xref: /freebsd/lib/libc/stdlib/realpath.c (revision 253f15c016ca699906f78b8e522a3f7ed675929b) 
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 2003 Constantin S. Svintsoff <kostik@iclub.nsu.ru>
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  * 3. The names of the authors may not be used to endorse or promote
15  *    products derived from this software without specific prior written
16  *    permission.
17  *
18  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28  * SUCH DAMAGE.
29  */
30 
31 #include <sys/param.h>
32 #include <sys/stat.h>
33 
34 #include <errno.h>
35 #include <fcntl.h>
36 #include <libsys.h>
37 #include <stdlib.h>
38 #include <string.h>
39 #include <unistd.h>
40 #include <ssp/ssp.h>
41 
42 /*
43  * Find the real name of path, by removing all ".", ".." and symlink
44  * components.  Returns (resolved) on success, or (NULL) on failure,
45  * in which case the path which caused trouble is left in (resolved).
46  */
47 static char * __noinline
48 realpath1(const char *path, char *resolved)
49 {
50 	struct stat sb;
51 	char *p, *q;
52 	size_t left_len, prev_len, resolved_len, next_token_len;
53 	unsigned symlinks;
54 	ssize_t slen;
55 	char left[PATH_MAX], next_token[PATH_MAX], symlink[PATH_MAX];
56 
57 	symlinks = 0;
58 	if (path[0] == '/') {
59 		resolved[0] = '/';
60 		resolved[1] = '\0';
61 		if (path[1] == '\0')
62 			return (resolved);
63 		resolved_len = 1;
64 		left_len = strlcpy(left, path + 1, sizeof(left));
65 	} else {
66 		if (getcwd(resolved, PATH_MAX) == NULL) {
67 			resolved[0] = '.';
68 			resolved[1] = '\0';
69 			return (NULL);
70 		}
71 		resolved_len = strlen(resolved);
72 		left_len = strlcpy(left, path, sizeof(left));
73 	}
74 	if (left_len >= sizeof(left) || resolved_len >= PATH_MAX) {
75 		errno = ENAMETOOLONG;
76 		return (NULL);
77 	}
78 
79 	/*
80 	 * Iterate over path components in `left'.
81 	 */
82 	while (left_len != 0) {
83 		/*
84 		 * Extract the next path component and adjust `left'
85 		 * and its length.
86 		 */
87 		p = strchr(left, '/');
88 
89 		next_token_len = p != NULL ? (size_t)(p - left) : left_len;
90 		memcpy(next_token, left, next_token_len);
91 		next_token[next_token_len] = '\0';
92 
93 		if (p != NULL) {
94 			left_len -= next_token_len + 1;
95 			memmove(left, p + 1, left_len + 1);
96 		} else {
97 			left[0] = '\0';
98 			left_len = 0;
99 		}
100 
101 		if (resolved[resolved_len - 1] != '/') {
102 			if (resolved_len + 1 >= PATH_MAX) {
103 				errno = ENAMETOOLONG;
104 				return (NULL);
105 			}
106 			resolved[resolved_len++] = '/';
107 			resolved[resolved_len] = '\0';
108 		}
109 		if (next_token[0] == '\0') {
110 			/* Handle consequential slashes. */
111 			continue;
112 		} else if (strcmp(next_token, ".") == 0) {
113 			continue;
114 		} else if (strcmp(next_token, "..") == 0) {
115 			/*
116 			 * Strip the last path component except when we have
117 			 * single "/"
118 			 */
119 			if (resolved_len > 1) {
120 				resolved[resolved_len - 1] = '\0';
121 				q = strrchr(resolved, '/') + 1;
122 				*q = '\0';
123 				resolved_len = q - resolved;
124 			}
125 			continue;
126 		}
127 
128 		/*
129 		 * Append the next path component and lstat() it.
130 		 */
131 		prev_len = resolved_len;
132 		resolved_len += strlcpy(resolved + prev_len, next_token,
133 		    PATH_MAX - prev_len);
134 		if (resolved_len >= PATH_MAX) {
135 			errno = ENAMETOOLONG;
136 			return (NULL);
137 		}
138 		if (lstat(resolved, &sb) != 0) {
139 			/*
140 			 * EACCES means the parent directory is not
141 			 * readable, while ENOTDIR means the parent
142 			 * directory is not a directory.  Rewind the path
143 			 * to correctly indicate where the error lies.
144 			 */
145 			if (errno == EACCES || errno == ENOTDIR) {
146 				if (prev_len > 1)
147 					prev_len--;
148 				resolved[prev_len] = '\0';
149 			}
150 			return (NULL);
151 		}
152 		if (S_ISLNK(sb.st_mode)) {
153 			if (symlinks++ > MAXSYMLINKS) {
154 				errno = ELOOP;
155 				return (NULL);
156 			}
157 			slen = readlink(resolved, symlink, sizeof(symlink));
158 			if (slen < 0)
159 				return (NULL);
160 			if (slen == 0) {
161 				errno = ENOENT;
162 				return (NULL);
163 			}
164 			if ((size_t)slen >= sizeof(symlink)) {
165 				errno = ENAMETOOLONG;
166 				return (NULL);
167 			}
168 			symlink[slen] = '\0';
169 			if (symlink[0] == '/') {
170 				resolved[1] = 0;
171 				resolved_len = 1;
172 			} else {
173 				/* Strip the last path component. */
174 				q = strrchr(resolved, '/') + 1;
175 				*q = '\0';
176 				resolved_len = q - resolved;
177 			}
178 
179 			/*
180 			 * If there are any path components left, then
181 			 * append them to symlink. The result is placed
182 			 * in `left'.
183 			 */
184 			if (p != NULL) {
185 				if (symlink[slen - 1] != '/') {
186 					if ((size_t)slen + 1 >= sizeof(symlink)) {
187 						errno = ENAMETOOLONG;
188 						return (NULL);
189 					}
190 					symlink[slen] = '/';
191 					symlink[slen + 1] = 0;
192 				}
193 				left_len = strlcat(symlink, left,
194 				    sizeof(symlink));
195 				if (left_len >= sizeof(symlink)) {
196 					errno = ENAMETOOLONG;
197 					return (NULL);
198 				}
199 			}
200 			left_len = strlcpy(left, symlink, sizeof(left));
201 		} else if (!S_ISDIR(sb.st_mode) && p != NULL) {
202 			errno = ENOTDIR;
203 			return (NULL);
204 		}
205 	}
206 
207 	/*
208 	 * Remove trailing slash except when the resolved pathname
209 	 * is a single "/".
210 	 */
211 	if (resolved_len > 1 && resolved[resolved_len - 1] == '/')
212 		resolved[resolved_len - 1] = '\0';
213 	return (resolved);
214 }
215 
216 char *
217 __ssp_real(realpath)(const char * __restrict path, char * __restrict resolved)
218 {
219 	char *m, *res;
220 
221 	if (path == NULL) {
222 		errno = EINVAL;
223 		return (NULL);
224 	}
225 	if (path[0] == '\0') {
226 		errno = ENOENT;
227 		return (NULL);
228 	}
229 	if (resolved != NULL) {
230 		m = NULL;
231 	} else {
232 		m = resolved = malloc(PATH_MAX);
233 		if (resolved == NULL)
234 			return (NULL);
235 	}
236 	if (__sys___realpathat(AT_FDCWD, path, resolved, PATH_MAX, 0) == 0) {
237 		return (resolved);
238 	}
239 	res = realpath1(path, resolved);
240 	if (res == NULL)
241 		free(m);
242 	return (res);
243 }
244