X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fshared%2Futil.c;h=dc6528013bb0a7fded44e17a9e84e3eb5473b9f8;hp=280e42b3052ccdc0d28eef8c10c53f90024ba04b;hb=1c8da044469acabcfc479ba3276954da53210830;hpb=d15d0333be6a1ca7fdd99a1881d967b6be8f387a diff --git a/src/shared/util.c b/src/shared/util.c index 280e42b30..dc6528013 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -25,6 +25,8 @@ #include #include #include +#include +#include #include #include #include @@ -39,7 +41,7 @@ #include #include #include -#include +#include #include #include #include @@ -60,15 +62,21 @@ #include #include #include -#include #include +#include #include + +/* When we include libgen.h because we need dirname() we immediately + * undefine basename() since libgen.h defines it as a macro to the XDG + * version which is really broken. */ +#include #undef basename #ifdef HAVE_SYS_AUXV_H #include #endif +#include "config.h" #include "macro.h" #include "util.h" #include "ioprio.h" @@ -506,18 +514,24 @@ int safe_atolli(const char *s, long long int *ret_lli) { int safe_atod(const char *s, double *ret_d) { char *x = NULL; double d = 0; + locale_t loc; assert(s); assert(ret_d); - RUN_WITH_LOCALE(LC_NUMERIC_MASK, "C") { - errno = 0; - d = strtod(s, &x); - } + loc = newlocale(LC_NUMERIC_MASK, "C", (locale_t) 0); + if (loc == (locale_t) 0) + return -errno; - if (!x || x == s || *x || errno) + errno = 0; + d = strtod_l(s, &x, loc); + + if (!x || x == s || *x || errno) { + freelocale(loc); return errno ? -errno : -EINVAL; + } + freelocale(loc); *ret_d = (double) d; return 0; } @@ -1352,12 +1366,19 @@ char *cunescape_length_with_prefix(const char *s, size_t length, const char *pre memcpy(r, prefix, pl); for (f = s, t = r + pl; f < s + length; f++) { + size_t remaining = s + length - f; + assert(remaining > 0); - if (*f != '\\') { + if (*f != '\\') { /* a literal literal */ *(t++) = *f; continue; } + if (--remaining == 0) { /* copy trailing backslash verbatim */ + *(t++) = *f; + break; + } + f++; switch (*f) { @@ -1400,10 +1421,12 @@ char *cunescape_length_with_prefix(const char *s, size_t length, const char *pre case 'x': { /* hexadecimal encoding */ - int a, b; + int a = -1, b = -1; - a = unhexchar(f[1]); - b = unhexchar(f[2]); + if (remaining >= 2) { + a = unhexchar(f[1]); + b = unhexchar(f[2]); + } if (a < 0 || b < 0 || (a == 0 && b == 0)) { /* Invalid escape code, let's take it literal then */ @@ -1426,11 +1449,13 @@ char *cunescape_length_with_prefix(const char *s, size_t length, const char *pre case '6': case '7': { /* octal encoding */ - int a, b, c; + int a = -1, b = -1, c = -1; - a = unoctchar(f[0]); - b = unoctchar(f[1]); - c = unoctchar(f[2]); + if (remaining >= 3) { + a = unoctchar(f[0]); + b = unoctchar(f[1]); + c = unoctchar(f[2]); + } if (a < 0 || b < 0 || c < 0 || (a == 0 && b == 0 && c == 0)) { /* Invalid escape code, let's take it literal then */ @@ -1444,11 +1469,6 @@ char *cunescape_length_with_prefix(const char *s, size_t length, const char *pre break; } - case 0: - /* premature end of string. */ - *(t++) = '\\'; - goto finish; - default: /* Invalid escape code, let's take it literal then */ *(t++) = '\\'; @@ -1457,7 +1477,6 @@ char *cunescape_length_with_prefix(const char *s, size_t length, const char *pre } } -finish: *t = 0; return r; } @@ -1527,6 +1546,10 @@ _pure_ static bool hidden_file_allow_backup(const char *filename) { endswith(filename, ".dpkg-old") || endswith(filename, ".dpkg-new") || endswith(filename, ".dpkg-tmp") || + endswith(filename, ".dpkg-dist") || + endswith(filename, ".dpkg-bak") || + endswith(filename, ".dpkg-backup") || + endswith(filename, ".dpkg-remove") || endswith(filename, ".swp"); } @@ -4232,6 +4255,11 @@ bool hostname_is_valid(const char *s) { if (isempty(s)) return false; + /* Doesn't accept empty hostnames, hostnames with trailing or + * leading dots, and hostnames with multiple dots in a + * sequence. Also ensures that the length stays below + * HOST_NAME_MAX. */ + for (p = s, dot = true; *p; p++) { if (*p == '.') { if (dot) @@ -4298,23 +4326,6 @@ bool machine_name_is_valid(const char *s) { return true; } -bool image_name_is_valid(const char *s) { - if (!filename_is_valid(s)) - return false; - - if (string_has_cc(s, NULL)) - return false; - - if (!utf8_is_valid(s)) - return false; - - /* Temporary files for atomically creating new files */ - if (startswith(s, ".#")) - return false; - - return true; -} - int pipe_eof(int fd) { struct pollfd pollfd = { .fd = fd, @@ -5463,25 +5474,56 @@ int getenv_for_pid(pid_t pid, const char *field, char **_value) { return r; } -bool is_valid_documentation_url(const char *url) { - assert(url); +bool http_etag_is_valid(const char *etag) { + if (isempty(etag)) + return false; - if (startswith(url, "http://") && url[7]) - return true; + if (!endswith(etag, "\"")) + return false; - if (startswith(url, "https://") && url[8]) - return true; + if (!startswith(etag, "\"") && !startswith(etag, "W/\"")) + return false; - if (startswith(url, "file:") && url[5]) - return true; + return true; +} - if (startswith(url, "info:") && url[5]) - return true; +bool http_url_is_valid(const char *url) { + const char *p; + + if (isempty(url)) + return false; + + p = startswith(url, "http://"); + if (!p) + p = startswith(url, "https://"); + if (!p) + return false; - if (startswith(url, "man:") && url[4]) + if (isempty(p)) + return false; + + return ascii_is_valid(p); +} + +bool documentation_url_is_valid(const char *url) { + const char *p; + + if (isempty(url)) + return false; + + if (http_url_is_valid(url)) return true; - return false; + p = startswith(url, "file:/"); + if (!p) + p = startswith(url, "info:"); + if (!p) + p = startswith(url, "man:"); + + if (isempty(p)) + return false; + + return ascii_is_valid(p); } bool in_initrd(void) { @@ -5743,6 +5785,11 @@ void *xbsearch_r(const void *key, const void *base, size_t nmemb, size_t size, return NULL; } +void init_gettext(void) { + setlocale(LC_ALL, ""); + textdomain(GETTEXT_PACKAGE); +} + bool is_locale_utf8(void) { const char *set; static int cached_answer = -1; @@ -6417,7 +6464,7 @@ int container_get_leader(const char *machine, pid_t *pid) { assert(machine); assert(pid); - p = strappenda("/run/systemd/machines/", machine); + p = strjoina("/run/systemd/machines/", machine); r = parse_env_file(p, NEWLINE, "LEADER", &s, "CLASS", &class, NULL); if (r == -ENOENT) return -EHOSTDOWN; @@ -6656,7 +6703,7 @@ int open_tmpfile(const char *path, int flags) { #endif /* Fall back to unguessable name + unlinking */ - p = strappenda(path, "/systemd-tmp-XXXXXX"); + p = strjoina(path, "/systemd-tmp-XXXXXX"); fd = mkostemp_safe(p, flags); if (fd < 0) @@ -7185,7 +7232,7 @@ int take_password_lock(const char *root) { * awfully racy, and thus we just won't do them. */ if (root) - path = strappenda(root, "/etc/.pwd.lock"); + path = strjoina(root, "/etc/.pwd.lock"); else path = "/etc/.pwd.lock"; @@ -7753,11 +7800,14 @@ int same_fd(int a, int b) { return fa == fb; } -int chattr_fd(int fd, bool b, int mask) { - int old_attr, new_attr; +int chattr_fd(int fd, bool b, unsigned mask) { + unsigned old_attr, new_attr; assert(fd >= 0); + if (mask == 0) + return 0; + if (ioctl(fd, FS_IOC_GETFLAGS, &old_attr) < 0) return -errno; @@ -7775,12 +7825,298 @@ int chattr_fd(int fd, bool b, int mask) { return 0; } -int chattr_path(const char *p, bool b, int mask) { +int chattr_path(const char *p, bool b, unsigned mask) { _cleanup_close_ int fd = -1; - fd = open(p, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW); + assert(p); + + if (mask == 0) + return 0; + + fd = open(p, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW); if (fd < 0) return -errno; return chattr_fd(fd, b, mask); } + +int read_attr_fd(int fd, unsigned *ret) { + assert(fd >= 0); + + if (ioctl(fd, FS_IOC_GETFLAGS, ret) < 0) + return -errno; + + return 0; +} + +int read_attr_path(const char *p, unsigned *ret) { + _cleanup_close_ int fd = -1; + + assert(p); + assert(ret); + + fd = open(p, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW); + if (fd < 0) + return -errno; + + return read_attr_fd(fd, ret); +} + +int make_lock_file(const char *p, int operation, LockFile *ret) { + _cleanup_close_ int fd = -1; + _cleanup_free_ char *t = NULL; + int r; + + /* + * We use UNPOSIX locks if they are available. They have nice + * semantics, and are mostly compatible with NFS. However, + * they are only available on new kernels. When we detect we + * are running on an older kernel, then we fall back to good + * old BSD locks. They also have nice semantics, but are + * slightly problematic on NFS, where they are upgraded to + * POSIX locks, even though locally they are orthogonal to + * POSIX locks. + */ + + t = strdup(p); + if (!t) + return -ENOMEM; + + for (;;) { + struct flock fl = { + .l_type = (operation & ~LOCK_NB) == LOCK_EX ? F_WRLCK : F_RDLCK, + .l_whence = SEEK_SET, + }; + struct stat st; + + fd = open(p, O_CREAT|O_RDWR|O_NOFOLLOW|O_CLOEXEC|O_NOCTTY, 0600); + if (fd < 0) + return -errno; + + r = fcntl(fd, (operation & LOCK_NB) ? F_OFD_SETLK : F_OFD_SETLKW, &fl); + if (r < 0) { + + /* If the kernel is too old, use good old BSD locks */ + if (errno == EINVAL) + r = flock(fd, operation); + + if (r < 0) + return errno == EAGAIN ? -EBUSY : -errno; + } + + /* If we acquired the lock, let's check if the file + * still exists in the file system. If not, then the + * previous exclusive owner removed it and then closed + * it. In such a case our acquired lock is worthless, + * hence try again. */ + + r = fstat(fd, &st); + if (r < 0) + return -errno; + if (st.st_nlink > 0) + break; + + fd = safe_close(fd); + } + + ret->path = t; + ret->fd = fd; + ret->operation = operation; + + fd = -1; + t = NULL; + + return r; +} + +int make_lock_file_for(const char *p, int operation, LockFile *ret) { + const char *fn; + char *t; + + assert(p); + assert(ret); + + fn = basename(p); + if (!filename_is_valid(fn)) + return -EINVAL; + + t = newa(char, strlen(p) + 2 + 4 + 1); + stpcpy(stpcpy(stpcpy(mempcpy(t, p, fn - p), ".#"), fn), ".lck"); + + return make_lock_file(t, operation, ret); +} + +void release_lock_file(LockFile *f) { + int r; + + if (!f) + return; + + if (f->path) { + + /* If we are the exclusive owner we can safely delete + * the lock file itself. If we are not the exclusive + * owner, we can try becoming it. */ + + if (f->fd >= 0 && + (f->operation & ~LOCK_NB) == LOCK_SH) { + static const struct flock fl = { + .l_type = F_WRLCK, + .l_whence = SEEK_SET, + }; + + r = fcntl(f->fd, F_OFD_SETLK, &fl); + if (r < 0 && errno == EINVAL) + r = flock(f->fd, LOCK_EX|LOCK_NB); + + if (r >= 0) + f->operation = LOCK_EX|LOCK_NB; + } + + if ((f->operation & ~LOCK_NB) == LOCK_EX) + unlink_noerrno(f->path); + + free(f->path); + f->path = NULL; + } + + f->fd = safe_close(f->fd); + f->operation = 0; +} + +static size_t nul_length(const uint8_t *p, size_t sz) { + size_t n = 0; + + while (sz > 0) { + if (*p != 0) + break; + + n++; + p++; + sz--; + } + + return n; +} + +ssize_t sparse_write(int fd, const void *p, size_t sz, size_t run_length) { + const uint8_t *q, *w, *e; + ssize_t l; + + q = w = p; + e = q + sz; + while (q < e) { + size_t n; + + n = nul_length(q, e - q); + + /* If there are more than the specified run length of + * NUL bytes, or if this is the beginning or the end + * of the buffer, then seek instead of write */ + if ((n > run_length) || + (n > 0 && q == p) || + (n > 0 && q + n >= e)) { + if (q > w) { + l = write(fd, w, q - w); + if (l < 0) + return -errno; + if (l != q -w) + return -EIO; + } + + if (lseek(fd, n, SEEK_CUR) == (off_t) -1) + return -errno; + + q += n; + w = q; + } else if (n > 0) + q += n; + else + q ++; + } + + if (q > w) { + l = write(fd, w, q - w); + if (l < 0) + return -errno; + if (l != q - w) + return -EIO; + } + + return q - (const uint8_t*) p; +} + +void sigkill_wait(pid_t *pid) { + if (!pid) + return; + if (*pid <= 1) + return; + + if (kill(*pid, SIGKILL) > 0) + (void) wait_for_terminate(*pid, NULL); +} + +int syslog_parse_priority(const char **p, int *priority, bool with_facility) { + int a = 0, b = 0, c = 0; + int k; + + assert(p); + assert(*p); + assert(priority); + + if ((*p)[0] != '<') + return 0; + + if (!strchr(*p, '>')) + return 0; + + if ((*p)[2] == '>') { + c = undecchar((*p)[1]); + k = 3; + } else if ((*p)[3] == '>') { + b = undecchar((*p)[1]); + c = undecchar((*p)[2]); + k = 4; + } else if ((*p)[4] == '>') { + a = undecchar((*p)[1]); + b = undecchar((*p)[2]); + c = undecchar((*p)[3]); + k = 5; + } else + return 0; + + if (a < 0 || b < 0 || c < 0 || + (!with_facility && (a || b || c > 7))) + return 0; + + if (with_facility) + *priority = a*100 + b*10 + c; + else + *priority = (*priority & LOG_FACMASK) | c; + + *p += k; + return 1; +} + +ssize_t string_table_lookup(const char * const *table, size_t len, const char *key) { + size_t i; + + if (!key) + return -1; + + for (i = 0; i < len; ++i) + if (streq_ptr(table[i], key)) + return (ssize_t)i; + + return -1; +} + +void cmsg_close_all(struct msghdr *mh) { + struct cmsghdr *cmsg; + + assert(mh); + + for (cmsg = CMSG_FIRSTHDR(mh); cmsg; cmsg = CMSG_NXTHDR(mh, cmsg)) + if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) + close_many((int*) CMSG_DATA(cmsg), (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int)); +}