Matt McCutchen's Web Site / rsync / rsync.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
The args are now sanitized in parse_arguments() instead of here.
[rsync/rsync.git] / util.c
... / ...
CommitLineData
1/* -*- c-file-style: "linux" -*-
2 *
3 * Copyright (C) 1996-2000 by Andrew Tridgell
4 * Copyright (C) Paul Mackerras 1996
5 * Copyright (C) 2001, 2002 by Martin Pool <mbp@samba.org>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 */
21
22/**
23 * @file
24 *
25 * Utilities used in rsync
26 **/
27
28#include "rsync.h"
29
30extern int verbose;
31
32int sanitize_paths = 0;
33
34
35
36/**
37 * Set a fd into nonblocking mode
38 **/
39void set_nonblocking(int fd)
40{
41 int val;
42
43 if ((val = fcntl(fd, F_GETFL, 0)) == -1)
44 return;
45 if (!(val & NONBLOCK_FLAG)) {
46 val |= NONBLOCK_FLAG;
47 fcntl(fd, F_SETFL, val);
48 }
49}
50
51/**
52 * Set a fd into blocking mode
53 **/
54void set_blocking(int fd)
55{
56 int val;
57
58 if ((val = fcntl(fd, F_GETFL, 0)) == -1)
59 return;
60 if (val & NONBLOCK_FLAG) {
61 val &= ~NONBLOCK_FLAG;
62 fcntl(fd, F_SETFL, val);
63 }
64}
65
66
67/**
68 * Create a file descriptor pair - like pipe() but use socketpair if
69 * possible (because of blocking issues on pipes).
70 *
71 * Always set non-blocking.
72 */
73int fd_pair(int fd[2])
74{
75 int ret;
76
77#if HAVE_SOCKETPAIR
78 ret = socketpair(AF_UNIX, SOCK_STREAM, 0, fd);
79#else
80 ret = pipe(fd);
81#endif
82
83 if (ret == 0) {
84 set_nonblocking(fd[0]);
85 set_nonblocking(fd[1]);
86 }
87
88 return ret;
89}
90
91
92void print_child_argv(char **cmd)
93{
94 rprintf(FINFO, "opening connection using ");
95 for (; *cmd; cmd++) {
96 /* Look for characters that ought to be quoted. This
97 * is not a great quoting algorithm, but it's
98 * sufficient for a log message. */
99 if (strspn(*cmd, "abcdefghijklmnopqrstuvwxyz"
100 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
101 "0123456789"
102 ",.-_=+@/") != strlen(*cmd)) {
103 rprintf(FINFO, "\"%s\" ", *cmd);
104 } else {
105 rprintf(FINFO, "%s ", *cmd);
106 }
107 }
108 rprintf(FINFO, "\n");
109}
110
111
112void out_of_memory(char *str)
113{
114 rprintf(FERROR, "ERROR: out of memory in %s\n", str);
115 exit_cleanup(RERR_MALLOC);
116}
117
118void overflow(char *str)
119{
120 rprintf(FERROR, "ERROR: buffer overflow in %s\n", str);
121 exit_cleanup(RERR_MALLOC);
122}
123
124
125
126int set_modtime(char *fname, time_t modtime)
127{
128 extern int dry_run;
129 if (dry_run)
130 return 0;
131
132 if (verbose > 2) {
133 rprintf(FINFO, "set modtime of %s to (%ld) %s",
134 fname, (long) modtime,
135 asctime(localtime(&modtime)));
136 }
137
138 {
139#ifdef HAVE_UTIMBUF
140 struct utimbuf tbuf;
141 tbuf.actime = time(NULL);
142 tbuf.modtime = modtime;
143 return utime(fname,&tbuf);
144#elif defined(HAVE_UTIME)
145 time_t t[2];
146 t[0] = time(NULL);
147 t[1] = modtime;
148 return utime(fname,t);
149#else
150 struct timeval t[2];
151 t[0].tv_sec = time(NULL);
152 t[0].tv_usec = 0;
153 t[1].tv_sec = modtime;
154 t[1].tv_usec = 0;
155 return utimes(fname,t);
156#endif
157 }
158}
159
160
161/**
162 Create any necessary directories in fname. Unfortunately we don't know
163 what perms to give the directory when this is called so we need to rely
164 on the umask
165**/
166int create_directory_path(char *fname, int base_umask)
167{
168 char *p;
169
170 while (*fname == '/')
171 fname++;
172 while (strncmp(fname, "./", 2) == 0)
173 fname += 2;
174
175 p = fname;
176 while ((p = strchr(p,'/')) != NULL) {
177 *p = 0;
178 do_mkdir(fname, 0777 & ~base_umask);
179 *p = '/';
180 p++;
181 }
182 return 0;
183}
184
185
186/**
187 * Write @p len bytes at @p ptr to descriptor @p desc, retrying if
188 * interrupted.
189 *
190 * @retval len upon success
191 *
192 * @retval <0 write's (negative) error code
193 *
194 * Derived from GNU C's cccp.c.
195 */
196static int full_write(int desc, char *ptr, size_t len)
197{
198 int total_written;
199
200 total_written = 0;
201 while (len > 0) {
202 int written = write(desc, ptr, len);
203 if (written < 0) {
204 if (errno == EINTR)
205 continue;
206 return written;
207 }
208 total_written += written;
209 ptr += written;
210 len -= written;
211 }
212 return total_written;
213}
214
215
216/**
217 * Read @p len bytes at @p ptr from descriptor @p desc, retrying if
218 * interrupted.
219 *
220 * @retval >0 the actual number of bytes read
221 *
222 * @retval 0 for EOF
223 *
224 * @retval <0 for an error.
225 *
226 * Derived from GNU C's cccp.c. */
227static int safe_read(int desc, char *ptr, size_t len)
228{
229 int n_chars;
230
231 if (len == 0)
232 return len;
233
234 do {
235 n_chars = read(desc, ptr, len);
236 } while (n_chars < 0 && errno == EINTR);
237
238 return n_chars;
239}
240
241
242/** Copy a file.
243 *
244 * This is used in conjunction with the --temp-dir option */
245int copy_file(char *source, char *dest, mode_t mode)
246{
247 int ifd;
248 int ofd;
249 char buf[1024 * 8];
250 int len; /* Number of bytes read into `buf'. */
251
252 ifd = do_open(source, O_RDONLY, 0);
253 if (ifd == -1) {
254 rprintf(FERROR,"open %s: %s\n",
255 source,strerror(errno));
256 return -1;
257 }
258
259 if (robust_unlink(dest) && errno != ENOENT) {
260 rprintf(FERROR,"unlink %s: %s\n",
261 dest,strerror(errno));
262 return -1;
263 }
264
265 ofd = do_open(dest, O_WRONLY | O_CREAT | O_TRUNC | O_EXCL, mode);
266 if (ofd == -1) {
267 rprintf(FERROR,"open %s: %s\n",
268 dest,strerror(errno));
269 close(ifd);
270 return -1;
271 }
272
273 while ((len = safe_read(ifd, buf, sizeof buf)) > 0) {
274 if (full_write(ofd, buf, len) < 0) {
275 rprintf(FERROR,"write %s: %s\n",
276 dest,strerror(errno));
277 close(ifd);
278 close(ofd);
279 return -1;
280 }
281 }
282
283 close(ifd);
284 close(ofd);
285
286 if (len < 0) {
287 rprintf(FERROR,"read %s: %s\n",
288 source,strerror(errno));
289 return -1;
290 }
291
292 return 0;
293}
294
295/* MAX_RENAMES should be 10**MAX_RENAMES_DIGITS */
296#define MAX_RENAMES_DIGITS 3
297#define MAX_RENAMES 1000
298
299/**
300 * Robust unlink: some OS'es (HPUX) refuse to unlink busy files, so
301 * rename to <path>/.rsyncNNN instead.
302 *
303 * Note that successive rsync runs will shuffle the filenames around a
304 * bit as long as the file is still busy; this is because this function
305 * does not know if the unlink call is due to a new file coming in, or
306 * --delete trying to remove old .rsyncNNN files, hence it renames it
307 * each time.
308 **/
309int robust_unlink(char *fname)
310{
311#ifndef ETXTBSY
312 return do_unlink(fname);
313#else
314 static int counter = 1;
315 int rc, pos, start;
316 char path[MAXPATHLEN];
317
318 rc = do_unlink(fname);
319 if (rc == 0 || errno != ETXTBSY)
320 return rc;
321
322 if ((pos = strlcpy(path, fname, MAXPATHLEN)) >= MAXPATHLEN)
323 pos = MAXPATHLEN - 1;
324
325 while (pos > 0 && path[pos-1] != '/')
326 pos--;
327 pos += strlcpy(path+pos, ".rsync", MAXPATHLEN-pos);
328
329 if (pos > (MAXPATHLEN-MAX_RENAMES_DIGITS-1)) {
330 errno = ETXTBSY;
331 return -1;
332 }
333
334 /* start where the last one left off to reduce chance of clashes */
335 start = counter;
336 do {
337 sprintf(&path[pos], "%03d", counter);
338 if (++counter >= MAX_RENAMES)
339 counter = 1;
340 } while ((rc = access(path, 0)) == 0 && counter != start);
341
342 if (verbose > 0) {
343 rprintf(FINFO,"renaming %s to %s because of text busy\n",
344 fname, path);
345 }
346
347 /* maybe we should return rename()'s exit status? Nah. */
348 if (do_rename(fname, path) != 0) {
349 errno = ETXTBSY;
350 return -1;
351 }
352 return 0;
353#endif
354}
355
356/* Returns 0 on success, -1 on most errors, and -2 if we got an error
357 * trying to copy the file across file systems. */
358int robust_rename(char *from, char *to, int mode)
359{
360 int tries = 4;
361
362 while (tries--) {
363 if (do_rename(from, to) == 0)
364 return 0;
365
366 switch (errno) {
367#ifdef ETXTBSY
368 case ETXTBSY:
369 if (robust_unlink(to) != 0)
370 return -1;
371 break;
372#endif
373 case EXDEV:
374 if (copy_file(from, to, mode) != 0)
375 return -2;
376 do_unlink(from);
377 return 0;
378 default:
379 return -1;
380 }
381 }
382 return -1;
383}
384
385
386static pid_t all_pids[10];
387static int num_pids;
388
389/** Fork and record the pid of the child. **/
390pid_t do_fork(void)
391{
392 pid_t newpid = fork();
393
394 if (newpid != 0 && newpid != -1) {
395 all_pids[num_pids++] = newpid;
396 }
397 return newpid;
398}
399
400/**
401 * Kill all children.
402 *
403 * @todo It would be kind of nice to make sure that they are actually
404 * all our children before we kill them, because their pids may have
405 * been recycled by some other process. Perhaps when we wait for a
406 * child, we should remove it from this array. Alternatively we could
407 * perhaps use process groups, but I think that would not work on
408 * ancient Unix versions that don't support them.
409 **/
410void kill_all(int sig)
411{
412 int i;
413
414 for (i = 0; i < num_pids; i++) {
415 /* Let's just be a little careful where we
416 * point that gun, hey? See kill(2) for the
417 * magic caused by negative values. */
418 pid_t p = all_pids[i];
419
420 if (p == getpid())
421 continue;
422 if (p <= 0)
423 continue;
424
425 kill(p, sig);
426 }
427}
428
429
430/** Turn a user name into a uid */
431int name_to_uid(char *name, uid_t *uid)
432{
433 struct passwd *pass;
434 if (!name || !*name) return 0;
435 pass = getpwnam(name);
436 if (pass) {
437 *uid = pass->pw_uid;
438 return 1;
439 }
440 return 0;
441}
442
443/** Turn a group name into a gid */
444int name_to_gid(char *name, gid_t *gid)
445{
446 struct group *grp;
447 if (!name || !*name) return 0;
448 grp = getgrnam(name);
449 if (grp) {
450 *gid = grp->gr_gid;
451 return 1;
452 }
453 return 0;
454}
455
456
457/** Lock a byte range in a open file */
458int lock_range(int fd, int offset, int len)
459{
460 struct flock lock;
461
462 lock.l_type = F_WRLCK;
463 lock.l_whence = SEEK_SET;
464 lock.l_start = offset;
465 lock.l_len = len;
466 lock.l_pid = 0;
467
468 return fcntl(fd,F_SETLK,&lock) == 0;
469}
470
471static int exclude_server_path(char *arg)
472{
473 char *s;
474 extern struct exclude_struct **server_exclude_list;
475
476 if (server_exclude_list) {
477 for (s = arg; (s = strchr(s, '/')) != NULL; ) {
478 *s = '\0';
479 if (check_exclude(server_exclude_list, arg, 1)) {
480 /* We must leave arg truncated! */
481 return 1;
482 }
483 *s++ = '/';
484 }
485 }
486 return 0;
487}
488
489static void glob_expand_one(char *s, char **argv, int *argc, int maxargs)
490{
491#if !(defined(HAVE_GLOB) && defined(HAVE_GLOB_H))
492 if (!*s) s = ".";
493 s = argv[*argc] = strdup(s);
494 exclude_server_path(s);
495 (*argc)++;
496#else
497 extern int sanitize_paths;
498 glob_t globbuf;
499 int i;
500
501 if (!*s) s = ".";
502
503 s = argv[*argc] = strdup(s);
504 if (sanitize_paths) {
505 sanitize_path(s, NULL);
506 }
507
508 memset(&globbuf, 0, sizeof globbuf);
509 if (!exclude_server_path(s))
510 glob(s, 0, NULL, &globbuf);
511 if (globbuf.gl_pathc == 0) {
512 (*argc)++;
513 globfree(&globbuf);
514 return;
515 }
516 for (i = 0; i < maxargs - *argc && i < (int)globbuf.gl_pathc; i++) {
517 if (i == 0)
518 free(s);
519 argv[*argc + i] = strdup(globbuf.gl_pathv[i]);
520 if (!argv[*argc + i])
521 out_of_memory("glob_expand");
522 }
523 globfree(&globbuf);
524 *argc += i;
525#endif
526}
527
528/* This routine is only used in daemon mode. */
529void glob_expand(char *base1, char **argv, int *argc, int maxargs)
530{
531 char *s = argv[*argc];
532 char *p, *q;
533 char *base = base1;
534 int base_len = strlen(base);
535
536 if (!s || !*s) return;
537
538 if (strncmp(s, base, base_len) == 0)
539 s += base_len;
540
541 s = strdup(s);
542 if (!s) out_of_memory("glob_expand");
543
544 if (asprintf(&base," %s/", base1) <= 0) out_of_memory("glob_expand");
545 base_len++;
546
547 q = s;
548 while ((p = strstr(q,base)) != NULL && *argc < maxargs) {
549 /* split it at this point */
550 *p = 0;
551 glob_expand_one(q, argv, argc, maxargs);
552 q = p + base_len;
553 }
554
555 if (*q && *argc < maxargs)
556 glob_expand_one(q, argv, argc, maxargs);
557
558 free(s);
559 free(base);
560}
561
562/**
563 * Convert a string to lower case
564 **/
565void strlower(char *s)
566{
567 while (*s) {
568 if (isupper(* (unsigned char *) s))
569 *s = tolower(* (unsigned char *) s);
570 s++;
571 }
572}
573
574/* Join strings p1 & p2 into "dest" with a guaranteed '/' between them. (If
575 * p1 ends with a '/', no extra '/' is inserted.) Returns the length of both
576 * strings + 1 (if '/' was inserted), regardless of whether the null-terminated
577 * string fits into destsize. */
578size_t pathjoin(char *dest, size_t destsize, const char *p1, const char *p2)
579{
580 size_t len = strlcpy(dest, p1, destsize);
581 if (len < destsize - 1) {
582 if (!len || dest[len-1] != '/')
583 dest[len++] = '/';
584 if (len < destsize - 1)
585 len += strlcpy(dest + len, p2, destsize - len);
586 else {
587 dest[len] = '\0';
588 len += strlen(p2);
589 }
590 }
591 else
592 len += strlen(p2) + 1; /* Assume we'd insert a '/'. */
593 return len;
594}
595
596/* Join any number of strings together, putting them in "dest". The return
597 * value is the length of all the strings, regardless of whether the null-
598 * terminated whole fits in destsize. Your list of string pointers must end
599 * with a NULL to indicate the end of the list. */
600size_t stringjoin(char *dest, size_t destsize, ...)
601{
602 va_list ap;
603 size_t len, ret = 0;
604 const char *src;
605
606 va_start(ap, destsize);
607 while (1) {
608 if (!(src = va_arg(ap, const char *)))
609 break;
610 len = strlen(src);
611 ret += len;
612 if (destsize > 1) {
613 if (len >= destsize)
614 len = destsize - 1;
615 memcpy(dest, src, len);
616 destsize -= len;
617 dest += len;
618 }
619 }
620 *dest = '\0';
621 va_end(ap);
622
623 return ret;
624}
625
626void clean_fname(char *name)
627{
628 char *p;
629 int l;
630 int modified = 1;
631
632 if (!name) return;
633
634 while (modified) {
635 modified = 0;
636
637 if ((p = strstr(name,"/./")) != NULL) {
638 modified = 1;
639 while (*p) {
640 p[0] = p[2];
641 p++;
642 }
643 }
644
645 if ((p = strstr(name,"//")) != NULL) {
646 modified = 1;
647 while (*p) {
648 p[0] = p[1];
649 p++;
650 }
651 }
652
653 if (strncmp(p = name, "./", 2) == 0) {
654 modified = 1;
655 do {
656 p[0] = p[2];
657 } while (*p++);
658 }
659
660 l = strlen(p = name);
661 if (l > 1 && p[l-1] == '/') {
662 modified = 1;
663 p[l-1] = 0;
664 }
665 }
666}
667
668/**
669 * Make path appear as if a chroot had occurred:
670 *
671 * @li 1. remove leading "/" (or replace with "." if at end)
672 *
673 * @li 2. remove leading ".." components (except those allowed by @p reldir)
674 *
675 * @li 3. delete any other "<dir>/.." (recursively)
676 *
677 * Can only shrink paths, so sanitizes in place.
678 *
679 * While we're at it, remove double slashes and "." components like
680 * clean_fname() does, but DON'T remove a trailing slash because that
681 * is sometimes significant on command line arguments.
682 *
683 * If @p reldir is non-null, it is a sanitized directory that the path will be
684 * relative to, so allow as many ".." at the beginning of the path as
685 * there are components in reldir. This is used for symbolic link targets.
686 * If reldir is non-null and the path began with "/", to be completely like
687 * a chroot we should add in depth levels of ".." at the beginning of the
688 * path, but that would blow the assumption that the path doesn't grow and
689 * it is not likely to end up being a valid symlink anyway, so just do
690 * the normal removal of the leading "/" instead.
691 *
692 * Contributed by Dave Dykstra <dwd@bell-labs.com>
693 */
694void sanitize_path(char *p, char *reldir)
695{
696 char *start, *sanp;
697 int depth = 0;
698 int allowdotdot = 0;
699
700 if (reldir) {
701 depth++;
702 while (*reldir) {
703 if (*reldir++ == '/') {
704 depth++;
705 }
706 }
707 }
708 start = p;
709 sanp = p;
710 while (*p == '/') {
711 /* remove leading slashes */
712 p++;
713 }
714 while (*p != '\0') {
715 /* this loop iterates once per filename component in p.
716 * both p (and sanp if the original had a slash) should
717 * always be left pointing after a slash
718 */
719 if (*p == '.' && (p[1] == '/' || p[1] == '\0')) {
720 /* skip "." component */
721 while (*++p == '/') {
722 /* skip following slashes */
723 ;
724 }
725 continue;
726 }
727 allowdotdot = 0;
728 if (*p == '.' && p[1] == '.' && (p[2] == '/' || p[2] == '\0')) {
729 /* ".." component followed by slash or end */
730 if (depth > 0 && sanp == start) {
731 /* allow depth levels of .. at the beginning */
732 --depth;
733 allowdotdot = 1;
734 } else {
735 p += 2;
736 if (*p == '/')
737 p++;
738 if (sanp != start) {
739 /* back up sanp one level */
740 --sanp; /* now pointing at slash */
741 while (sanp > start && sanp[-1] != '/') {
742 /* skip back up to slash */
743 sanp--;
744 }
745 }
746 continue;
747 }
748 }
749 while (1) {
750 /* copy one component through next slash */
751 *sanp++ = *p++;
752 if (*p == '\0' || p[-1] == '/') {
753 while (*p == '/') {
754 /* skip multiple slashes */
755 p++;
756 }
757 break;
758 }
759 }
760 if (allowdotdot) {
761 /* move the virtual beginning to leave the .. alone */
762 start = sanp;
763 }
764 }
765 if (sanp == start && !allowdotdot) {
766 /* ended up with nothing, so put in "." component */
767 /*
768 * note that the !allowdotdot doesn't prevent this from
769 * happening in all allowed ".." situations, but I didn't
770 * think it was worth putting in an extra variable to ensure
771 * it since an extra "." won't hurt in those situations.
772 */
773 *sanp++ = '.';
774 }
775 *sanp = '\0';
776}
777
778
779char curr_dir[MAXPATHLEN];
780unsigned int curr_dir_len;
781
782/**
783 * Like chdir(), but it keeps track of the current directory (in the
784 * global "curr_dir"), and ensures that the path size doesn't overflow.
785 * Also cleans the path using the clean_fname() function.
786 **/
787int push_dir(char *dir)
788{
789 static int initialised;
790 unsigned int len;
791
792 if (!initialised) {
793 initialised = 1;
794 getcwd(curr_dir, sizeof curr_dir - 1);
795 curr_dir_len = strlen(curr_dir);
796 }
797
798 if (!dir) /* this call was probably just to initialize */
799 return 0;
800
801 len = strlen(dir);
802 if (len == 1 && *dir == '.')
803 return 1;
804
805 if ((*dir == '/' ? len : curr_dir_len + 1 + len) >= sizeof curr_dir)
806 return 0;
807
808 if (chdir(dir))
809 return 0;
810
811 if (*dir == '/') {
812 memcpy(curr_dir, dir, len + 1);
813 curr_dir_len = len;
814 } else {
815 curr_dir[curr_dir_len++] = '/';
816 memcpy(curr_dir + curr_dir_len, dir, len + 1);
817 curr_dir_len += len;
818 }
819
820 clean_fname(curr_dir);
821
822 return 1;
823}
824
825/**
826 * Reverse a push_dir() call. You must pass in an absolute path
827 * that was copied from a prior value of "curr_dir".
828 **/
829int pop_dir(char *dir)
830{
831 if (chdir(dir))
832 return 0;
833
834 curr_dir_len = strlcpy(curr_dir, dir, sizeof curr_dir);
835 if (curr_dir_len >= sizeof curr_dir)
836 curr_dir_len = sizeof curr_dir - 1;
837
838 return 1;
839}
840
841/**
842 * Return a quoted string with the full pathname of the indicated filename.
843 * The string " (in MODNAME)" may also be appended. The returned pointer
844 * remains valid until the next time full_fname() is called.
845 **/
846char *full_fname(char *fn)
847{
848 extern int module_id;
849 static char *result = NULL;
850 char *m1, *m2, *m3;
851 char *p1, *p2;
852
853 if (result)
854 free(result);
855
856 if (*fn == '/')
857 p1 = p2 = "";
858 else {
859 p1 = curr_dir;
860 p2 = "/";
861 }
862 if (module_id >= 0) {
863 m1 = " (in ";
864 m2 = lp_name(module_id);
865 m3 = ")";
866 if (*p1) {
867 if (!lp_use_chroot(module_id)) {
868 char *p = lp_path(module_id);
869 if (*p != '/' || p[1])
870 p1 += strlen(p);
871 }
872 if (!*p1)
873 p2++;
874 else
875 p1++;
876 }
877 else
878 fn++;
879 } else
880 m1 = m2 = m3 = "";
881
882 asprintf(&result, "\"%s%s%s\"%s%s%s", p1, p2, fn, m1, m2, m3);
883
884 return result;
885}
886
887/** We need to supply our own strcmp function for file list comparisons
888 to ensure that signed/unsigned usage is consistent between machines. */
889int u_strcmp(const char *cs1, const char *cs2)
890{
891 const uchar *s1 = (const uchar *)cs1;
892 const uchar *s2 = (const uchar *)cs2;
893
894 while (*s1 && *s2 && (*s1 == *s2)) {
895 s1++; s2++;
896 }
897
898 return (int)*s1 - (int)*s2;
899}
900
901
902
903/**
904 * Determine if a symlink points outside the current directory tree.
905 * This is considered "unsafe" because e.g. when mirroring somebody
906 * else's machine it might allow them to establish a symlink to
907 * /etc/passwd, and then read it through a web server.
908 *
909 * Null symlinks and absolute symlinks are always unsafe.
910 *
911 * Basically here we are concerned with symlinks whose target contains
912 * "..", because this might cause us to walk back up out of the
913 * transferred directory. We are not allowed to go back up and
914 * reenter.
915 *
916 * @param dest Target of the symlink in question.
917 *
918 * @param src Top source directory currently applicable. Basically this
919 * is the first parameter to rsync in a simple invocation, but it's
920 * modified by flist.c in slightly complex ways.
921 *
922 * @retval True if unsafe
923 * @retval False is unsafe
924 *
925 * @sa t_unsafe.c
926 **/
927int unsafe_symlink(const char *dest, const char *src)
928{
929 const char *name, *slash;
930 int depth = 0;
931
932 /* all absolute and null symlinks are unsafe */
933 if (!dest || !*dest || *dest == '/') return 1;
934
935 /* find out what our safety margin is */
936 for (name = src; (slash = strchr(name, '/')) != 0; name = slash+1) {
937 if (strncmp(name, "../", 3) == 0) {
938 depth = 0;
939 } else if (strncmp(name, "./", 2) == 0) {
940 /* nothing */
941 } else {
942 depth++;
943 }
944 }
945 if (strcmp(name, "..") == 0)
946 depth = 0;
947
948 for (name = dest; (slash = strchr(name, '/')) != 0; name = slash+1) {
949 if (strncmp(name, "../", 3) == 0) {
950 /* if at any point we go outside the current directory
951 then stop - it is unsafe */
952 if (--depth < 0)
953 return 1;
954 } else if (strncmp(name, "./", 2) == 0) {
955 /* nothing */
956 } else {
957 depth++;
958 }
959 }
960 if (strcmp(name, "..") == 0)
961 depth--;
962
963 return (depth < 0);
964}
965
966
967/**
968 * Return the date and time as a string
969 **/
970char *timestring(time_t t)
971{
972 static char TimeBuf[200];
973 struct tm *tm = localtime(&t);
974
975#ifdef HAVE_STRFTIME
976 strftime(TimeBuf, sizeof TimeBuf - 1, "%Y/%m/%d %H:%M:%S", tm);
977#else
978 strlcpy(TimeBuf, asctime(tm), sizeof TimeBuf);
979#endif
980
981 if (TimeBuf[strlen(TimeBuf)-1] == '\n') {
982 TimeBuf[strlen(TimeBuf)-1] = 0;
983 }
984
985 return(TimeBuf);
986}
987
988
989/**
990 * Sleep for a specified number of milliseconds.
991 *
992 * Always returns TRUE. (In the future it might return FALSE if
993 * interrupted.)
994 **/
995int msleep(int t)
996{
997 int tdiff = 0;
998 struct timeval tval, t1, t2;
999
1000 gettimeofday(&t1, NULL);
1001 gettimeofday(&t2, NULL);
1002
1003 while (tdiff < t) {
1004 tval.tv_sec = (t-tdiff)/1000;
1005 tval.tv_usec = 1000*((t-tdiff)%1000);
1006
1007 errno = 0;
1008 select(0,NULL,NULL, NULL, &tval);
1009
1010 gettimeofday(&t2, NULL);
1011 tdiff = (t2.tv_sec - t1.tv_sec)*1000 +
1012 (t2.tv_usec - t1.tv_usec)/1000;
1013 }
1014
1015 return True;
1016}
1017
1018
1019/**
1020 * Determine if two file modification times are equivalent (either
1021 * exact or in the modification timestamp window established by
1022 * --modify-window).
1023 *
1024 * @retval 0 if the times should be treated as the same
1025 *
1026 * @retval +1 if the first is later
1027 *
1028 * @retval -1 if the 2nd is later
1029 **/
1030int cmp_modtime(time_t file1, time_t file2)
1031{
1032 extern int modify_window;
1033
1034 if (file2 > file1) {
1035 if (file2 - file1 <= modify_window) return 0;
1036 return -1;
1037 }
1038 if (file1 - file2 <= modify_window) return 0;
1039 return 1;
1040}
1041
1042
1043#ifdef __INSURE__XX
1044#include <dlfcn.h>
1045
1046/**
1047 This routine is a trick to immediately catch errors when debugging
1048 with insure. A xterm with a gdb is popped up when insure catches
1049 a error. It is Linux specific.
1050**/
1051int _Insure_trap_error(int a1, int a2, int a3, int a4, int a5, int a6)
1052{
1053 static int (*fn)();
1054 int ret;
1055 char *cmd;
1056
1057 asprintf(&cmd, "/usr/X11R6/bin/xterm -display :0 -T Panic -n Panic -e /bin/sh -c 'cat /tmp/ierrs.*.%d ; gdb /proc/%d/exe %d'",
1058 getpid(), getpid(), getpid());
1059
1060 if (!fn) {
1061 static void *h;
1062 h = dlopen("/usr/local/parasoft/insure++lite/lib.linux2/libinsure.so", RTLD_LAZY);
1063 fn = dlsym(h, "_Insure_trap_error");
1064 }
1065
1066 ret = fn(a1, a2, a3, a4, a5, a6);
1067
1068 system(cmd);
1069
1070 free(cmd);
1071
1072 return ret;
1073}
1074#endif
1075
1076
1077#define MALLOC_MAX 0x40000000
1078
1079void *_new_array(unsigned int size, unsigned long num)
1080{
1081 if (num >= MALLOC_MAX/size)
1082 return NULL;
1083 return malloc(size * num);
1084}
1085
1086void *_realloc_array(void *ptr, unsigned int size, unsigned long num)
1087{
1088 if (num >= MALLOC_MAX/size)
1089 return NULL;
1090 /* No realloc should need this, but just in case... */
1091 if (!ptr)
1092 return malloc(size * num);
1093 return realloc(ptr, size * num);
1094}
Matt McCutchen's repository for rsync, the fast and versatile remote file copier