if (!top_level && errno == ENOENT)
1165 {
1166 WARNOPT (WARN_FILE_REMOVED,
1167 (0, 0, _("%s: File removed before we read it"),
1168 quotearg_colon (name)));
1169 set_exit_status (TAREXIT_DIFFERS);
1170 }
1171 else
1172 diagfn (name);
1173 }
1174
1175 /* Fork, aborting if unsuccessful. */
1176 pid_t
xfork(void)1177 xfork (void)
1178 {
1179 pid_t p = fork ();
1180 if (p == (pid_t) -1)
1181 call_arg_fatal ("fork", _("child process"));
1182 return p;
1183 }
1184
1185 /* Create a pipe, aborting if unsuccessful. */
1186 void
xpipe(int fd[2])1187 xpipe (int fd[2])
1188 {
1189 if (pipe (fd) < 0)
1190 call_arg_fatal ("pipe", _("interprocess channel"));
1191 }
1192
1193 /* Return PTR, aligned upward to the next multiple of ALIGNMENT.
1194 ALIGNMENT must be nonzero. The caller must arrange for ((char *)
1195 PTR) through ((char *) PTR + ALIGNMENT - 1) to be addressable
1196 locations. */
1197
1198 static inline void *
ptr_align(void * ptr,size_t alignment)1199 ptr_align (void *ptr, size_t alignment)
1200 {
1201 char *p0 = ptr;
1202 char *p1 = p0 + alignment - 1;
1203 return p1 - (size_t) p1 % alignment;
1204 }
1205
1206 /* Return the address of a page-aligned buffer of at least SIZE bytes.
1207 The caller should free *PTR when done with the buffer. */
1208
1209 void *
page_aligned_alloc(void ** ptr,size_t size)1210 page_aligned_alloc (void **ptr, size_t size)
1211 {
1212 size_t alignment = getpagesize ();
1213 size_t size1 = size + alignment;
1214 if (size1 < size)
1215 xalloc_die ();
1216 *ptr = xmalloc (size1);
1217 return ptr_align (*ptr, alignment);
1218 }
1219
1220
1221
1222 struct namebuf
1223 {
1224 char *buffer; /* directory, '/', and directory member */
1225 size_t buffer_size; /* allocated size of name_buffer */
1226 size_t dir_length; /* length of directory part in buffer */
1227 };
1228
1229 namebuf_t
namebuf_create(const char * dir)1230 namebuf_create (const char *dir)
1231 {
1232 namebuf_t buf = xmalloc (sizeof (*buf));
1233 buf->buffer_size = strlen (dir) + 2;
1234 buf->buffer = xmalloc (buf->buffer_size);
1235 strcpy (buf->buffer, dir);
1236 buf->dir_length = strlen (buf->buffer);
1237 if (!ISSLASH (buf->buffer[buf->dir_length - 1]))
1238 buf->buffer[buf->dir_length++] = DIRECTORY_SEPARATOR;
1239 return buf;
1240 }
1241
1242 void
namebuf_free(namebuf_t buf)1243 namebuf_free (namebuf_t buf)
1244 {
1245 free (buf->buffer);
1246 free (buf);
1247 }
1248
1249 char *
namebuf_name(namebuf_t buf,const char * name)1250 namebuf_name (namebuf_t buf, const char *name)
1251 {
1252 size_t len = strlen (name);
1253 while (buf->dir_length + len + 1 >= buf->buffer_size)
1254 buf->buffer = x2realloc (buf->buffer, &buf->buffer_size);
1255 strcpy (buf->buffer + buf->dir_length, name);
1256 return buf->buffer;
1257 }
1258
1259 static void
namebuf_add_dir(namebuf_t buf,const char * name)1260 namebuf_add_dir (namebuf_t buf, const char *name)
1261 {
1262 static char dirsep[] = { DIRECTORY_SEPARATOR, 0 };
1263 if (!ISSLASH (buf->buffer[buf->dir_length - 1]))
1264 {
1265 namebuf_name (buf, dirsep);
1266 buf->dir_length++;
1267 }
1268 namebuf_name (buf, name);
1269 buf->dir_length += strlen (name);
1270 }
1271
1272 static char *
namebuf_finish(namebuf_t buf)1273 namebuf_finish (namebuf_t buf)
1274 {
1275 char *res = buf->buffer;
1276
1277 if (ISSLASH (buf->buffer[buf->dir_length - 1]))
1278 buf->buffer[buf->dir_length] = 0;
1279 free (buf);
1280 return res;
1281 }
1282
1283 /* Return the filenames in directory NAME, relative to the chdir_fd.
1284 If the directory does not exist, report error if MUST_EXIST is
1285 true.
1286
1287 Return NULL on errors.
1288 */
1289 char *
tar_savedir(const char * name,int must_exist)1290 tar_savedir (const char *name, int must_exist)
1291 {
1292 char *ret = NULL;
1293 DIR *dir = NULL;
1294 int fd = openat (chdir_fd, name, open_read_flags | O_DIRECTORY);
1295 if (fd < 0)
1296 {
1297 if (!must_exist && errno == ENOENT)
1298 return NULL;
1299 open_error (name);
1300 }
1301 else if (! ((dir = fdopendir (fd))
1302 && (ret = streamsavedir (dir, savedir_sort_order))))
1303 savedir_error (name);
1304
1305 if (dir ? closedir (dir) != 0 : 0 <= fd && close (fd) != 0)
1306 savedir_error (name);
1307
1308 return ret;
1309 }
1310