Permalink
Cannot retrieve contributors at this time
glibc/sysdeps/posix/opendir.c
Go to file/* Copyright (C) 1991-2016 Free Software Foundation, Inc. | |
This file is part of the GNU C Library. | |
The GNU C Library is free software; you can redistribute it and/or | |
modify it under the terms of the GNU Lesser General Public | |
License as published by the Free Software Foundation; either | |
version 2.1 of the License, or (at your option) any later version. | |
The GNU C Library is distributed in the hope that it will be useful, | |
but WITHOUT ANY WARRANTY; without even the implied warranty of | |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
Lesser General Public License for more details. | |
You should have received a copy of the GNU Lesser General Public | |
License along with the GNU C Library; if not, see | |
<http://www.gnu.org/licenses/>. */ | |
#include <assert.h> | |
#include <errno.h> | |
#include <limits.h> | |
#include <stdbool.h> | |
#include <stddef.h> | |
#include <stdlib.h> | |
#include <dirent.h> | |
#include <fcntl.h> | |
#include <sys/param.h> | |
#include <sys/types.h> | |
#include <sys/stat.h> | |
#include <unistd.h> | |
#include <stdio.h> | |
#include <string.h> | |
#include <dirstream.h> | |
#include <not-cancel.h> | |
#include <kernel-features.h> | |
/* The st_blksize value of the directory is used as a hint for the | |
size of the buffer which receives struct dirent values from the | |
kernel. st_blksize is limited to MAX_DIR_BUFFER_SIZE, in case the | |
file system provides a bogus value. */ | |
#define MAX_DIR_BUFFER_SIZE 1048576U | |
/* opendir() must not accidentally open something other than a directory. | |
Some OS's have kernel support for that, some don't. In the worst | |
case we have to stat() before the open() AND fstat() after. | |
We have to test at runtime for kernel support since libc may have | |
been compiled with different headers to the kernel it's running on. | |
This test can't be done reliably in the general case. We'll use | |
/dev/null, which if it's not a device lots of stuff will break, as | |
a guinea pig. It may be missing in chroot environments, so we | |
make sure to fail safe. */ | |
#ifdef O_DIRECTORY | |
# ifdef O_DIRECTORY_WORKS | |
# define o_directory_works 1 | |
# define tryopen_o_directory() while (1) /* This must not be called. */ | |
# else | |
static int o_directory_works; | |
static void | |
tryopen_o_directory (void) | |
{ | |
int serrno = errno; | |
int x = open_not_cancel_2 ("/dev/null", O_RDONLY|O_NDELAY|O_DIRECTORY); | |
if (x >= 0) | |
{ | |
close_not_cancel_no_status (x); | |
o_directory_works = -1; | |
} | |
else if (errno != ENOTDIR) | |
o_directory_works = -1; | |
else | |
o_directory_works = 1; | |
__set_errno (serrno); | |
} | |
# endif | |
# define EXTRA_FLAGS O_DIRECTORY | |
#else | |
# define EXTRA_FLAGS 0 | |
#endif | |
static bool | |
invalid_name (const char *name) | |
{ | |
if (__glibc_unlikely (name[0] == '\0')) | |
{ | |
/* POSIX.1-1990 says an empty name gets ENOENT; | |
but `open' might like it fine. */ | |
__set_errno (ENOENT); | |
return true; | |
} | |
return false; | |
} | |
static bool | |
need_isdir_precheck (void) | |
{ | |
#ifdef O_DIRECTORY | |
/* Test whether O_DIRECTORY works. */ | |
if (o_directory_works == 0) | |
tryopen_o_directory (); | |
/* We can skip the expensive `stat' call if O_DIRECTORY works. */ | |
return o_directory_works < 0; | |
#endif | |
return true; | |
} | |
static int | |
opendir_oflags (void) | |
{ | |
int flags = O_RDONLY|O_NDELAY|EXTRA_FLAGS|O_LARGEFILE; | |
#ifdef O_CLOEXEC | |
flags |= O_CLOEXEC; | |
#endif | |
return flags; | |
} | |
static DIR * | |
opendir_tail (int fd) | |
{ | |
if (__glibc_unlikely (fd < 0)) | |
return NULL; | |
/* Now make sure this really is a directory and nothing changed since the | |
`stat' call. The S_ISDIR check is superfluous if O_DIRECTORY works, | |
but it's cheap and we need the stat call for st_blksize anyway. */ | |
struct stat64 statbuf; | |
if (__glibc_unlikely (__fxstat64 (_STAT_VER, fd, &statbuf) < 0)) | |
goto lose; | |
if (__glibc_unlikely (! S_ISDIR (statbuf.st_mode))) | |
{ | |
__set_errno (ENOTDIR); | |
lose: | |
close_not_cancel_no_status (fd); | |
return NULL; | |
} | |
return __alloc_dir (fd, true, 0, &statbuf); | |
} | |
#if IS_IN (libc) | |
DIR * | |
internal_function | |
__opendirat (int dfd, const char *name) | |
{ | |
if (__glibc_unlikely (invalid_name (name))) | |
return NULL; | |
if (need_isdir_precheck ()) | |
{ | |
/* We first have to check whether the name is for a directory. We | |
cannot do this after the open() call since the open/close operation | |
performed on, say, a tape device might have undesirable effects. */ | |
struct stat64 statbuf; | |
if (__glibc_unlikely (__fxstatat64 (_STAT_VER, dfd, name, | |
&statbuf, 0) < 0)) | |
return NULL; | |
if (__glibc_unlikely (! S_ISDIR (statbuf.st_mode))) | |
{ | |
__set_errno (ENOTDIR); | |
return NULL; | |
} | |
} | |
return opendir_tail (openat_not_cancel_3 (dfd, name, opendir_oflags ())); | |
} | |
#endif | |
/* Open a directory stream on NAME. */ | |
DIR * | |
__opendir (const char *name) | |
{ | |
if (__glibc_unlikely (invalid_name (name))) | |
return NULL; | |
if (need_isdir_precheck ()) | |
{ | |
/* We first have to check whether the name is for a directory. We | |
cannot do this after the open() call since the open/close operation | |
performed on, say, a tape device might have undesirable effects. */ | |
struct stat64 statbuf; | |
if (__glibc_unlikely (__xstat64 (_STAT_VER, name, &statbuf) < 0)) | |
return NULL; | |
if (__glibc_unlikely (! S_ISDIR (statbuf.st_mode))) | |
{ | |
__set_errno (ENOTDIR); | |
return NULL; | |
} | |
} | |
return opendir_tail (open_not_cancel_2 (name, opendir_oflags ())); | |
} | |
weak_alias (__opendir, opendir) | |
#ifdef __ASSUME_O_CLOEXEC | |
# define check_have_o_cloexec(fd) 1 | |
#else | |
static int | |
check_have_o_cloexec (int fd) | |
{ | |
if (__have_o_cloexec == 0) | |
__have_o_cloexec = (__fcntl (fd, F_GETFD, 0) & FD_CLOEXEC) == 0 ? -1 : 1; | |
return __have_o_cloexec > 0; | |
} | |
#endif | |
DIR * | |
internal_function | |
__alloc_dir (int fd, bool close_fd, int flags, const struct stat64 *statp) | |
{ | |
/* We always have to set the close-on-exit flag if the user provided | |
the file descriptor. Otherwise only if we have no working | |
O_CLOEXEC support. */ | |
#ifdef O_CLOEXEC | |
if ((! close_fd && (flags & O_CLOEXEC) == 0) | |
|| ! check_have_o_cloexec (fd)) | |
#endif | |
{ | |
if (__builtin_expect (__fcntl (fd, F_SETFD, FD_CLOEXEC), 0) < 0) | |
goto lose; | |
} | |
const size_t default_allocation = (4 * BUFSIZ < sizeof (struct dirent64) | |
? sizeof (struct dirent64) : 4 * BUFSIZ); | |
const size_t small_allocation = (BUFSIZ < sizeof (struct dirent64) | |
? sizeof (struct dirent64) : BUFSIZ); | |
size_t allocation = default_allocation; | |
#ifdef _STATBUF_ST_BLKSIZE | |
/* Increase allocation if requested, but not if the value appears to | |
be bogus. */ | |
if (statp != NULL) | |
allocation = MIN (MAX ((size_t) statp->st_blksize, default_allocation), | |
MAX_DIR_BUFFER_SIZE); | |
#endif | |
DIR *dirp = (DIR *) malloc (sizeof (DIR) + allocation); | |
if (dirp == NULL) | |
{ | |
allocation = small_allocation; | |
dirp = (DIR *) malloc (sizeof (DIR) + allocation); | |
if (dirp == NULL) | |
lose: | |
{ | |
if (close_fd) | |
{ | |
int save_errno = errno; | |
close_not_cancel_no_status (fd); | |
__set_errno (save_errno); | |
} | |
return NULL; | |
} | |
} | |
dirp->fd = fd; | |
#if IS_IN (libc) | |
__libc_lock_init (dirp->lock); | |
#endif | |
dirp->allocation = allocation; | |
dirp->size = 0; | |
dirp->offset = 0; | |
dirp->filepos = 0; | |
dirp->errcode = 0; | |
return dirp; | |
} |