1 /* Return the canonical absolute name of a given file inside chroot.
2 Copyright (C) 1996-2012 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; version 2 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, see <http://www.gnu.org/licenses/>. */
27 #include <eloop-threshold.h>
34 /* Return the canonical absolute name of file NAME as if chroot(CHROOT) was
35 done first. A canonical name does not contain any `.', `..' components
36 nor any repeated path separators ('/') or symlinks. All path components
37 must exist and NAME must be absolute filename. The result is malloc'd.
38 The returned name includes the CHROOT prefix. */
41 chroot_canon (const char *chroot, const char *name)
45 char *extra_buf = NULL;
49 const char *rpath_limit;
51 size_t chroot_len = strlen (chroot);
59 rpath = xmalloc (chroot_len + PATH_MAX);
61 rpath_limit = rpath + chroot_len + PATH_MAX;
63 rpath_root = (char *) mempcpy (rpath, chroot, chroot_len) - 1;
64 if (*rpath_root != '/')
66 dest = rpath_root + 1;
68 for (start = end = name; *start; start = end)
72 /* Skip sequence of multiple path-separators. */
76 /* Find end of path component. */
77 for (end = start; *end && *end != '/'; ++end)
82 else if (end - start == 1 && start[0] == '.')
84 else if (end - start == 2 && start[0] == '.' && start[1] == '.')
86 /* Back up to previous component, ignore if at root already. */
87 if (dest > rpath_root + 1)
88 while ((--dest)[-1] != '/');
97 if (dest + (end - start) >= rpath_limit)
99 ptrdiff_t dest_offset = dest - rpath;
102 new_size = rpath_limit - rpath;
103 if (end - start + 1 > PATH_MAX)
104 new_size += end - start + 1;
106 new_size += PATH_MAX;
107 new_rpath = (char *) xrealloc (rpath, new_size);
109 rpath_limit = rpath + new_size;
111 dest = rpath + dest_offset;
114 dest = mempcpy (dest, start, end - start);
117 if (lstat64 (rpath, &st) < 0)
124 if (S_ISLNK (st.st_mode))
126 char *buf = alloca (PATH_MAX);
129 if (++num_links > __eloop_threshold ())
135 ssize_t n = readlink (rpath, buf, PATH_MAX - 1);
145 extra_buf = alloca (PATH_MAX);
148 if (len >= PATH_MAX - n)
150 __set_errno (ENAMETOOLONG);
154 /* Careful here, end may be a pointer into extra_buf... */
155 memmove (&extra_buf[n], end, len + 1);
156 name = end = memcpy (extra_buf, buf, n);
159 dest = rpath_root + 1; /* It's an absolute symlink */
161 /* Back up to previous component, ignore if at root already: */
162 if (dest > rpath_root + 1)
163 while ((--dest)[-1] != '/');
168 if (dest > rpath_root + 1 && dest[-1] == '/')