/*
* canonicalize.c -- canonicalize pathname by removing symlinks
* Copyright (C) 1993 Rick Sladkey <jrs@world.std.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU Library Public License as published by
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Library Public License for more details.
*
*/
/*
* This routine is part of libc. We include it nevertheless,
* since the libc version has some security flaws.
*
* TODO: use canonicalize_file_name() when exist in glibc
*/
#include <stdio.h>
#include <string.h>
#include <ctype.h>
#include <unistd.h>
#include <errno.h>
#include <stdlib.h>
#include "canonicalize.h"
#ifndef MAXSYMLINKS
# define MAXSYMLINKS 256
#endif
static char *
myrealpath(const char *path, char *resolved_path, int maxreslth) {
int readlinks = 0;
char *npath;
char link_path[PATH_MAX+1];
int n;
char *buf = NULL;
npath = resolved_path;
/* If it's a relative pathname use getcwd for starters. */
if (*path != '/') {
if (!getcwd(npath, maxreslth-2))
return NULL;
npath += strlen(npath);
if (npath[-1] != '/')
*npath++ = '/';
} else {
*npath++ = '/';
path++;
}
/* Expand each slash-separated pathname component. */
while (*path != '\0') {
/* Ignore stray "/" */
if (*path == '/') {
path++;
continue;
}
if (*path == '.' && (path[1] == '\0' || path[1] == '/')) {
/* Ignore "." */
path++;
continue;
}
if (*path == '.' && path[1] == '.' &&
(path[2] == '\0' || path[2] == '/')) {
/* Backup for ".." */
path += 2;
while (npath > resolved_path+1 &&
(--npath)[-1] != '/')
;
continue;
}
/* Safely copy the next pathname component. */
while (*path != '\0' && *path != '/') {
if (npath-resolved_path > maxreslth-2) {
errno = ENAMETOOLONG;
goto err;
}
*npath++ = *path++;
}
/* Protect against infinite loops. */
if (readlinks++ > MAXSYMLINKS) {
errno = ELOOP;
goto err;
}
/* See if last pathname component is a symlink. */
*npath = '\0';
n = readlink(resolved_path, link_path, PATH_MAX);
if (n < 0) {
/* EINVAL means the file exists but isn't a symlink. */
if (errno != EINVAL)
goto err;
} else {
int m;
char *newbuf;
/* Note: readlink doesn't add the null byte. */
link_path[n] = '\0';
if (*link_path == '/')
/* Start over for an absolute symlink. */
npath = resolved_path;
else
/* Otherwise back up over this component. */
while (*(--npath) != '/')
;
/* Insert symlink contents into path. */
m = strlen(path);
newbuf = malloc(m + n + 1);
if (!newbuf)
goto err;
memcpy(newbuf, link_path, n);
memcpy(newbuf + n, path, m + 1);
free(buf);
path = buf = newbuf;
}
*npath++ = '/';
}
/* Delete trailing slash but don't whomp a lone slash. */
if (npath != resolved_path+1 && npath[-1] == '/')
npath--;
/* Make sure it's null terminated. */
*npath = '\0';
free(buf);
return resolved_path;
err:
free(buf);
return NULL;
}
/*
* Converts private "dm-N" names to "/dev/mapper/<name>"
*
* Since 2.6.29 (patch 784aae735d9b0bba3f8b9faef4c8b30df3bf0128) kernel sysfs
* provides the real DM device names in /sys/block/<ptname>/dm/name
*/
char *
canonicalize_dm_name(const char *ptname)
{
FILE *f;
size_t sz;
char path[256], name[256], *res = NULL;
snprintf(path, sizeof(path), "/sys/block/%s/dm/name", ptname);
if (!(f = fopen(path, "r")))
return NULL;
/* read "<name>\n" from sysfs */
if (fgets(name, sizeof(name), f) && (sz = strlen(name)) > 1) {
name[sz - 1] = '\0';
snprintf(path, sizeof(path), "/dev/mapper/%s", name);
res = strdup(path);
}
fclose(f);
return res;
}
char *
canonicalize_path(const char *path)
{
char canonical[PATH_MAX+2];
char *p;
if (path == NULL)
return NULL;
if (!myrealpath(path, canonical, PATH_MAX+1))
return strdup(path);
p = strrchr(canonical, '/');
if (p && strncmp(p, "/dm-", 4) == 0 && isdigit(*(p + 4))) {
p = canonicalize_dm_name(p+1);
if (p)
return p;
}
return strdup(canonical);
}
char *
canonicalize_path_restricted(const char *path)
{
char canonical[PATH_MAX+2];
char *p = NULL;
int errsv;
uid_t euid;
gid_t egid;
if (path == NULL)
return NULL;
euid = geteuid();
egid = getegid();
/* drop permissions */
if (setegid(getgid()) < 0 || seteuid(getuid()) < 0)
return NULL;
errsv = errno = 0;
if (myrealpath(path, canonical, PATH_MAX+1)) {
p = strrchr(canonical, '/');
if (p && strncmp(p, "/dm-", 4) == 0 && isdigit(*(p + 4)))
p = canonicalize_dm_name(p+1);
else
p = NULL;
if (!p)
p = strdup(canonical);
} else
errsv = errno;
/* restore */
if (setegid(egid) < 0 || seteuid(euid) < 0) {
free(p);
return NULL;
}
errno = errsv;
return p;
}
#ifdef TEST_PROGRAM_CANONICALIZE
int main(int argc, char **argv)
{
if (argc < 2) {
fprintf(stderr, "usage: %s <device>\n", argv[0]);
exit(EXIT_FAILURE);
}
fprintf(stdout, "orig: %s\n", argv[1]);
fprintf(stdout, "real: %s\n", canonicalize_path(argv[1]));
exit(EXIT_SUCCESS);
}
#endif