xref: /freebsd/contrib/llvm-project/libcxx/src/filesystem/operations.cpp (revision b9fa1500cb2265b95927e19b9d2119ca26d65be3)
1 //===----------------------------------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 
9 #include <__assert>
10 #include <__config>
11 #include <__utility/unreachable.h>
12 #include <array>
13 #include <climits>
14 #include <cstdlib>
15 #include <filesystem>
16 #include <iterator>
17 #include <string_view>
18 #include <type_traits>
19 #include <vector>
20 
21 #include "error.h"
22 #include "file_descriptor.h"
23 #include "path_parser.h"
24 #include "posix_compat.h"
25 #include "time_utils.h"
26 
27 #if defined(_LIBCPP_WIN32API)
28 #  define WIN32_LEAN_AND_MEAN
29 #  define NOMINMAX
30 #  include <windows.h>
31 #else
32 #  include <dirent.h>
33 #  include <sys/stat.h>
34 #  include <sys/statvfs.h>
35 #  include <unistd.h>
36 #endif
37 #include <fcntl.h> /* values for fchmodat */
38 #include <time.h>
39 
40 #if __has_include(<sys/sendfile.h>)
41 #  include <sys/sendfile.h>
42 #  define _LIBCPP_FILESYSTEM_USE_SENDFILE
43 #elif defined(__APPLE__) || __has_include(<copyfile.h>)
44 #  include <copyfile.h>
45 #  define _LIBCPP_FILESYSTEM_USE_COPYFILE
46 #else
47 #  include <fstream>
48 #  define _LIBCPP_FILESYSTEM_USE_FSTREAM
49 #endif
50 
51 #if defined(__ELF__) && defined(_LIBCPP_LINK_RT_LIB)
52 #  pragma comment(lib, "rt")
53 #endif
54 
55 _LIBCPP_BEGIN_NAMESPACE_FILESYSTEM
56 
57 using detail::capture_errno;
58 using detail::ErrorHandler;
59 using detail::StatT;
60 using detail::TimeSpec;
61 using parser::createView;
62 using parser::PathParser;
63 using parser::string_view_t;
64 
65 static path __do_absolute(const path& p, path* cwd, error_code* ec) {
66   if (ec)
67     ec->clear();
68   if (p.is_absolute())
69     return p;
70   *cwd = __current_path(ec);
71   if (ec && *ec)
72     return {};
73   return (*cwd) / p;
74 }
75 
76 path __absolute(const path& p, error_code* ec) {
77   path cwd;
78   return __do_absolute(p, &cwd, ec);
79 }
80 
81 path __canonical(path const& orig_p, error_code* ec) {
82   path cwd;
83   ErrorHandler<path> err("canonical", ec, &orig_p, &cwd);
84 
85   path p = __do_absolute(orig_p, &cwd, ec);
86 #if (defined(_POSIX_VERSION) && _POSIX_VERSION >= 200112) || defined(_LIBCPP_WIN32API)
87   std::unique_ptr<path::value_type, decltype(&::free)> hold(detail::realpath(p.c_str(), nullptr), &::free);
88   if (hold.get() == nullptr)
89     return err.report(capture_errno());
90   return {hold.get()};
91 #else
92 #  if defined(__MVS__) && !defined(PATH_MAX)
93   path::value_type buff[_XOPEN_PATH_MAX + 1];
94 #  else
95   path::value_type buff[PATH_MAX + 1];
96 #  endif
97   path::value_type* ret;
98   if ((ret = detail::realpath(p.c_str(), buff)) == nullptr)
99     return err.report(capture_errno());
100   return {ret};
101 #endif
102 }
103 
104 void __copy(const path& from, const path& to, copy_options options, error_code* ec) {
105   ErrorHandler<void> err("copy", ec, &from, &to);
106 
107   const bool sym_status = bool(options & (copy_options::create_symlinks | copy_options::skip_symlinks));
108 
109   const bool sym_status2 = bool(options & copy_options::copy_symlinks);
110 
111   error_code m_ec1;
112   StatT f_st = {};
113   const file_status f =
114       sym_status || sym_status2 ? detail::posix_lstat(from, f_st, &m_ec1) : detail::posix_stat(from, f_st, &m_ec1);
115   if (m_ec1)
116     return err.report(m_ec1);
117 
118   StatT t_st          = {};
119   const file_status t = sym_status ? detail::posix_lstat(to, t_st, &m_ec1) : detail::posix_stat(to, t_st, &m_ec1);
120 
121   if (not status_known(t))
122     return err.report(m_ec1);
123 
124   if (!exists(f) || is_other(f) || is_other(t) || (is_directory(f) && is_regular_file(t)) ||
125       detail::stat_equivalent(f_st, t_st)) {
126     return err.report(errc::function_not_supported);
127   }
128 
129   if (ec)
130     ec->clear();
131 
132   if (is_symlink(f)) {
133     if (bool(copy_options::skip_symlinks & options)) {
134       // do nothing
135     } else if (not exists(t)) {
136       __copy_symlink(from, to, ec);
137     } else {
138       return err.report(errc::file_exists);
139     }
140     return;
141   } else if (is_regular_file(f)) {
142     if (bool(copy_options::directories_only & options)) {
143       // do nothing
144     } else if (bool(copy_options::create_symlinks & options)) {
145       __create_symlink(from, to, ec);
146     } else if (bool(copy_options::create_hard_links & options)) {
147       __create_hard_link(from, to, ec);
148     } else if (is_directory(t)) {
149       __copy_file(from, to / from.filename(), options, ec);
150     } else {
151       __copy_file(from, to, options, ec);
152     }
153     return;
154   } else if (is_directory(f) && bool(copy_options::create_symlinks & options)) {
155     return err.report(errc::is_a_directory);
156   } else if (is_directory(f) && (bool(copy_options::recursive & options) || copy_options::none == options)) {
157     if (!exists(t)) {
158       // create directory to with attributes from 'from'.
159       __create_directory(to, from, ec);
160       if (ec && *ec) {
161         return;
162       }
163     }
164     directory_iterator it = ec ? directory_iterator(from, *ec) : directory_iterator(from);
165     if (ec && *ec) {
166       return;
167     }
168     error_code m_ec2;
169     for (; it != directory_iterator(); it.increment(m_ec2)) {
170       if (m_ec2) {
171         return err.report(m_ec2);
172       }
173       __copy(it->path(), to / it->path().filename(), options | copy_options::__in_recursive_copy, ec);
174       if (ec && *ec) {
175         return;
176       }
177     }
178   }
179 }
180 
181 namespace detail {
182 namespace {
183 
184 #if defined(_LIBCPP_FILESYSTEM_USE_SENDFILE)
185 bool copy_file_impl(FileDescriptor& read_fd, FileDescriptor& write_fd, error_code& ec) {
186   size_t count = read_fd.get_stat().st_size;
187   do {
188     ssize_t res;
189     if ((res = ::sendfile(write_fd.fd, read_fd.fd, nullptr, count)) == -1) {
190       ec = capture_errno();
191       return false;
192     }
193     count -= res;
194   } while (count > 0);
195 
196   ec.clear();
197 
198   return true;
199 }
200 #elif defined(_LIBCPP_FILESYSTEM_USE_COPYFILE)
201 bool copy_file_impl(FileDescriptor& read_fd, FileDescriptor& write_fd, error_code& ec) {
202   struct CopyFileState {
203     copyfile_state_t state;
204     CopyFileState() { state = copyfile_state_alloc(); }
205     ~CopyFileState() { copyfile_state_free(state); }
206 
207   private:
208     CopyFileState(CopyFileState const&)            = delete;
209     CopyFileState& operator=(CopyFileState const&) = delete;
210   };
211 
212   CopyFileState cfs;
213   if (fcopyfile(read_fd.fd, write_fd.fd, cfs.state, COPYFILE_DATA) < 0) {
214     ec = capture_errno();
215     return false;
216   }
217 
218   ec.clear();
219   return true;
220 }
221 #elif defined(_LIBCPP_FILESYSTEM_USE_FSTREAM)
222 bool copy_file_impl(FileDescriptor& read_fd, FileDescriptor& write_fd, error_code& ec) {
223   ifstream in;
224   in.__open(read_fd.fd, ios::binary);
225   if (!in.is_open()) {
226     // This assumes that __open didn't reset the error code.
227     ec = capture_errno();
228     return false;
229   }
230   read_fd.fd = -1;
231   ofstream out;
232   out.__open(write_fd.fd, ios::binary);
233   if (!out.is_open()) {
234     ec = capture_errno();
235     return false;
236   }
237   write_fd.fd = -1;
238 
239   if (in.good() && out.good()) {
240     using InIt  = istreambuf_iterator<char>;
241     using OutIt = ostreambuf_iterator<char>;
242     InIt bin(in);
243     InIt ein;
244     OutIt bout(out);
245     copy(bin, ein, bout);
246   }
247   if (out.fail() || in.fail()) {
248     ec = make_error_code(errc::io_error);
249     return false;
250   }
251 
252   ec.clear();
253   return true;
254 }
255 #else
256 #  error "Unknown implementation for copy_file_impl"
257 #endif // copy_file_impl implementation
258 
259 } // end anonymous namespace
260 } // end namespace detail
261 
262 bool __copy_file(const path& from, const path& to, copy_options options, error_code* ec) {
263   using detail::FileDescriptor;
264   ErrorHandler<bool> err("copy_file", ec, &to, &from);
265 
266   error_code m_ec;
267   FileDescriptor from_fd = FileDescriptor::create_with_status(&from, m_ec, O_RDONLY | O_NONBLOCK | O_BINARY);
268   if (m_ec)
269     return err.report(m_ec);
270 
271   auto from_st           = from_fd.get_status();
272   StatT const& from_stat = from_fd.get_stat();
273   if (!is_regular_file(from_st)) {
274     if (not m_ec)
275       m_ec = make_error_code(errc::not_supported);
276     return err.report(m_ec);
277   }
278 
279   const bool skip_existing      = bool(copy_options::skip_existing & options);
280   const bool update_existing    = bool(copy_options::update_existing & options);
281   const bool overwrite_existing = bool(copy_options::overwrite_existing & options);
282 
283   StatT to_stat_path;
284   file_status to_st = detail::posix_stat(to, to_stat_path, &m_ec);
285   if (!status_known(to_st))
286     return err.report(m_ec);
287 
288   const bool to_exists = exists(to_st);
289   if (to_exists && !is_regular_file(to_st))
290     return err.report(errc::not_supported);
291 
292   if (to_exists && detail::stat_equivalent(from_stat, to_stat_path))
293     return err.report(errc::file_exists);
294 
295   if (to_exists && skip_existing)
296     return false;
297 
298   bool ShouldCopy = [&]() {
299     if (to_exists && update_existing) {
300       auto from_time = detail::extract_mtime(from_stat);
301       auto to_time   = detail::extract_mtime(to_stat_path);
302       if (from_time.tv_sec < to_time.tv_sec)
303         return false;
304       if (from_time.tv_sec == to_time.tv_sec && from_time.tv_nsec <= to_time.tv_nsec)
305         return false;
306       return true;
307     }
308     if (!to_exists || overwrite_existing)
309       return true;
310     return err.report(errc::file_exists);
311   }();
312   if (!ShouldCopy)
313     return false;
314 
315   // Don't truncate right away. We may not be opening the file we originally
316   // looked at; we'll check this later.
317   int to_open_flags = O_WRONLY | O_BINARY;
318   if (!to_exists)
319     to_open_flags |= O_CREAT;
320   FileDescriptor to_fd = FileDescriptor::create_with_status(&to, m_ec, to_open_flags, from_stat.st_mode);
321   if (m_ec)
322     return err.report(m_ec);
323 
324   if (to_exists) {
325     // Check that the file we initially stat'ed is equivalent to the one
326     // we opened.
327     // FIXME: report this better.
328     if (!detail::stat_equivalent(to_stat_path, to_fd.get_stat()))
329       return err.report(errc::bad_file_descriptor);
330 
331     // Set the permissions and truncate the file we opened.
332     if (detail::posix_fchmod(to_fd, from_stat, m_ec))
333       return err.report(m_ec);
334     if (detail::posix_ftruncate(to_fd, 0, m_ec))
335       return err.report(m_ec);
336   }
337 
338   if (!detail::copy_file_impl(from_fd, to_fd, m_ec)) {
339     // FIXME: Remove the dest file if we failed, and it didn't exist previously.
340     return err.report(m_ec);
341   }
342 
343   return true;
344 }
345 
346 void __copy_symlink(const path& existing_symlink, const path& new_symlink, error_code* ec) {
347   const path real_path(__read_symlink(existing_symlink, ec));
348   if (ec && *ec) {
349     return;
350   }
351 #if defined(_LIBCPP_WIN32API)
352   error_code local_ec;
353   if (is_directory(real_path, local_ec))
354     __create_directory_symlink(real_path, new_symlink, ec);
355   else
356 #endif
357     __create_symlink(real_path, new_symlink, ec);
358 }
359 
360 bool __create_directories(const path& p, error_code* ec) {
361   ErrorHandler<bool> err("create_directories", ec, &p);
362 
363   error_code m_ec;
364   auto const st = detail::posix_stat(p, &m_ec);
365   if (!status_known(st))
366     return err.report(m_ec);
367   else if (is_directory(st))
368     return false;
369   else if (exists(st))
370     return err.report(errc::file_exists);
371 
372   const path parent = p.parent_path();
373   if (!parent.empty()) {
374     const file_status parent_st = status(parent, m_ec);
375     if (not status_known(parent_st))
376       return err.report(m_ec);
377     if (not exists(parent_st)) {
378       if (parent == p)
379         return err.report(errc::invalid_argument);
380       __create_directories(parent, ec);
381       if (ec && *ec) {
382         return false;
383       }
384     } else if (not is_directory(parent_st))
385       return err.report(errc::not_a_directory);
386   }
387   bool ret = __create_directory(p, &m_ec);
388   if (m_ec)
389     return err.report(m_ec);
390   return ret;
391 }
392 
393 bool __create_directory(const path& p, error_code* ec) {
394   ErrorHandler<bool> err("create_directory", ec, &p);
395 
396   if (detail::mkdir(p.c_str(), static_cast<int>(perms::all)) == 0)
397     return true;
398 
399   if (errno != EEXIST)
400     return err.report(capture_errno());
401   error_code mec = capture_errno();
402   error_code ignored_ec;
403   const file_status st = status(p, ignored_ec);
404   if (!is_directory(st))
405     return err.report(mec);
406   return false;
407 }
408 
409 bool __create_directory(path const& p, path const& attributes, error_code* ec) {
410   ErrorHandler<bool> err("create_directory", ec, &p, &attributes);
411 
412   StatT attr_stat;
413   error_code mec;
414   file_status st = detail::posix_stat(attributes, attr_stat, &mec);
415   if (!status_known(st))
416     return err.report(mec);
417   if (!is_directory(st))
418     return err.report(errc::not_a_directory, "the specified attribute path is invalid");
419 
420   if (detail::mkdir(p.c_str(), attr_stat.st_mode) == 0)
421     return true;
422 
423   if (errno != EEXIST)
424     return err.report(capture_errno());
425 
426   mec = capture_errno();
427   error_code ignored_ec;
428   st = status(p, ignored_ec);
429   if (!is_directory(st))
430     return err.report(mec);
431   return false;
432 }
433 
434 void __create_directory_symlink(path const& from, path const& to, error_code* ec) {
435   ErrorHandler<void> err("create_directory_symlink", ec, &from, &to);
436   if (detail::symlink_dir(from.c_str(), to.c_str()) == -1)
437     return err.report(capture_errno());
438 }
439 
440 void __create_hard_link(const path& from, const path& to, error_code* ec) {
441   ErrorHandler<void> err("create_hard_link", ec, &from, &to);
442   if (detail::link(from.c_str(), to.c_str()) == -1)
443     return err.report(capture_errno());
444 }
445 
446 void __create_symlink(path const& from, path const& to, error_code* ec) {
447   ErrorHandler<void> err("create_symlink", ec, &from, &to);
448   if (detail::symlink_file(from.c_str(), to.c_str()) == -1)
449     return err.report(capture_errno());
450 }
451 
452 path __current_path(error_code* ec) {
453   ErrorHandler<path> err("current_path", ec);
454 
455 #if defined(_LIBCPP_WIN32API) || defined(__GLIBC__) || defined(__APPLE__)
456   // Common extension outside of POSIX getcwd() spec, without needing to
457   // preallocate a buffer. Also supported by a number of other POSIX libcs.
458   int size              = 0;
459   path::value_type* ptr = nullptr;
460   typedef decltype(&::free) Deleter;
461   Deleter deleter = &::free;
462 #else
463   errno     = 0; // Note: POSIX mandates that modifying `errno` is thread-safe.
464   auto size = ::pathconf(".", _PC_PATH_MAX);
465   if (size == -1) {
466     if (errno != 0) {
467       return err.report(capture_errno(), "call to pathconf failed");
468 
469       // `pathconf` returns `-1` without an error to indicate no limit.
470     } else {
471 #  if defined(__MVS__) && !defined(PATH_MAX)
472       size = _XOPEN_PATH_MAX + 1;
473 #  else
474       size = PATH_MAX + 1;
475 #  endif
476     }
477   }
478 
479   auto buff             = unique_ptr<path::value_type[]>(new path::value_type[size + 1]);
480   path::value_type* ptr = buff.get();
481 
482   // Preallocated buffer, don't free the buffer in the second unique_ptr
483   // below.
484   struct Deleter {
485     void operator()(void*) const {}
486   };
487   Deleter deleter;
488 #endif
489 
490   unique_ptr<path::value_type, Deleter> hold(detail::getcwd(ptr, size), deleter);
491   if (hold.get() == nullptr)
492     return err.report(capture_errno(), "call to getcwd failed");
493 
494   return {hold.get()};
495 }
496 
497 void __current_path(const path& p, error_code* ec) {
498   ErrorHandler<void> err("current_path", ec, &p);
499   if (detail::chdir(p.c_str()) == -1)
500     err.report(capture_errno());
501 }
502 
503 bool __equivalent(const path& p1, const path& p2, error_code* ec) {
504   ErrorHandler<bool> err("equivalent", ec, &p1, &p2);
505 
506   error_code ec1, ec2;
507   StatT st1 = {}, st2 = {};
508   auto s1 = detail::posix_stat(p1.native(), st1, &ec1);
509   if (!exists(s1))
510     return err.report(errc::not_supported);
511   auto s2 = detail::posix_stat(p2.native(), st2, &ec2);
512   if (!exists(s2))
513     return err.report(errc::not_supported);
514 
515   return detail::stat_equivalent(st1, st2);
516 }
517 
518 uintmax_t __file_size(const path& p, error_code* ec) {
519   ErrorHandler<uintmax_t> err("file_size", ec, &p);
520 
521   error_code m_ec;
522   StatT st;
523   file_status fst = detail::posix_stat(p, st, &m_ec);
524   if (!exists(fst) || !is_regular_file(fst)) {
525     errc error_kind = is_directory(fst) ? errc::is_a_directory : errc::not_supported;
526     if (!m_ec)
527       m_ec = make_error_code(error_kind);
528     return err.report(m_ec);
529   }
530   // is_regular_file(p) == true
531   return static_cast<uintmax_t>(st.st_size);
532 }
533 
534 uintmax_t __hard_link_count(const path& p, error_code* ec) {
535   ErrorHandler<uintmax_t> err("hard_link_count", ec, &p);
536 
537   error_code m_ec;
538   StatT st;
539   detail::posix_stat(p, st, &m_ec);
540   if (m_ec)
541     return err.report(m_ec);
542   return static_cast<uintmax_t>(st.st_nlink);
543 }
544 
545 bool __fs_is_empty(const path& p, error_code* ec) {
546   ErrorHandler<bool> err("is_empty", ec, &p);
547 
548   error_code m_ec;
549   StatT pst;
550   auto st = detail::posix_stat(p, pst, &m_ec);
551   if (m_ec)
552     return err.report(m_ec);
553   else if (!is_directory(st) && !is_regular_file(st))
554     return err.report(errc::not_supported);
555   else if (is_directory(st)) {
556     auto it = ec ? directory_iterator(p, *ec) : directory_iterator(p);
557     if (ec && *ec)
558       return false;
559     return it == directory_iterator{};
560   } else if (is_regular_file(st))
561     return static_cast<uintmax_t>(pst.st_size) == 0;
562 
563   __libcpp_unreachable();
564 }
565 
566 file_time_type __last_write_time(const path& p, error_code* ec) {
567   using namespace chrono;
568   ErrorHandler<file_time_type> err("last_write_time", ec, &p);
569 
570   error_code m_ec;
571   StatT st;
572   detail::posix_stat(p, st, &m_ec);
573   if (m_ec)
574     return err.report(m_ec);
575   return detail::__extract_last_write_time(p, st, ec);
576 }
577 
578 void __last_write_time(const path& p, file_time_type new_time, error_code* ec) {
579   using detail::fs_time;
580   ErrorHandler<void> err("last_write_time", ec, &p);
581 
582 #if defined(_LIBCPP_WIN32API)
583   TimeSpec ts;
584   if (!fs_time::convert_to_timespec(ts, new_time))
585     return err.report(errc::value_too_large);
586   detail::WinHandle h(p.c_str(), FILE_WRITE_ATTRIBUTES, 0);
587   if (!h)
588     return err.report(detail::make_windows_error(GetLastError()));
589   FILETIME last_write = timespec_to_filetime(ts);
590   if (!SetFileTime(h, nullptr, nullptr, &last_write))
591     return err.report(detail::make_windows_error(GetLastError()));
592 #else
593   error_code m_ec;
594   array<TimeSpec, 2> tbuf;
595 #  if !defined(_LIBCPP_USE_UTIMENSAT)
596   // This implementation has a race condition between determining the
597   // last access time and attempting to set it to the same value using
598   // ::utimes
599   StatT st;
600   file_status fst = detail::posix_stat(p, st, &m_ec);
601   if (m_ec)
602     return err.report(m_ec);
603   tbuf[0] = detail::extract_atime(st);
604 #  else
605   tbuf[0].tv_sec  = 0;
606   tbuf[0].tv_nsec = UTIME_OMIT;
607 #  endif
608   if (!fs_time::convert_to_timespec(tbuf[1], new_time))
609     return err.report(errc::value_too_large);
610 
611   detail::set_file_times(p, tbuf, m_ec);
612   if (m_ec)
613     return err.report(m_ec);
614 #endif
615 }
616 
617 void __permissions(const path& p, perms prms, perm_options opts, error_code* ec) {
618   ErrorHandler<void> err("permissions", ec, &p);
619 
620   auto has_opt                = [&](perm_options o) { return bool(o & opts); };
621   const bool resolve_symlinks = !has_opt(perm_options::nofollow);
622   const bool add_perms        = has_opt(perm_options::add);
623   const bool remove_perms     = has_opt(perm_options::remove);
624   _LIBCPP_ASSERT_ARGUMENT_WITHIN_DOMAIN(
625       (add_perms + remove_perms + has_opt(perm_options::replace)) == 1,
626       "One and only one of the perm_options constants 'replace', 'add', or 'remove' must be present in opts");
627 
628   bool set_sym_perms = false;
629   prms &= perms::mask;
630   if (!resolve_symlinks || (add_perms || remove_perms)) {
631     error_code m_ec;
632     file_status st = resolve_symlinks ? detail::posix_stat(p, &m_ec) : detail::posix_lstat(p, &m_ec);
633     set_sym_perms  = is_symlink(st);
634     if (m_ec)
635       return err.report(m_ec);
636     // TODO(hardening): double-check this assertion -- it might be a valid (if rare) case when the permissions are
637     // unknown.
638     _LIBCPP_ASSERT_VALID_EXTERNAL_API_CALL(st.permissions() != perms::unknown, "Permissions unexpectedly unknown");
639     if (add_perms)
640       prms |= st.permissions();
641     else if (remove_perms)
642       prms = st.permissions() & ~prms;
643   }
644   const auto real_perms = static_cast<detail::ModeT>(prms & perms::mask);
645 
646 #if defined(AT_SYMLINK_NOFOLLOW) && defined(AT_FDCWD)
647   const int flags = set_sym_perms ? AT_SYMLINK_NOFOLLOW : 0;
648   if (detail::fchmodat(AT_FDCWD, p.c_str(), real_perms, flags) == -1) {
649     return err.report(capture_errno());
650   }
651 #else
652   if (set_sym_perms)
653     return err.report(errc::operation_not_supported);
654   if (::chmod(p.c_str(), real_perms) == -1) {
655     return err.report(capture_errno());
656   }
657 #endif
658 }
659 
660 path __read_symlink(const path& p, error_code* ec) {
661   ErrorHandler<path> err("read_symlink", ec, &p);
662 
663 #if defined(PATH_MAX) || defined(MAX_SYMLINK_SIZE)
664   struct NullDeleter {
665     void operator()(void*) const {}
666   };
667 #  ifdef MAX_SYMLINK_SIZE
668   const size_t size = MAX_SYMLINK_SIZE + 1;
669 #  else
670   const size_t size = PATH_MAX + 1;
671 #  endif
672   path::value_type stack_buff[size];
673   auto buff = std::unique_ptr<path::value_type[], NullDeleter>(stack_buff);
674 #else
675   StatT sb;
676   if (detail::lstat(p.c_str(), &sb) == -1) {
677     return err.report(capture_errno());
678   }
679   const size_t size = sb.st_size + 1;
680   auto buff         = unique_ptr<path::value_type[]>(new path::value_type[size]);
681 #endif
682   detail::SSizeT ret;
683   if ((ret = detail::readlink(p.c_str(), buff.get(), size)) == -1)
684     return err.report(capture_errno());
685   // Note that `ret` returning `0` would work, resulting in a valid empty string being returned.
686   if (static_cast<size_t>(ret) >= size)
687     return err.report(errc::value_too_large);
688   buff[ret] = 0;
689   return {buff.get()};
690 }
691 
692 bool __remove(const path& p, error_code* ec) {
693   ErrorHandler<bool> err("remove", ec, &p);
694   if (detail::remove(p.c_str()) == -1) {
695     if (errno != ENOENT)
696       err.report(capture_errno());
697     return false;
698   }
699   return true;
700 }
701 
702 // We currently have two implementations of `__remove_all`. The first one is general and
703 // used on platforms where we don't have access to the `openat()` family of POSIX functions.
704 // That implementation uses `directory_iterator`, however it is vulnerable to some race
705 // conditions, see https://reviews.llvm.org/D118134 for details.
706 //
707 // The second implementation is used on platforms where `openat()` & friends are available,
708 // and it threads file descriptors through recursive calls to avoid such race conditions.
709 #if defined(_LIBCPP_WIN32API) || defined(__MVS__)
710 #  define REMOVE_ALL_USE_DIRECTORY_ITERATOR
711 #endif
712 
713 #if defined(REMOVE_ALL_USE_DIRECTORY_ITERATOR)
714 
715 namespace {
716 
717 uintmax_t remove_all_impl(path const& p, error_code& ec) {
718   const auto npos      = static_cast<uintmax_t>(-1);
719   const file_status st = __symlink_status(p, &ec);
720   if (ec)
721     return npos;
722   uintmax_t count = 1;
723   if (is_directory(st)) {
724     for (directory_iterator it(p, ec); !ec && it != directory_iterator(); it.increment(ec)) {
725       auto other_count = remove_all_impl(it->path(), ec);
726       if (ec)
727         return npos;
728       count += other_count;
729     }
730     if (ec)
731       return npos;
732   }
733   if (!__remove(p, &ec))
734     return npos;
735   return count;
736 }
737 
738 } // end namespace
739 
740 uintmax_t __remove_all(const path& p, error_code* ec) {
741   ErrorHandler<uintmax_t> err("remove_all", ec, &p);
742 
743   error_code mec;
744   auto count = remove_all_impl(p, mec);
745   if (mec) {
746     if (mec == errc::no_such_file_or_directory)
747       return 0;
748     return err.report(mec);
749   }
750   return count;
751 }
752 
753 #else // !REMOVE_ALL_USE_DIRECTORY_ITERATOR
754 
755 namespace {
756 
757 template <class Cleanup>
758 struct scope_exit {
759   explicit scope_exit(Cleanup const& cleanup) : cleanup_(cleanup) {}
760 
761   ~scope_exit() { cleanup_(); }
762 
763 private:
764   Cleanup cleanup_;
765 };
766 _LIBCPP_CTAD_SUPPORTED_FOR_TYPE(scope_exit);
767 
768 uintmax_t remove_all_impl(int parent_directory, const path& p, error_code& ec) {
769   // First, try to open the path as a directory.
770   const int options = O_CLOEXEC | O_RDONLY | O_DIRECTORY | O_NOFOLLOW;
771   int fd            = ::openat(parent_directory, p.c_str(), options);
772   if (fd != -1) {
773     // If that worked, iterate over the contents of the directory and
774     // remove everything in it, recursively.
775     DIR* stream = ::fdopendir(fd);
776     if (stream == nullptr) {
777       ::close(fd);
778       ec = detail::capture_errno();
779       return 0;
780     }
781     // Note: `::closedir` will also close the associated file descriptor, so
782     // there should be no call to `close(fd)`.
783     scope_exit close_stream([=] { ::closedir(stream); });
784 
785     uintmax_t count = 0;
786     while (true) {
787       auto [str, type] = detail::posix_readdir(stream, ec);
788       static_assert(std::is_same_v<decltype(str), std::string_view>);
789       if (str == "." || str == "..") {
790         continue;
791       } else if (ec || str.empty()) {
792         break; // we're done iterating through the directory
793       } else {
794         count += remove_all_impl(fd, str, ec);
795       }
796     }
797 
798     // Then, remove the now-empty directory itself.
799     if (::unlinkat(parent_directory, p.c_str(), AT_REMOVEDIR) == -1) {
800       ec = detail::capture_errno();
801       return count;
802     }
803 
804     return count + 1; // the contents of the directory + the directory itself
805   }
806 
807   ec = detail::capture_errno();
808 
809   // If we failed to open `p` because it didn't exist, it's not an
810   // error -- it might have moved or have been deleted already.
811   if (ec == errc::no_such_file_or_directory) {
812     ec.clear();
813     return 0;
814   }
815 
816   // If opening `p` failed because it wasn't a directory, remove it as
817   // a normal file instead. Note that `openat()` can return either ENOTDIR
818   // or ELOOP depending on the exact reason of the failure. On FreeBSD it
819   // may return EMLINK instead of ELOOP, contradicting POSIX.
820   if (ec == errc::not_a_directory || ec == errc::too_many_symbolic_link_levels || ec == errc::too_many_links) {
821     ec.clear();
822     if (::unlinkat(parent_directory, p.c_str(), /* flags = */ 0) == -1) {
823       ec = detail::capture_errno();
824       return 0;
825     }
826     return 1;
827   }
828 
829   // Otherwise, it's a real error -- we don't remove anything.
830   return 0;
831 }
832 
833 } // end namespace
834 
835 uintmax_t __remove_all(const path& p, error_code* ec) {
836   ErrorHandler<uintmax_t> err("remove_all", ec, &p);
837   error_code mec;
838   uintmax_t count = remove_all_impl(AT_FDCWD, p, mec);
839   if (mec)
840     return err.report(mec);
841   return count;
842 }
843 
844 #endif // REMOVE_ALL_USE_DIRECTORY_ITERATOR
845 
846 void __rename(const path& from, const path& to, error_code* ec) {
847   ErrorHandler<void> err("rename", ec, &from, &to);
848   if (detail::rename(from.c_str(), to.c_str()) == -1)
849     err.report(capture_errno());
850 }
851 
852 void __resize_file(const path& p, uintmax_t size, error_code* ec) {
853   ErrorHandler<void> err("resize_file", ec, &p);
854   if (detail::truncate(p.c_str(), static_cast< ::off_t>(size)) == -1)
855     return err.report(capture_errno());
856 }
857 
858 space_info __space(const path& p, error_code* ec) {
859   ErrorHandler<void> err("space", ec, &p);
860   space_info si;
861   detail::StatVFS m_svfs = {};
862   if (detail::statvfs(p.c_str(), &m_svfs) == -1) {
863     err.report(capture_errno());
864     si.capacity = si.free = si.available = static_cast<uintmax_t>(-1);
865     return si;
866   }
867   // Multiply with overflow checking.
868   auto do_mult = [&](uintmax_t& out, uintmax_t other) {
869     out = other * m_svfs.f_frsize;
870     if (other == 0 || out / other != m_svfs.f_frsize)
871       out = static_cast<uintmax_t>(-1);
872   };
873   do_mult(si.capacity, m_svfs.f_blocks);
874   do_mult(si.free, m_svfs.f_bfree);
875   do_mult(si.available, m_svfs.f_bavail);
876   return si;
877 }
878 
879 file_status __status(const path& p, error_code* ec) { return detail::posix_stat(p, ec); }
880 
881 file_status __symlink_status(const path& p, error_code* ec) { return detail::posix_lstat(p, ec); }
882 
883 path __temp_directory_path(error_code* ec) {
884   ErrorHandler<path> err("temp_directory_path", ec);
885 
886 #if defined(_LIBCPP_WIN32API)
887   wchar_t buf[MAX_PATH];
888   DWORD retval = GetTempPathW(MAX_PATH, buf);
889   if (!retval)
890     return err.report(detail::make_windows_error(GetLastError()));
891   if (retval > MAX_PATH)
892     return err.report(errc::filename_too_long);
893   // GetTempPathW returns a path with a trailing slash, which we
894   // shouldn't include for consistency.
895   if (buf[retval - 1] == L'\\')
896     buf[retval - 1] = L'\0';
897   path p(buf);
898 #else
899   const char* env_paths[] = {"TMPDIR", "TMP", "TEMP", "TEMPDIR"};
900   const char* ret         = nullptr;
901 
902   for (auto& ep : env_paths)
903     if ((ret = getenv(ep)))
904       break;
905   if (ret == nullptr) {
906 #  if defined(__ANDROID__)
907     ret = "/data/local/tmp";
908 #  else
909     ret = "/tmp";
910 #  endif
911   }
912 
913   path p(ret);
914 #endif
915   error_code m_ec;
916   file_status st = detail::posix_stat(p, &m_ec);
917   if (!status_known(st))
918     return err.report(m_ec, "cannot access path " PATH_CSTR_FMT, p.c_str());
919 
920   if (!exists(st) || !is_directory(st))
921     return err.report(errc::not_a_directory, "path " PATH_CSTR_FMT " is not a directory", p.c_str());
922 
923   return p;
924 }
925 
926 path __weakly_canonical(const path& p, error_code* ec) {
927   ErrorHandler<path> err("weakly_canonical", ec, &p);
928 
929   if (p.empty())
930     return __canonical("", ec);
931 
932   path result;
933   path tmp;
934   tmp.__reserve(p.native().size());
935   auto PP = PathParser::CreateEnd(p.native());
936   --PP;
937   vector<string_view_t> DNEParts;
938 
939   while (PP.State != PathParser::PS_BeforeBegin) {
940     tmp.assign(createView(p.native().data(), &PP.RawEntry.back()));
941     error_code m_ec;
942     file_status st = __status(tmp, &m_ec);
943     if (!status_known(st)) {
944       return err.report(m_ec);
945     } else if (exists(st)) {
946       result = __canonical(tmp, ec);
947       break;
948     }
949     DNEParts.push_back(*PP);
950     --PP;
951   }
952   if (PP.State == PathParser::PS_BeforeBegin)
953     result = __canonical("", ec);
954   if (ec)
955     ec->clear();
956   if (DNEParts.empty())
957     return result;
958   for (auto It = DNEParts.rbegin(); It != DNEParts.rend(); ++It)
959     result /= *It;
960   return result.lexically_normal();
961 }
962 
963 _LIBCPP_END_NAMESPACE_FILESYSTEM
964