From: Ismael Luceno <ismael@iodev.co.uk>
To: musl@lists.openwall.com
Cc: Rich Felker <dalias@libc.org>, Ismael Luceno <ismael@iodev.co.uk>
Subject: [musl] [PATCH v5 3/3] glob: implement GLOB_ALTDIRFUNC et al
Date: Fri, 27 Aug 2021 22:49:50 +0200 [thread overview]
Message-ID: <20210827204950.10223-3-ismael@iodev.co.uk> (raw)
In-Reply-To: <20210827204950.10223-1-ismael@iodev.co.uk>
Signed-off-by: Ismael Luceno <ismael@iodev.co.uk>
---
Notes:
Changes since v4:
- Rebased on top of do_glob context patch
- Added alternate definitions of glob_t for BSD/GNU vs POSIX
- Added static check to ensure the memory layout of both glob_t versions
matches plus a wrapper for the POSIX glob function (necessary?)
Changes since v3:
- Wrap pointers used by GLOB_ALTDIRFUNC on the header to protect from namespace
contamination. GNU and BSD code shouldn't be using "dirent", so it should be
safe.
Changes since v2:
- Rebased
Changes since v1:
- Avoid overwriting the function pointers in glob_t
- Wrap {open,read}dir too
include/glob.h | 18 +++++++++++-
src/regex/glob.c | 73 ++++++++++++++++++++++++++++++++++++++++++++----
2 files changed, 84 insertions(+), 7 deletions(-)
diff --git a/include/glob.h b/include/glob.h
index 0ff70bdfeef2..32c03610020b 100644
--- a/include/glob.h
+++ b/include/glob.h
@@ -11,12 +11,27 @@ extern "C" {
#include <bits/alltypes.h>
+#if defined(_BSD_SOURCE) || defined(_GNU_SOURCE)
+#define __dirent dirent
+#define __stat stat
+#else
+#define glob __posix_glob
+#endif
+
+struct __dirent;
+struct __stat;
+
typedef struct {
size_t gl_pathc;
char **gl_pathv;
size_t gl_offs;
int __dummy1;
- void *__dummy2[5];
+
+ void (*gl_closedir)(void *);
+ struct __dirent *(*gl_readdir)(void *);
+ void *(*gl_opendir)(const char *);
+ int (*gl_lstat)(const char *__restrict, struct __stat *__restrict);
+ int (*gl_stat)(const char *__restrict, struct __stat *__restrict);
} glob_t;
int glob(const char *__restrict, int, int (*)(const char *, int), glob_t *__restrict);
@@ -31,6 +46,7 @@ void globfree(glob_t *);
#define GLOB_NOESCAPE 0x40
#define GLOB_PERIOD 0x80
+#define GLOB_ALTDIRFUNC 0x0200
#define GLOB_NOMAGIC 0x0800
#define GLOB_TILDE 0x1000
#define GLOB_TILDE_CHECK 0x4000
diff --git a/src/regex/glob.c b/src/regex/glob.c
index 9491eaeef266..be7be0b62da9 100644
--- a/src/regex/glob.c
+++ b/src/regex/glob.c
@@ -36,6 +36,13 @@ struct glob_ctx {
struct match **tail;
int flags;
int (*errfunc)(const char *path, int err);
+
+ /* for GLOB_ALTDIRFUNC */
+ void (*closedir)(void *);
+ struct dirent *(*readdir)(void *);
+ void *(*opendir)(const char *);
+ int (*lstat)(const char *restrict, struct stat *restrict);
+ int (*stat)(const char *restrict, struct stat *restrict);
};
static int do_glob(char *buf, size_t pos, int type, char *pat, const struct glob_ctx *restrict ctx)
@@ -106,11 +113,11 @@ static int do_glob(char *buf, size_t pos, int type, char *pat, const struct glob
* or if that fails, use lstat for determining existence to
* avoid false negatives in the case of broken symlinks. */
struct stat st;
- if ((ctx->flags & GLOB_MARK) && (!type||type==DT_LNK) && !stat(buf, &st)) {
+ if ((ctx->flags & GLOB_MARK) && (!type||type==DT_LNK) && !ctx->stat(buf, &st)) {
if (S_ISDIR(st.st_mode)) type = DT_DIR;
else type = DT_REG;
}
- if (!type && lstat(buf, &st)) {
+ if (!type && ctx->lstat(buf, &st)) {
if (errno!=ENOENT && (ctx->errfunc(buf, errno) || (ctx->flags & GLOB_ERR)))
return GLOB_ABORTED;
return 0;
@@ -130,7 +137,7 @@ static int do_glob(char *buf, size_t pos, int type, char *pat, const struct glob
saved_sep = '\\';
}
}
- DIR *dir = opendir(pos ? buf : ".");
+ DIR *dir = ctx->opendir(pos ? buf : ".");
if (!dir) {
if (ctx->errfunc(buf, errno) || (ctx->flags & GLOB_ERR))
return GLOB_ABORTED;
@@ -138,7 +145,7 @@ static int do_glob(char *buf, size_t pos, int type, char *pat, const struct glob
}
int old_errno = errno;
struct dirent *de;
- while (errno=0, de=readdir(dir)) {
+ while (errno=0, de=ctx->readdir(dir)) {
/* Quickly skip non-directories when there's pattern left. */
if (p2 && de->d_type && de->d_type!=DT_DIR && de->d_type!=DT_LNK)
continue;
@@ -165,13 +172,13 @@ static int do_glob(char *buf, size_t pos, int type, char *pat, const struct glob
if (p2) *p2 = saved_sep;
int r = do_glob(buf, pos+l, de->d_type, p2 ? p2 : "", ctx);
if (r) {
- closedir(dir);
+ ctx->closedir(dir);
return r;
}
}
int readerr = errno;
if (p2) *p2 = saved_sep;
- closedir(dir);
+ ctx->closedir(dir);
if (readerr && (ctx->errfunc(buf, errno) || (ctx->flags & GLOB_ERR)))
return GLOB_ABORTED;
errno = old_errno;
@@ -230,6 +237,10 @@ static int expand_tilde(char **pat, char *buf, size_t *pos)
return 0;
}
+static void wrap_closedir(void *p) { __closedir(p); }
+static struct dirent *wrap_readdir(void *d) { return __readdir(d); }
+static void *wrap_opendir(const char *path) { return __opendir(path); }
+
int glob(const char *restrict pat, int flags, int (*errfunc)(const char *path, int err), glob_t *restrict g)
{
struct match head = { .next = NULL }, *tail = &head;
@@ -259,6 +270,11 @@ int glob(const char *restrict pat, int flags, int (*errfunc)(const char *path, i
.tail = &tail,
.flags = flags,
.errfunc = errfunc,
+ .closedir = (flags & GLOB_ALTDIRFUNC) ? g->gl_closedir : wrap_closedir,
+ .readdir = (flags & GLOB_ALTDIRFUNC) ? g->gl_readdir : wrap_readdir,
+ .opendir = (flags & GLOB_ALTDIRFUNC) ? g->gl_opendir : wrap_opendir,
+ .lstat = (flags & GLOB_ALTDIRFUNC) ? g->gl_lstat : lstat,
+ .stat = (flags & GLOB_ALTDIRFUNC) ? g->gl_stat : stat,
};
error = do_glob(buf, pos, 0, s, &ctx);
}
@@ -326,3 +342,48 @@ void globfree(glob_t *g)
weak_alias(glob, glob64);
weak_alias(globfree, globfree64);
+
+/*
+ * Following code exists to work-around UB by different versions of glob_t
+ * (BSD/GNU vs POSIX), which are required to avoid namespace contamination.
+ */
+#undef __dirent
+#undef __stat
+struct __dirent;
+struct __stat;
+typedef struct {
+ size_t gl_pathc;
+ char **gl_pathv;
+ size_t gl_offs;
+ int __dummy1;
+
+ void (*gl_closedir)(void *);
+ struct __dirent *(*gl_readdir)(void *);
+ void *(*gl_opendir)(const char *);
+ int (*gl_lstat)(const char *__restrict, struct __stat *__restrict);
+ int (*gl_stat)(const char *__restrict, struct __stat *__restrict);
+} __posix_glob_t;
+
+#define CMP_MEMB(A, B, memb) ( \
+ offsetof(A, memb) == offsetof(B, memb) && \
+ sizeof(((A*)0)->memb) == sizeof(((B*)0)->memb))
+
+int __posix_glob(const char *restrict pat, int flags, int (*errfunc)(const char *path, int err), __posix_glob_t *restrict g)
+{
+ /* statically check size and member offsets */
+ switch(1) {
+ case 0:
+ case (sizeof(__posix_glob_t) == sizeof(glob_t) &&
+ CMP_MEMB(__posix_glob_t, glob_t, gl_pathc) &&
+ CMP_MEMB(__posix_glob_t, glob_t, gl_pathv) &&
+ CMP_MEMB(__posix_glob_t, glob_t, gl_offs) &&
+ CMP_MEMB(__posix_glob_t, glob_t, gl_closedir) &&
+ CMP_MEMB(__posix_glob_t, glob_t, gl_readdir) &&
+ CMP_MEMB(__posix_glob_t, glob_t, gl_opendir) &&
+ CMP_MEMB(__posix_glob_t, glob_t, gl_lstat) &&
+ CMP_MEMB(__posix_glob_t, glob_t, gl_stat)):
+ break;
+ }
+
+ return glob(pat, flags, errfunc, (glob_t *)g);
+}
--
2.33.0
prev parent reply other threads:[~2021-08-27 20:50 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-27 20:49 [musl] [PATCH v5 1/3] glob: introduce context struct for do_glob Ismael Luceno
2021-08-27 20:49 ` [musl] [PATCH v5 2/3] add internal aliases __opendir, __readdir and __closedir Ismael Luceno
2021-08-27 20:49 ` Ismael Luceno [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210827204950.10223-3-ismael@iodev.co.uk \
--to=ismael@iodev.co.uk \
--cc=dalias@libc.org \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).