* SUCH DAMAGE.
*/
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
+#include <config.h>
#if defined(LIBC_SCCS) && !defined(lint)
static char sccsid[] = "@(#)fts.c 8.6 (Berkeley) 8/14/94";
#include <unistd.h>
#if ! _LIBC
+# include "fcntl--.h"
# include "lstat.h"
+# include "openat.h"
+# include "unistd--.h"
#endif
-#if defined _LIBC
-# include <dirent.h>
-# define NAMLEN(dirent) _D_EXACT_NAMLEN (dirent)
-#else
-# if HAVE_DIRENT_H
-# include <dirent.h>
-# define NAMLEN(dirent) strlen ((dirent)->d_name)
-# else
-# define dirent direct
-# define NAMLEN(dirent) (dirent)->d_namlen
-# if HAVE_SYS_NDIR_H
-# include <sys/ndir.h>
-# endif
-# if HAVE_SYS_DIR_H
-# include <sys/dir.h>
-# endif
-# if HAVE_NDIR_H
-# include <ndir.h>
-# endif
-# endif
+#include <dirent.h>
+#ifndef _D_EXACT_NAMLEN
+# define _D_EXACT_NAMLEN(dirent) strlen ((dirent)->d_name)
#endif
#ifdef _LIBC
# define ATTRIBUTE_UNUSED __attribute__ ((__unused__))
#endif
+/* If this host provides the openat function, then we can avoid
+ attempting to open "." in some initialization code below. */
+#ifdef HAVE_OPENAT
+# define HAVE_OPENAT_SUPPORT 1
+#else
+# define HAVE_OPENAT_SUPPORT 0
+#endif
static FTSENT *fts_alloc (FTS *, const char *, size_t) internal_function;
static FTSENT *fts_build (FTS *, int) internal_function;
#endif
#define ISDOT(a) (a[0] == '.' && (!a[1] || (a[1] == '.' && !a[2])))
+#define STREQ(a, b) (strcmp ((a), (b)) == 0)
#define CLR(opt) (sp->fts_options &= ~(opt))
#define ISSET(opt) (sp->fts_options & (opt))
#define SET(opt) (sp->fts_options |= (opt))
-#define FCHDIR(sp, fd) (!ISSET(FTS_NOCHDIR) && fchdir(fd))
+#define RESTORE_INITIAL_CWD(sp) FCHDIR (sp, (ISSET (FTS_CWDFD) \
+ ? AT_FDCWD \
+ : sp->fts_rfd))
+
+#define FCHDIR(sp, fd) (!ISSET(FTS_NOCHDIR) \
+ && (ISSET(FTS_CWDFD) \
+ ? (cwd_advance_fd (sp, fd), 0) \
+ : fchdir(fd)))
+
/* fts_build flags */
#define BCHILD 1 /* fts_children */
} \
while (false)
+/* file-descriptor-relative opendir. */
+/* FIXME: if others need this function, move it into lib/openat.c */
+static inline DIR *
+internal_function
+opendirat (int fd, char const *dir)
+{
+ int new_fd = openat (fd, dir, O_RDONLY);
+ DIR *dirp;
+
+ if (new_fd < 0)
+ return NULL;
+ dirp = fdopendir (new_fd);
+ if (dirp == NULL)
+ {
+ int saved_errno = errno;
+ close (new_fd);
+ errno = saved_errno;
+ }
+ return dirp;
+}
+
+/* Virtual fchdir. Advance SP's working directory
+ file descriptor, SP->fts_cwd_fd, to FD, and close
+ the previous one, ignoring any error. */
+static void
+internal_function
+cwd_advance_fd (FTS *sp, int fd)
+{
+ int old = sp->fts_cwd_fd;
+ if (old == fd && old != AT_FDCWD)
+ abort ();
+ sp->fts_cwd_fd = fd;
+ if (0 <= old)
+ close (old); /* ignore any close failure */
+}
+
/* Open the directory DIR if possible, and return a file
descriptor. Return -1 and set errno on failure. It doesn't matter
whether the file descriptor has read or write access. */
-static int
+static inline int
internal_function
-diropen (char const *dir)
+diropen (FTS const *sp, char const *dir)
{
- return open (dir, O_RDONLY | O_DIRECTORY | O_NOCTTY | O_NONBLOCK);
+ int open_flags = (O_RDONLY | O_DIRECTORY | O_NOCTTY | O_NONBLOCK
+ | (ISSET (FTS_PHYSICAL) ? O_NOFOLLOW : 0));
+
+ return (ISSET (FTS_CWDFD)
+ ? openat (sp->fts_cwd_fd, dir, open_flags)
+ : open (dir, open_flags));
}
FTS *
register FTS *sp;
register FTSENT *p, *root;
register size_t nitems;
- FTSENT *parent, *tmp = NULL; /* pacify gcc */
+ FTSENT *parent = NULL;
+ FTSENT *tmp = NULL; /* pacify gcc */
size_t len;
/* Options check. */
__set_errno (EINVAL);
return (NULL);
}
+ if ((options & FTS_NOCHDIR) && (options & FTS_CWDFD)) {
+ __set_errno (EINVAL);
+ return (NULL);
+ }
+ if ( ! (options & (FTS_LOGICAL | FTS_PHYSICAL))) {
+ __set_errno (EINVAL);
+ return (NULL);
+ }
/* Allocate/initialize the stream */
if ((sp = malloc(sizeof(FTS))) == NULL)
sp->fts_options = options;
/* Logical walks turn on NOCHDIR; symbolic links are too hard. */
- if (ISSET(FTS_LOGICAL))
+ if (ISSET(FTS_LOGICAL)) {
SET(FTS_NOCHDIR);
+ CLR(FTS_CWDFD);
+ }
+
+ /* Initialize fts_cwd_fd. */
+ sp->fts_cwd_fd = AT_FDCWD;
+ if ( ISSET(FTS_CWDFD) && ! HAVE_OPENAT_SUPPORT)
+ {
+ /* While it isn't technically necessary to open "." this
+ early, doing it here saves us the trouble of ensuring
+ later (where it'd be messier) that "." can in fact
+ be opened. If not, revert to FTS_NOCHDIR mode. */
+ int fd = open (".", O_RDONLY);
+ if (fd < 0)
+ {
+ /* Even if `.' is unreadable, don't revert to FTS_NOCHDIR mode
+ on systems like Linux+PROC_FS, where our openat emulation
+ is good enough. Note: on a system that emulates
+ openat via /proc, this technique can still fail, but
+ only in extreme conditions, e.g., when the working
+ directory cannot be saved (i.e. save_cwd fails) --
+ and that happens on Linux only when "." is unreadable
+ and the CWD would be longer than PATH_MAX.
+ FIXME: once Linux kernel openat support is well established,
+ replace the above open call and this entire if/else block
+ with the body of the if-block below. */
+ if ( openat_needs_fchdir ())
+ {
+ SET(FTS_NOCHDIR);
+ CLR(FTS_CWDFD);
+ }
+ }
+ else
+ {
+ close (fd);
+ }
+ }
/*
* Start out with 1K of file name space, and enough, in any case,
#ifndef MAXPATHLEN
# define MAXPATHLEN 1024
#endif
- size_t maxarglen = fts_maxarglen(argv);
- if (! fts_palloc(sp, MAX(maxarglen, MAXPATHLEN)))
- goto mem1;
+ {
+ size_t maxarglen = fts_maxarglen(argv);
+ if (! fts_palloc(sp, MAX(maxarglen, MAXPATHLEN)))
+ goto mem1;
+ }
/* Allocate/initialize root's parent. */
- if ((parent = fts_alloc(sp, "", 0)) == NULL)
- goto mem2;
- parent->fts_level = FTS_ROOTPARENTLEVEL;
+ if (*argv != NULL) {
+ if ((parent = fts_alloc(sp, "", 0)) == NULL)
+ goto mem2;
+ parent->fts_level = FTS_ROOTPARENTLEVEL;
+ }
/* Allocate/initialize root(s). */
for (root = NULL, nitems = 0; *argv != NULL; ++argv, ++nitems) {
* and ".." are all fairly nasty problems. Note, if we can't get the
* descriptor we run anyway, just more slowly.
*/
- if (!ISSET(FTS_NOCHDIR)
- && (sp->fts_rfd = diropen (".")) < 0)
+ if (!ISSET(FTS_NOCHDIR) && !ISSET(FTS_CWDFD)
+ && (sp->fts_rfd = diropen (sp, ".")) < 0)
SET(FTS_NOCHDIR);
return (sp);
/* Free up child linked list, sort array, file name buffer. */
if (sp->fts_child)
fts_lfree(sp->fts_child);
- if (sp->fts_array)
- free(sp->fts_array);
+ free(sp->fts_array);
free(sp->fts_path);
- /* Return to original directory, save errno if necessary. */
- if (!ISSET(FTS_NOCHDIR)) {
- if (fchdir(sp->fts_rfd))
- saved_errno = errno;
- (void)close(sp->fts_rfd);
- }
+ if (ISSET(FTS_CWDFD))
+ {
+ if (0 <= sp->fts_cwd_fd)
+ close (sp->fts_cwd_fd);
+ }
+ else if (!ISSET(FTS_NOCHDIR))
+ {
+ /* Return to original directory, save errno if necessary. */
+ if (fchdir(sp->fts_rfd))
+ saved_errno = errno;
+ close(sp->fts_rfd);
+ }
free_dir (sp);
register FTSENT *p, *tmp;
register unsigned short int instr;
register char *t;
- int saved_errno;
/* If finished or unrecoverable error, return NULL. */
if (sp->fts_cur == NULL || ISSET(FTS_STOP))
(p->fts_info == FTS_SL || p->fts_info == FTS_SLNONE)) {
p->fts_info = fts_stat(sp, p, true);
if (p->fts_info == FTS_D && !ISSET(FTS_NOCHDIR)) {
- if ((p->fts_symfd = diropen (".")) < 0) {
+ if ((p->fts_symfd = diropen (sp, ".")) < 0) {
p->fts_errno = errno;
p->fts_info = FTS_ERR;
} else
subdirectory, tell the caller. */
if (p->fts_errno)
p->fts_info = FTS_ERR;
- /* FIXME: see if this should be in an else block */
LEAVE_DIR (sp, p, "2");
return (p);
}
* root.
*/
if (p->fts_level == FTS_ROOTLEVEL) {
- if (FCHDIR(sp, sp->fts_rfd)) {
+ if (RESTORE_INITIAL_CWD(sp)) {
SET(FTS_STOP);
+ sp->fts_cur = p;
return (NULL);
}
fts_load(sp, p);
if (p->fts_instr == FTS_FOLLOW) {
p->fts_info = fts_stat(sp, p, true);
if (p->fts_info == FTS_D && !ISSET(FTS_NOCHDIR)) {
- if ((p->fts_symfd = diropen (".")) < 0) {
+ if ((p->fts_symfd = diropen (sp, ".")) < 0) {
p->fts_errno = errno;
p->fts_info = FTS_ERR;
} else
sp->fts_path[p->fts_pathlen] = '\0';
/*
- * Return to the parent directory. If at a root node or came through
- * a symlink, go back through the file descriptor. Otherwise, cd up
- * one directory.
+ * Return to the parent directory. If at a root node, restore
+ * the initial working directory. If we came through a symlink,
+ * go back through the file descriptor. Otherwise, move up
+ * one level, via "..".
*/
if (p->fts_level == FTS_ROOTLEVEL) {
- if (FCHDIR(sp, sp->fts_rfd)) {
+ if (RESTORE_INITIAL_CWD(sp)) {
p->fts_errno = errno;
SET(FTS_STOP);
}
} else if (p->fts_flags & FTS_SYMFOLLOW) {
if (FCHDIR(sp, p->fts_symfd)) {
- saved_errno = errno;
+ int saved_errno = errno;
(void)close(p->fts_symfd);
__set_errno (saved_errno);
p->fts_errno = errno;
ISSET(FTS_NOCHDIR))
return (sp->fts_child = fts_build(sp, instr));
- if ((fd = diropen (".")) < 0)
+ if ((fd = diropen (sp, ".")) < 0)
return (sp->fts_child = NULL);
sp->fts_child = fts_build(sp, instr);
- if (fchdir(fd)) {
- (void)close(fd);
- return (NULL);
- }
- (void)close(fd);
+ if (ISSET(FTS_CWDFD))
+ {
+ cwd_advance_fd (sp, fd);
+ }
+ else
+ {
+ if (fchdir(fd))
+ {
+ int saved_errno = errno;
+ close (fd);
+ __set_errno (saved_errno);
+ return NULL;
+ }
+ close (fd);
+ }
return (sp->fts_child);
}
FTSENT *cur, *tail;
DIR *dirp;
void *oldaddr;
- int cderrno;
int saved_errno;
bool descend;
bool doadjust;
else
oflag = DTF_HIDEW|DTF_NODUP|DTF_REWIND;
#else
-# define __opendir2(file, flag) opendir(file)
+# define __opendir2(file, flag) \
+ ( ! ISSET(FTS_NOCHDIR) && ISSET(FTS_CWDFD) \
+ ? opendirat(sp->fts_cwd_fd, file) \
+ : opendir(file))
#endif
if ((dirp = __opendir2(cur->fts_accpath, oflag)) == NULL) {
if (type == BREAD) {
* needed sorted entries or stat information, they had better be
* checking FTS_NS on the returned nodes.
*/
- cderrno = 0;
if (nlinks || type == BREAD) {
- if (fts_safe_changedir(sp, cur, dirfd(dirp), NULL)) {
+ int dir_fd = dirfd(dirp);
+ if (ISSET(FTS_CWDFD) && 0 <= dir_fd)
+ dir_fd = dup (dir_fd);
+ if (dir_fd < 0 || fts_safe_changedir(sp, cur, dir_fd, NULL)) {
if (nlinks && type == BREAD)
cur->fts_errno = errno;
cur->fts_flags |= FTS_DONTCHDIR;
descend = false;
- cderrno = errno;
closedir(dirp);
+ if (ISSET(FTS_CWDFD) && 0 <= dir_fd)
+ close (dir_fd);
dirp = NULL;
} else
descend = true;
if (!ISSET(FTS_SEEDOT) && ISDOT(dp->d_name))
continue;
- if ((p = fts_alloc(sp, dp->d_name, NAMLEN (dp))) == NULL)
+ if ((p = fts_alloc (sp, dp->d_name,
+ _D_EXACT_NAMLEN (dp))) == NULL)
goto mem1;
- if (NAMLEN (dp) >= maxlen) {/* include space for NUL */
+ if (_D_EXACT_NAMLEN (dp) >= maxlen) {
+ /* include space for NUL */
oldaddr = sp->fts_path;
- if (! fts_palloc(sp, NAMLEN (dp) + len + 1)) {
+ if (! fts_palloc(sp, _D_EXACT_NAMLEN (dp) + len + 1)) {
/*
* No more memory. Save
* errno, free up the current structure and the
* structures already allocated.
*/
mem1: saved_errno = errno;
- if (p)
- free(p);
+ free(p);
fts_lfree(head);
closedir(dirp);
cur->fts_info = FTS_ERR;
maxlen = sp->fts_pathlen - len;
}
- new_len = len + NAMLEN (dp);
+ new_len = len + _D_EXACT_NAMLEN (dp);
if (new_len < len) {
/*
* In the unlikely even that we would end up
p->fts_flags |= FTS_ISW;
#endif
- if (cderrno) {
- if (nlinks) {
- p->fts_info = FTS_NS;
- p->fts_errno = cderrno;
- } else
- p->fts_info = FTS_NSOK;
- p->fts_accpath = cur->fts_accpath;
- } else if (nlinks == 0
-#if HAVE_STRUCT_DIRENT_D_TYPE
- || (nostat &&
- dp->d_type != DT_DIR && dp->d_type != DT_UNKNOWN)
-#endif
- ) {
- p->fts_accpath =
- ISSET(FTS_NOCHDIR) ? p->fts_path : p->fts_name;
- p->fts_info = FTS_NSOK;
- } else {
- /* Build a file name for fts_stat to stat. */
- if (ISSET(FTS_NOCHDIR)) {
- p->fts_accpath = p->fts_path;
- memmove(cp, p->fts_name, p->fts_namelen + 1);
- } else
- p->fts_accpath = p->fts_name;
- /* Stat it. */
- p->fts_info = fts_stat(sp, p, false);
-
- /* Decrement link count if applicable. */
- if (nlinks > 0 && (p->fts_info == FTS_D ||
- p->fts_info == FTS_DC || p->fts_info == FTS_DOT))
- nlinks -= nostat;
- }
+ /* Build a file name for fts_stat to stat. */
+ if (ISSET(FTS_NOCHDIR)) {
+ p->fts_accpath = p->fts_path;
+ memmove(cp, p->fts_name, p->fts_namelen + 1);
+ } else
+ p->fts_accpath = p->fts_name;
+ /* Stat it. */
+ p->fts_info = fts_stat(sp, p, false);
+
+ /* Decrement link count if applicable. */
+ if (nlinks > 0 && (p->fts_info == FTS_D ||
+ p->fts_info == FTS_DC || p->fts_info == FTS_DOT))
+ nlinks -= nostat;
/* We walk in directory order so "ls -f" doesn't get upset. */
p->fts_link = NULL;
* can't get back, we're done.
*/
if (descend && (type == BCHILD || !nitems) &&
- (cur->fts_level == FTS_ROOTLEVEL ?
- FCHDIR(sp, sp->fts_rfd) :
- fts_safe_changedir(sp, cur->fts_parent, -1, ".."))) {
+ (cur->fts_level == FTS_ROOTLEVEL
+ ? RESTORE_INITIAL_CWD(sp)
+ : fts_safe_changedir(sp, cur->fts_parent, -1, ".."))) {
cur->fts_info = FTS_ERR;
SET(FTS_STOP);
+ fts_lfree(head);
return (NULL);
}
if (!nitems) {
if (type == BREAD)
cur->fts_info = FTS_DP;
+ fts_lfree(head);
return (NULL);
}
if (ISSET(FTS_LOGICAL) || follow) {
if (stat(p->fts_accpath, sbp)) {
saved_errno = errno;
- if (!lstat(p->fts_accpath, sbp)) {
+ if (errno == ENOENT
+ && lstat(p->fts_accpath, sbp) == 0) {
__set_errno (0);
return (FTS_SLNONE);
}
p->fts_errno = saved_errno;
goto err;
}
- } else if (lstat(p->fts_accpath, sbp)) {
+ } else if (fstatat(sp->fts_cwd_fd, p->fts_accpath, sbp,
+ AT_SYMLINK_NOFOLLOW)) {
p->fts_errno = errno;
err: memset(sbp, 0, sizeof(struct stat));
return (FTS_NS);
* See if fts_pathlen would overflow.
*/
if (new_len < sp->fts_pathlen) {
- if (sp->fts_path) {
- free(sp->fts_path);
- sp->fts_path = NULL;
- }
+ free(sp->fts_path);
sp->fts_path = NULL;
__set_errno (ENAMETOOLONG);
return false;
* Change to dir specified by fd or file name without getting
* tricked by someone changing the world out from underneath us.
* Assumes p->fts_statp->st_dev and p->fts_statp->st_ino are filled in.
+ * If FD is non-negative, expect it to be used after this function returns,
+ * and to be closed eventually. So don't pass e.g., `dirfd(dirp)' and then
+ * do closedir(dirp), because that would invalidate the saved FD.
+ * Upon failure, close FD immediately and return nonzero.
*/
static int
internal_function
fts_safe_changedir (FTS *sp, FTSENT *p, int fd, char const *dir)
{
- int ret, oerrno, newfd;
- struct stat sb;
+ int ret;
- newfd = fd;
- if (ISSET(FTS_NOCHDIR))
+ int newfd = fd;
+ if (ISSET(FTS_NOCHDIR)) {
+ if (ISSET(FTS_CWDFD) && 0 <= fd)
+ close (fd);
return (0);
- if (fd < 0 && (newfd = diropen (dir)) < 0)
+ }
+ if (fd < 0 && (newfd = diropen (sp, dir)) < 0)
return (-1);
- if (fstat(newfd, &sb)) {
+
+ /* The following dev/inode check is necessary if we're doing
+ a `logical' traversal (through symlinks, a la chown -L),
+ if the system lacks O_NOFOLLOW support, or if we're changing
+ to "..". In the latter case, O_NOFOLLOW can't help. In
+ general (when the target is not ".."), diropen's use of
+ O_NOFOLLOW ensures we don't mistakenly follow a symlink,
+ so we can avoid the expense of this fstat. */
+ if (ISSET(FTS_LOGICAL) || O_NOFOLLOW == 0
+ || (dir && STREQ (dir, "..")))
+ {
+ struct stat sb;
+ if (fstat(newfd, &sb))
+ {
ret = -1;
goto bail;
- }
- if (p->fts_statp->st_dev != sb.st_dev
- || p->fts_statp->st_ino != sb.st_ino) {
+ }
+ if (p->fts_statp->st_dev != sb.st_dev
+ || p->fts_statp->st_ino != sb.st_ino)
+ {
__set_errno (ENOENT); /* disinformation */
ret = -1;
goto bail;
- }
+ }
+ }
+
+ if (ISSET(FTS_CWDFD))
+ {
+ cwd_advance_fd (sp, newfd);
+ return 0;
+ }
+
ret = fchdir(newfd);
bail:
- oerrno = errno;
if (fd < 0)
- (void)close(newfd);
- __set_errno (oerrno);
+ {
+ int oerrno = errno;
+ (void)close(newfd);
+ __set_errno (oerrno);
+ }
return (ret);
}