VirtualBox

source: kBuild/trunk/src/kmk/kmkbuiltin/kbuild_protection.c@ 1714

Last change on this file since 1714 was 1635, checked in by bird, 17 years ago

Added missing headers (OS/2).
  • Property svn:eol-style set to native
  • Property svn:keywords set to Id
File size: 10.8 KB
Line 
1/* $Id: kbuild_protection.c 1635 2008-05-13 00:55:09Z bird $ */
2/** @file
3 * Simple File Protection.
4 */
5
6/*
7 * Copyright (c) 2008 knut st. osmundsen <[email protected]>
8 *
9 * This file is part of kBuild.
10 *
11 * kBuild is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * kBuild is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with kBuild; if not, write to the Free Software
23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
24 *
25 */
26
27
28/*******************************************************************************
29* Header Files *
30*******************************************************************************/
31#include <sys/types.h>
32#include <stdlib.h>
33#include <string.h>
34#include <ctype.h>
35#include <assert.h>
36#if defined(_MSC_VER) || defined(__OS2__)
37# include <limits.h>
38# include <direct.h>
39#endif
40#include "kbuild_protection.h"
41
42
43/*******************************************************************************
44* Defined Constants And Macros *
45*******************************************************************************/
46#define KBUILD_PROTECTION_MAGIC 0x00111100
47
48#if defined(__EMX__) || defined(_MSC_VER)
49# define IS_SLASH(ch) ( (ch) == '/' || (ch) == '\\' )
50# define DEFAULT_PROTECTION_DEPTH 1
51#else
52# define IS_SLASH(ch) ( (ch) == '/' )
53# define DEFAULT_PROTECTION_DEPTH 2
54#endif
55
56
57
58/**
59 * Counts the components in the specified sub path.
60 * This is a helper for count_path_components.
61 *
62 * etc = 1
63 * etc/ = 1
64 * etc/x11 = 2
65 * and so and and so forth.
66 */
67static int countSubPathComponents(const char *pszPath, int cDepth)
68{
69 for (;;)
70 {
71 const char *pszEnd;
72 size_t cch;
73
74 /* skip slashes. */
75 while (IS_SLASH(*pszPath))
76 pszPath++;
77 if (!*pszPath)
78 break;
79
80 /* find end of component. */
81 pszEnd = pszPath;
82 while (!IS_SLASH(*pszEnd) && *pszEnd)
83 pszEnd++;
84
85 /* count it, checking for '..' and '.'. */
86 cch = pszEnd - pszPath;
87 if (cch == 2 && pszPath[0] == '.' && pszPath[1] == '.')
88 {
89 if (cDepth > 0)
90 cDepth--;
91 }
92 else if (cch != 1 || pszPath[0] != '.')
93 cDepth++;
94
95 /* advance */
96 if (!*pszEnd)
97 break;
98 pszPath = pszEnd + 1;
99 }
100 return cDepth;
101}
102
103
104/**
105 * Parses the specified path counting the number of components
106 * relative to root.
107 *
108 * We don't check symbolic links and such, just some simple and cheap
109 * path parsing.
110 *
111 * @param pszPath The path to process.
112 *
113 * @returns 0 or higher on success.
114 * On failure an error is printed, eval is set and -1 is returned.
115 */
116static int countPathComponents(const char *pszPath)
117{
118 int cComponents = 0;
119
120 /*
121 * Deal with root, UNC, drive letter.
122 */
123#if defined(_MSC_VER) || defined(__OS2__)
124 if (IS_SLASH(pszPath[0]) && IS_SLASH(pszPath[1]) && !IS_SLASH(pszPath[2]))
125 {
126 /* skip the root - UNC */
127 pszPath += 3;
128 while (!IS_SLASH(*pszPath) && *pszPath) /* server name */
129 pszPath++;
130 while (IS_SLASH(*pszPath))
131 pszPath++;
132 while (!IS_SLASH(*pszPath) && *pszPath) /* share name */
133 pszPath++;
134 while (IS_SLASH(*pszPath))
135 pszPath++;
136 }
137 else
138 {
139 unsigned uDriveLetter = (unsigned)toupper(pszPath[0]) - (unsigned)'A';
140 if (uDriveLetter <= (unsigned)('Z' - 'A') && pszPath[1] == ':')
141 uDriveLetter++; /* A == 1 */
142 else
143 uDriveLetter = 0; /* 0 == default */
144
145 if (!IS_SLASH(pszPath[uDriveLetter ? 2 : 0]))
146 {
147 /*
148 * Relative path, must count cwd depth first.
149 */
150#ifdef __OS2__ /** @todo remove when ticket 194 has been fixed */
151 char *pszCwd = _getdcwd(uDriveLetter, NULL, PATH_MAX);
152#else
153 char *pszCwd = _getdcwd(uDriveLetter, NULL, 0);
154#endif
155 char *pszTmp = pszCwd;
156 if (!pszTmp)
157 {
158 err(1, "_getdcwd");
159 return -1;
160 }
161
162 if (IS_SLASH(pszTmp[0]) && IS_SLASH(pszTmp[1]))
163 {
164 /* skip the root - UNC */
165 pszTmp += 2;
166 while (!IS_SLASH(*pszTmp) && *pszTmp) /* server name */
167 pszTmp++;
168 while (IS_SLASH(*pszTmp))
169 pszTmp++;
170 while (!IS_SLASH(*pszTmp) && *pszTmp) /* share name */
171 pszTmp++;
172 }
173 else
174 {
175 /* skip the drive letter and while we're at it, the root slash too. */
176 pszTmp += 1 + (pszTmp[1] == ':');
177 }
178 cComponents = countSubPathComponents(pszTmp, 0);
179 free(pszCwd);
180 }
181 else
182 {
183 /* skip the drive letter and while we're at it, the root slash too. */
184 pszPath += uDriveLetter ? 3 : 1;
185 }
186 }
187#else
188 if (!IS_SLASH(pszPath[0]))
189 {
190 /*
191 * Relative path, must count cwd depth first.
192 */
193 char szCwd[4096];
194 if (!getcwd(szCwd, sizeof(szCwd)))
195 {
196 err(1, "getcwd");
197 return -1;
198 }
199 cComponents = countSubPathComponents(szCwd, 0);
200 }
201#endif
202
203 /*
204 * We're now past any UNC or drive letter crap, possibly positioned
205 * at the root slash or at the start of a path component at the
206 * given depth. Count the remainder.
207 */
208 return countSubPathComponents(pszPath, cComponents);
209}
210
211
212/**
213 * Initializes the instance data.
214 *
215 * @param pThis Pointer to the instance data.
216 */
217void kBuildProtectionInit(PKBUILDPROTECTION pThis)
218{
219 pThis->uMagic = KBUILD_PROTECTION_MAGIC;
220 pThis->afTypes[KBUILDPROTECTIONTYPE_FULL] = 0;
221 pThis->afTypes[KBUILDPROTECTIONTYPE_RECURSIVE] = 1;
222 pThis->cProtectionDepth = DEFAULT_PROTECTION_DEPTH;
223}
224
225
226/**
227 * Destroys the instance data.
228 *
229 * @param pThis Pointer to the instance data.
230 */
231void kBuildProtectionTerm(PKBUILDPROTECTION pThis)
232{
233 pThis->uMagic = 0;
234}
235
236
237void kBuildProtectionEnable(PKBUILDPROTECTION pThis, KBUILDPROTECTIONTYPE enmType)
238{
239 assert(pThis->uMagic == KBUILD_PROTECTION_MAGIC);
240 assert(enmType < KBUILDPROTECTIONTYPE_MAX && enmType >= KBUILDPROTECTIONTYPE_FIRST);
241 pThis->afTypes[enmType] |= 1;
242}
243
244
245void kBuildProtectionDisable(PKBUILDPROTECTION pThis, KBUILDPROTECTIONTYPE enmType)
246{
247 assert(pThis->uMagic == KBUILD_PROTECTION_MAGIC);
248 assert(enmType < KBUILDPROTECTIONTYPE_MAX && enmType >= KBUILDPROTECTIONTYPE_FIRST);
249 pThis->afTypes[enmType] &= ~1U;
250}
251
252
253/**
254 * Sets the protection depth according to the option argument.
255 *
256 * @param pszValue The value.
257 *
258 * @returns 0 on success, -1 and errx on failure.
259 */
260int kBuildProtectionSetDepth(PKBUILDPROTECTION pThis, const char *pszValue)
261{
262 /* skip leading blanks, they don't count either way. */
263 while (isspace(*pszValue))
264 pszValue++;
265
266 /* number or path? */
267 if (!isdigit(*pszValue) || strpbrk(pszValue, ":/\\"))
268 pThis->cProtectionDepth = countPathComponents(pszValue);
269 else
270 {
271 char *pszMore = 0;
272 pThis->cProtectionDepth = strtol(pszValue, &pszMore, 0);
273 if (pThis->cProtectionDepth != 0 && pszMore)
274 {
275 /* trailing space is harmless. */
276 while (isspace(*pszMore))
277 pszMore++;
278 }
279 if (!pThis->cProtectionDepth || pszValue == pszMore || *pszMore)
280 return errx(1, "bogus protection depth: %s", pszValue);
281 }
282
283 if (pThis->cProtectionDepth < 1)
284 return errx(1, "bogus protection depth: %s", pszValue);
285 return 0;
286}
287
288
289/**
290 * Scans the environment for option overrides.
291 *
292 * @param pThis Pointer to the instance data.
293 * @param papszEnv The environment array.
294 * @param pszPrefix The variable prefix.
295 *
296 * @returns 0 on success, -1 and err*() on failure.
297 */
298int kBuildProtectionScanEnv(PKBUILDPROTECTION pThis, char **papszEnv, const char *pszPrefix)
299{
300 unsigned i;
301 const size_t cchPrefix = strlen(pszPrefix);
302
303 for (i = 0; papszEnv[i]; i++)
304 {
305 const char *pszVar = papszEnv[i];
306 if (!strncmp(pszVar, pszPrefix, cchPrefix))
307 {
308 pszVar += cchPrefix;
309 if (!strncmp(pszVar, "PROTECTION_DEPTH=", sizeof("PROTECTION_DEPTH=") - 1))
310 {
311 const char *pszVal = pszVar + sizeof("PROTECTION_DEPTH=") - 1;
312 if (kBuildProtectionSetDepth(pThis, pszVal))
313 return -1;
314 }
315 else if (!strncmp(pszVar, "DISABLE_PROTECTION=", sizeof("DISABLE_PROTECTION=") - 1))
316 pThis->afTypes[KBUILDPROTECTIONTYPE_RECURSIVE] &= ~1U;
317 else if (!strncmp(pszVar, "ENABLE_PROTECTION=", sizeof("ENABLE_PROTECTION=") - 1))
318 pThis->afTypes[KBUILDPROTECTIONTYPE_RECURSIVE] |= 3;
319 else if (!strncmp(pszVar, "DISABLE_FULL_PROTECTION=", sizeof("DISABLE_FULL_PROTECTION=") - 1))
320 pThis->afTypes[KBUILDPROTECTIONTYPE_FULL] &= ~1U;
321 else if (!strncmp(pszVar, "ENABLE_FULL_PROTECTION=", sizeof("ENABLE_FULL_PROTECTION=") - 1))
322 pThis->afTypes[KBUILDPROTECTIONTYPE_FULL] |= 3;
323 }
324 }
325 return 0;
326}
327
328
329/**
330 * Protect the upper layers of the file system against accidental
331 * or malicious deletetion attempt from within a makefile.
332 *
333 * @param pszPath The path to check.
334 * @param required_depth The minimum number of components in the
335 * path counting from the root.
336 *
337 * @returns 0 on success.
338 * On failure an error is printed and -1 is returned.
339 */
340int kBuildProtectionEnforce(PCKBUILDPROTECTION pThis, KBUILDPROTECTIONTYPE enmType, const char *pszPath)
341{
342 assert(pThis->uMagic == KBUILD_PROTECTION_MAGIC);
343 assert(enmType < KBUILDPROTECTIONTYPE_MAX && enmType >= KBUILDPROTECTIONTYPE_FIRST);
344
345 if ( (pThis->afTypes[enmType] & 3)
346 || (pThis->afTypes[KBUILDPROTECTIONTYPE_FULL] & 3))
347 {
348 /*
349 * Count the path and compare it with the required depth.
350 */
351 int cComponents = countPathComponents(pszPath);
352 if (cComponents < 0)
353 return -1;
354 if (cComponents <= pThis->cProtectionDepth)
355 {
356 errx(1, "%s: protected", pszPath);
357 return -1;
358 }
359 }
360 return 0;
361}
362
363
364/**
365 * Retrieve the default path protection depth.
366 *
367 * @returns the default value.
368 */
369int kBuildProtectionDefaultDepth(void)
370{
371 return DEFAULT_PROTECTION_DEPTH;
372}
373
Note: See TracBrowser for help on using the repository browser.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette