X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/f47807900b528fc89dfb0d331f98be627ff67429..434c40986d1f3d2e2a3da49a6e1528aad0daa0b8:/util.c diff --git a/util.c b/util.c index 337aa83f..632a242c 100644 --- a/util.c +++ b/util.c @@ -45,7 +45,7 @@ void set_nonblocking(int fd) { int val; - if ((val = fcntl(fd, F_GETFL, 0)) == -1) + if ((val = fcntl(fd, F_GETFL)) == -1) return; if (!(val & NONBLOCK_FLAG)) { val |= NONBLOCK_FLAG; @@ -58,7 +58,7 @@ void set_blocking(int fd) { int val; - if ((val = fcntl(fd, F_GETFL, 0)) == -1) + if ((val = fcntl(fd, F_GETFL)) == -1) return; if (val & NONBLOCK_FLAG) { val &= ~NONBLOCK_FLAG; @@ -92,7 +92,7 @@ int fd_pair(int fd[2]) void print_child_argv(char **cmd) { - rprintf(FINFO, "opening connection using "); + rprintf(FCLIENT, "opening connection using "); for (; *cmd; cmd++) { /* Look for characters that ought to be quoted. This * is not a great quoting algorithm, but it's @@ -101,23 +101,23 @@ void print_child_argv(char **cmd) "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "0123456789" ",.-_=+@/") != strlen(*cmd)) { - rprintf(FINFO, "\"%s\" ", *cmd); + rprintf(FCLIENT, "\"%s\" ", *cmd); } else { - rprintf(FINFO, "%s ", *cmd); + rprintf(FCLIENT, "%s ", *cmd); } } - rprintf(FINFO, "\n"); + rprintf(FCLIENT, "\n"); } -void out_of_memory(char *str) +NORETURN void out_of_memory(char *str) { - rprintf(FERROR, "ERROR: out of memory in %s\n", str); + rprintf(FERROR, "ERROR: out of memory in %s [%s]\n", str, who_am_i()); exit_cleanup(RERR_MALLOC); } -void overflow_exit(char *str) +NORETURN void overflow_exit(char *str) { - rprintf(FERROR, "ERROR: buffer overflow in %s\n", str); + rprintf(FERROR, "ERROR: buffer overflow in %s [%s]\n", str, who_am_i()); exit_cleanup(RERR_MALLOC); } @@ -359,7 +359,7 @@ int robust_unlink(const char *fname) /* start where the last one left off to reduce chance of clashes */ start = counter; do { - sprintf(&path[pos], "%03d", counter); + snprintf(&path[pos], MAX_RENAMES_DIGITS+1, "%03d", counter); if (++counter >= MAX_RENAMES) counter = 1; } while ((rc = access(path, 0)) == 0 && counter != start); @@ -861,89 +861,10 @@ char *sanitize_path(char *dest, const char *p, const char *rootdir, int depth, return dest; } -/* If sanitize_paths is not set, this works exactly the same as do_stat(). - * Otherwise, we verify that no symlink takes us outside the module path. - * If we encounter an escape attempt, we return a symlink's stat info! */ -int safe_stat(const char *fname, STRUCT_STAT *stp) -{ -#ifdef SUPPORT_LINKS - char tmpbuf[MAXPATHLEN], linkbuf[MAXPATHLEN], *mod_path; - int i, llen, mod_path_len; - - if (!sanitize_paths) - return do_stat(fname, stp); - - mod_path = lp_path(module_id); - mod_path_len = strlen(mod_path); - - for (i = 0; i < 16; i++) { -#ifdef DEBUG - if (*fname == '/') - assert(strncmp(fname, mod_path, mod_path_len) == 0 && fname[mod_path_len] == '/'); -#endif - if (do_lstat(fname, stp) < 0) - return -1; - if (!S_ISLNK(stp->st_mode)) - return 0; - if ((llen = readlink(fname, linkbuf, sizeof linkbuf - 1)) < 0) - return -1; - linkbuf[llen] = '\0'; - if (*fname == '/') - fname += mod_path_len; - if (!(fname = sanitize_path(tmpbuf, fname, mod_path, curr_dir_depth, linkbuf))) - break; - } - - return 0; /* Leave *stp set to the last symlink. */ -#else - return do_stat(fname, stp); -#endif -} - -void die_on_unsafe_path(char *path, int strip_filename) -{ -#ifdef SUPPORT_LINKS - char *final_slash, *p; - STRUCT_STAT st; - - if (!path) - return; - if (strip_filename) { - if (!(final_slash = strrchr(path, '/'))) - return; - *final_slash = '\0'; - } else - final_slash = NULL; - - p = path; - if (*p == '/') - p += module_dirlen + 1; - while (*p) { - if ((p = strchr(p, '/')) != NULL) - *p = '\0'; - if (safe_stat(path, &st) < 0) { - *p++ = '/'; - goto done; - } - if (S_ISLNK(st.st_mode)) { - rprintf(FERROR, "Unsafe path: %s\n", path); - exit_cleanup(RERR_SYNTAX); - } - if (!p) - break; - *p++ = '/'; - } - - done: - if (final_slash) - *final_slash = '/'; -#endif -} - /* Like chdir(), but it keeps track of the current directory (in the * global "curr_dir"), and ensures that the path size doesn't overflow. * Also cleans the path using the clean_fname() function. */ -int push_dir(char *dir) +int push_dir(char *dir, int set_path_only) { static int initialised; unsigned int len; @@ -964,7 +885,7 @@ int push_dir(char *dir) if ((*dir == '/' ? len : curr_dir_len + 1 + len) >= sizeof curr_dir) return 0; - if (chdir(dir)) + if (!set_path_only && chdir(dir)) return 0; if (*dir == '/') { @@ -1021,7 +942,7 @@ char *full_fname(const char *fn) if (*fn == '/') p1 = p2 = ""; else { - p1 = curr_dir; + p1 = curr_dir + module_dirlen; for (p2 = p1; *p2 == '/'; p2++) {} if (*p2) p2 = "/"; @@ -1030,17 +951,11 @@ char *full_fname(const char *fn) m1 = " (in "; m2 = lp_name(module_id); m3 = ")"; - if (p1 == curr_dir) { - if (!lp_use_chroot(module_id)) { - char *p = lp_path(module_id); - if (*p != '/' || p[1]) - p1 += strlen(p); - } - } } else m1 = m2 = m3 = ""; - asprintf(&result, "\"%s%s%s\"%s%s%s", p1, p2, fn, m1, m2, m3); + if (asprintf(&result, "\"%s%s%s\"%s%s%s", p1, p2, fn, m1, m2, m3) <= 0) + out_of_memory("full_fname"); return result; } @@ -1066,13 +981,11 @@ char *partial_dir_fname(const char *fname) if ((int)pathjoin(t, sz, partial_dir, fn) >= sz) return NULL; if (server_filter_list.head) { - static int len; - if (!len) - len = strlen(partial_dir); - t[len] = '\0'; + t = strrchr(partial_fname, '/'); + *t = '\0'; if (check_filter(&server_filter_list, partial_fname, 1) < 0) return NULL; - t[len] = '/'; + *t = '/'; if (check_filter(&server_filter_list, partial_fname, 0) < 0) return NULL; } @@ -1202,7 +1115,7 @@ char *human_num(int64 num) units = 'K'; } if (units) { - sprintf(bufs[n], "%.2f%c", dnum, units); + snprintf(bufs[n], sizeof bufs[0], "%.2f%c", dnum, units); return bufs[n]; } }