#include <mLib/alloc.h>
#include <mLib/dstr.h>
#include <mLib/macros.h>
+#include <mLib/pool.h>
#include "checkpath.h"
struct elt *e_link; /* Pointer to the next one along */
size_t e_offset; /* Offset of name in path string */
unsigned e_flags; /* Various useful flags */
+#define EF_STICKY 1u /* Directory has sticky bit set */
char e_name[1]; /* Name of the directory */
};
-#define f_sticky 1u /* Directory has sticky bit set */
-
-#define f_last 1u /* This is the final item to check */
+struct state {
+ pool *p; /* Allocation pool */
+ struct elt *sp; /* Stack pointer for list */
+ dstr path; /* Current path string */
+ dstr link; /* Symbolic link target string */
+ dstr msg; /* Message string */
+};
/*----- Static variables --------------------------------------------------*/
static const struct elt rootnode = { 0, 0, 0 }; /* Root of the list */
-static struct elt *sp; /* Stack pointer for list */
-static dstr d = DSTR_INIT; /* Current path string */
/*----- Main code ---------------------------------------------------------*/
/* --- @splitpath@ --- *
*
- * Arguments: @const char *path@ = path string to break apart
+ * Arguments: @struct state *state@ = pointer to state
+ * @const char *path@ = path string to break apart
* @struct elt *tail@ = tail block to attach to end of list
*
* Returns: Pointer to the new list head.
* be pushed onto the directory stack as required.
*/
-static struct elt *splitpath(const char *path, struct elt *tail)
+static struct elt *splitpath(struct state *state,
+ const char *path, struct elt *tail)
{
struct elt *head, **ee = &head, *e;
+ size_t n;
while (*path) {
- size_t n;
/* --- Either a leading `/', or a doubled one --- *
*
*/
n = strcspn(path, "/");
- e = xmalloc(sizeof(struct elt) + n + 1);
+ e = pool_alloc(state->p, offsetof(struct elt, e_name) + n + 1);
memcpy(e->e_name, path, n);
e->e_name[n] = 0;
e->e_flags = 0;
/* --- @pop@ --- *
*
- * Arguments: ---
+ * Arguments: @struct state *state@ = working state
*
* Returns: ---
*
* Use: Removes the top item from the directory stack.
*/
-static void pop(void)
+static void pop(struct state *state)
{
+ struct elt *sp = state->sp, *e;
+
if (sp->e_link) {
- struct elt *e = sp->e_link;
- d.len = sp->e_offset;
- DPUTZ(&d);
- xfree(sp); sp = e;
+ e = sp->e_link;
+ state->path.len = sp->e_offset;
+ DPUTZ(&state->path);
+ state->sp = e;
}
}
/* --- @popall@ --- *
*
- * Arguments: ---
+ * Arguments: @struct state *state@ = working state
*
* Returns: ---
*
* Use: Removes all the items from the directory stack.
*/
-static void popall(void)
- { while (sp->e_link) pop(); }
+static void popall(struct state *state)
+ { state->sp = (/*unconst*/ struct elt *)&rootnode; state->path.len = 0; }
/* --- @push@ --- *
*
- * Arguments: @struct elt *e@ = pointer to directory element
+ * Arguments: @struct state *state@ = working state
+ * @struct elt *e@ = pointer to directory element
*
* Returns: ---
*
* Use: Pushes a new subdirectory onto the stack.
*/
-static void push(struct elt *e)
+static void push(struct state *state, struct elt *e)
{
- e->e_link = sp;
- e->e_offset = d.len;
- DPUTC(&d, '/');
- DPUTS(&d, e->e_name);
- sp = e;
+ e->e_link = state->sp;
+ e->e_offset = state->path.len;
+ DPUTC(&state->path, '/');
+ DPUTS(&state->path, e->e_name);
+ state->sp = e;
}
/* --- @report@ --- *
*
- * Arguments: @const struct checkpath *cp@ = pointer to context
+ * Arguments: @struct state *state@ = pointer to state
+ * @const struct checkpath *cp@ = pointer to query
* @unsigned what@ = what sort of report is this?
* @int verbose@ = how verbose is this?
* @const char *p@ = what path does it refer to?
* Use: Formats and presents messages to the client.
*/
-static void report(const struct checkpath *cp, unsigned what, int verbose,
+static void report(struct state *state, const struct checkpath *cp,
+ unsigned what, int verbose,
const char *p, const char *msg, ...)
{
- dstr d = DSTR_INIT;
va_list ap;
const char *q = msg;
const char *s;
/* --- Format the message nicely --- */
+ dstr_reset(&state->msg);
va_start(ap, msg);
if (verbose > 1)
- dstr_puts(&d, "[ ");
+ dstr_puts(&state->msg, "[ ");
if (p)
- dstr_putf(&d, "Path: %s: ", p);
+ dstr_putf(&state->msg, "Path: %s: ", p);
while (*q) {
if (*q == '%') {
q++;
switch (*q) {
case 'e':
- dstr_puts(&d, strerror(e));
+ dstr_puts(&state->msg, strerror(e));
break;
case 'u':
- u = (uid_t)va_arg(ap, int);
+ u = (uid_t)va_arg(ap, long);
if ((pw = getpwuid(u)) != 0)
- dstr_putf(&d, "`%s'", pw->pw_name);
+ dstr_putf(&state->msg, "`%s'", pw->pw_name);
else
- dstr_putf(&d, "%i", (int)u);
+ dstr_putf(&state->msg, "#%ld", (long)u);
break;
case 'g':
- g = (gid_t)va_arg(ap, int);
+ g = (gid_t)va_arg(ap, long);
if ((gr = getgrgid(g)) != 0)
- dstr_putf(&d, "`%s'", gr->gr_name);
+ dstr_putf(&state->msg, "`%s'", gr->gr_name);
else
- dstr_putf(&d, "%i", (int)g);
+ dstr_putf(&state->msg, "#%ld", (long)g);
break;
case 's':
s = va_arg(ap, const char *);
- dstr_puts(&d, s);
+ dstr_puts(&state->msg, s);
break;
case '%':
- dstr_putc(&d, '%');
+ dstr_putc(&state->msg, '%');
break;
default:
- dstr_putc(&d, '%');
- dstr_putc(&d, *q);
+ dstr_putc(&state->msg, '%');
+ dstr_putc(&state->msg, *q);
break;
}
q++;
} else {
n = strcspn(q, "%");
- DPUTM(&d, q, n);
+ DPUTM(&state->msg, q, n);
q += n;
}
}
if (verbose > 1)
- dstr_puts(&d, " ]");
- DPUTZ(&d);
- cp->cp_report(what, verbose, p, d.buf, cp->cp_arg);
- dstr_destroy(&d);
+ dstr_puts(&state->msg, " ]");
+ DPUTZ(&state->msg);
+ cp->cp_report(what, verbose, p, state->msg.buf, cp->cp_arg);
va_end(ap);
}
*
* Arguments: @const char *p@ = name of directory to check
* @struct stat *st@ = pointer to @stat@(2) block for it
- * @const struct checkpath *cp@ = pointer to caller parameters
- * @unsigned f@ = various flags
+ * @struct state *state@ = pointer to state
+ * @const struct checkpath *cp@ = pointer to query
+ * @unsigned f@ = various flags (@SF_...@)
*
* Returns: Zero if everything's OK, else bitmask of problems.
*
* Use: Performs the main load of sanity-checking on a directory.
+ * If @SF_LAST@ is not set then sticky directories are always
+ * acceptable.
*/
+#define SF_LAST 1u /* This is the final item to check */
+
static unsigned sanity(const char *p, struct stat *st,
- const struct checkpath *cp, unsigned f)
+ struct state *state, const struct checkpath *cp,
+ unsigned f)
{
unsigned bad = 0;
int stickyok = 0;
unsigned b;
if (S_ISDIR(st->st_mode) &&
- (!(f & f_last) || (cp->cp_what & CP_STICKYOK)))
- stickyok = 01000;
+ (!(f & SF_LAST) || (cp->cp_what & CP_STICKYOK)))
+ stickyok = S_ISVTX;
/* --- Check for world-writability --- */
if ((cp->cp_what & CP_WRWORLD) &&
- (st->st_mode & (0002 | stickyok)) == 0002) {
+ (st->st_mode & (S_IWOTH | stickyok)) == S_IWOTH) {
bad |= CP_WRWORLD;
- report(cp, CP_WRWORLD, 1, p, "** world writable **");
+ report(state, cp, CP_WRWORLD, 1, p, "** world writable **");
}
/* --- Check for group-writability --- */
if ((cp->cp_what & (CP_WRGRP | CP_WROTHGRP)) &&
- (st->st_mode & (0020 | stickyok)) == 0020) {
+ (st->st_mode & (S_IWGRP | stickyok)) == S_IWGRP) {
b = CP_WRGRP;
if (cp->cp_what & CP_WROTHGRP) {
}
if (b) {
bad |= b;
- report(cp, b, 1, p, "writable by %sgroup %g",
- (b == CP_WROTHGRP) ? "other " : "", st->st_gid);
+ report(state, cp, b, 1, p, "writable by %sgroup %g",
+ (b == CP_WROTHGRP) ? "other " : "", (long)st->st_gid);
}
}
st->st_uid != cp->cp_uid &&
st->st_uid != 0) {
bad |= CP_WROTHUSR;
- report(cp, CP_WROTHUSR, 1, p, "owner is user %u", st->st_uid);
+ report(state, cp, CP_WROTHUSR, 1, p,
+ "owner is user %u", (long)st->st_uid);
}
/* --- Done sanity check --- */
{
char cwd[PATH_MAX];
struct elt *e, *ee;
+ struct state *state;
+ pool *pp;
struct stat st;
unsigned bad = 0;
+ int i;
- /* --- Initialize stack pointer and path string --- */
+ /* --- Initialize the state --- */
- sp = (/*unconst*/ struct elt *)&rootnode;
- dstr_destroy(&d);
+ pp = pool_create(arena_global);
+ state = pool_alloc(pp, sizeof(*state));
+ state->p = pp;
+ state->sp = (/*unconst*/ struct elt *)&rootnode;
+ dstr_create(&state->path);
+ dstr_create(&state->link);
+ dstr_create(&state->msg);
/* --- Try to find the current directory --- */
if (!getcwd(cwd, sizeof(cwd))) {
- report(cp, CP_ERROR, 0, 0, "can't find current directory: %e");
+ report(state, cp, CP_ERROR, 0, 0, "can't find current directory: %e");
return (CP_ERROR);
}
/* --- Check that the root directory is OK --- */
if (stat("/", &st)) {
- report(cp, CP_ERROR, 0, 0, "can't stat root directory: %e");
+ report(state, cp, CP_ERROR, 0, 0, "can't stat root directory: %e");
return (CP_ERROR);
}
- report(cp, CP_REPORT, 3, p, "begin scan");
- bad |= sanity("/", &st, cp, 0);
+ report(state, cp, CP_REPORT, 3, p, "begin scan");
+ bad |= sanity("/", &st, state, cp, 0);
/* --- Get the initial list of things to process --- */
- ee = splitpath(p, 0);
+ ee = splitpath(state, p, 0);
if (*p != '/')
- ee = splitpath(cwd, ee);
+ ee = splitpath(state, cwd, ee);
/* --- While there are list items which still need doing --- */
/* --- Strip off simple `.' elements --- */
if (strcmp(ee->e_name, ".") == 0) {
- xfree(ee);
ee = e;
continue;
}
/* --- Backtrack on `..' elements --- */
else if (strcmp(ee->e_name, "..") == 0) {
- pop();
- xfree(ee);
+ pop(state);
ee = e;
continue;
}
/* --- Everything else gets pushed on the end --- */
- push(ee);
+ push(state, ee);
ee = e;
/* --- Find out what sort of a thing this is --- */
- if (lstat(d.buf, &st)) {
- report(cp, CP_ERROR, 0, d.buf, "can't stat: %e");
+ if (lstat(state->path.buf, &st)) {
+ report(state, cp, CP_ERROR, 0, state->path.buf, "can't stat: %e");
bad |= CP_ERROR;
break;
}
/* --- Handle symbolic links specially --- */
if (S_ISLNK(st.st_mode)) {
- dstr buf = DSTR_INIT;
- int i;
/* --- Resolve the link --- */
- dstr_ensure(&buf, st.st_size + 1);
- if ((i = readlink(d.buf, buf.buf, buf.sz)) < 0) {
- report(cp, CP_ERROR, 0, d.buf, "can't readlink: %e");
+ dstr_reset(&state->link);
+ dstr_ensure(&state->link, st.st_size + 1);
+ if ((i = readlink(state->path.buf,
+ state->link.buf, state->link.sz)) < 0) {
+ report(state, cp, CP_ERROR, 0, state->path.buf,
+ "can't readlink: %e");
bad |= CP_ERROR;
break;
}
- buf.buf[i] = 0;
- report(cp, CP_SYMLINK, 2, d.buf, "symlink -> `%s'", buf.buf);
+ state->link.buf[i] = 0;
+ report(state, cp, CP_SYMLINK, 2, state->path.buf,
+ "symlink -> `%s'", state->link.buf);
/* --- Handle sticky parents --- *
*
*/
if ((cp->cp_what & CP_WROTHUSR) &&
- (sp->e_link->e_flags & f_sticky) &&
+ (state->sp->e_link->e_flags & EF_STICKY) &&
st.st_uid != cp->cp_uid && st.st_uid != 0) {
bad |= CP_WROTHUSR;
- report(cp, CP_WROTHUSR, 1, d.buf,
- "symlink modifiable by user %u", st.st_uid);
+ report(state, cp, CP_WROTHUSR, 1, state->path.buf,
+ "symlink modifiable by user %u", (long)st.st_uid);
}
/* --- Sort out what to do from here --- */
- if (buf.buf[0] == '/')
- popall();
+ if (state->link.buf[0] == '/')
+ popall(state);
else
- pop();
- ee = splitpath(buf.buf, ee);
- dstr_destroy(&buf);
+ pop(state);
+ ee = splitpath(state, state->link.buf, ee);
continue;
}
/* --- Run the sanity check on this path element --- */
- bad |= sanity(d.buf, &st, cp, ee ? 0 : f_last);
+ bad |= sanity(state->path.buf, &st, state, cp, ee ? 0 : SF_LAST);
if (S_ISDIR(st.st_mode)) {
- if (st.st_mode & 01000)
- sp->e_flags |= f_sticky;
- report(cp, CP_REPORT, 4, d.buf, "directory");
+ if (st.st_mode & S_ISVTX)
+ state->sp->e_flags |= EF_STICKY;
+ report(state, cp, CP_REPORT, 4, state->path.buf, "directory");
continue;
}
if (ee) {
if (!(bad & CP_ERROR))
- report(cp, CP_ERROR, 0, 0, "junk left over after reaching leaf");
+ report(state, cp, CP_ERROR, 0, 0, "junk left over after reaching leaf");
while (ee) {
e = ee->e_link;
- xfree(ee);
ee = e;
}
}
- popall();
+ dstr_destroy(&state->path);
+ dstr_destroy(&state->link);
+ dstr_destroy(&state->msg);
+ pool_destroy(state->p);
return (bad);
}
~mdw / checkpath / blobdiff