/* xwrap.c - wrappers around existing library functions. * * Functions with the x prefix are wrappers that either succeed or kill the * program with an error message, but never return failure. They usually have * the same arguments and return value as the function they wrap. * * Copyright 2006 Rob Landley */ #include "toys.h" // Strcpy with size checking: exit if there's not enough space for the string. void xstrncpy(char *dest, char *src, size_t size) { if (strlen(src)+1 > size) error_exit("'%s' > %ld bytes", src, (long)size); strcpy(dest, src); } void xexit(void) { if (toys.rebound) longjmp(*toys.rebound, 1); else exit(toys.exitval); } // Die unless we can allocate memory. void *xmalloc(size_t size) { void *ret = malloc(size); if (!ret) error_exit("xmalloc"); return ret; } // Die unless we can allocate prezeroed memory. void *xzalloc(size_t size) { void *ret = xmalloc(size); memset(ret, 0, size); return ret; } // Die unless we can change the size of an existing allocation, possibly // moving it. (Notice different arguments from libc function.) void *xrealloc(void *ptr, size_t size) { ptr = realloc(ptr, size); if (!ptr) error_exit("xrealloc"); return ptr; } // Die unless we can allocate a copy of this many bytes of string. char *xstrndup(char *s, size_t n) { char *ret = xmalloc(++n); strncpy(ret, s, n); ret[--n]=0; return ret; } // Die unless we can allocate a copy of this string. char *xstrdup(char *s) { return xstrndup(s, strlen(s)); } // Die unless we can allocate enough space to sprintf() into. char *xmprintf(char *format, ...) { va_list va, va2; int len; char *ret; va_start(va, format); va_copy(va2, va); // How long is it? len = vsnprintf(0, 0, format, va); len++; va_end(va); // Allocate and do the sprintf() ret = xmalloc(len); vsnprintf(ret, len, format, va2); va_end(va2); return ret; } void xprintf(char *format, ...) { va_list va; va_start(va, format); vprintf(format, va); if (fflush(stdout) || ferror(stdout)) perror_exit("write"); } void xputs(char *s) { if (EOF == puts(s) || fflush(stdout) || ferror(stdout)) perror_exit("write"); } void xputc(char c) { if (EOF == fputc(c, stdout) || fflush(stdout) || ferror(stdout)) perror_exit("write"); } void xflush(void) { if (fflush(stdout) || ferror(stdout)) perror_exit("write");; } pid_t xfork(void) { pid_t pid = fork(); if (pid < 0) perror_exit("fork"); return pid; } // Call xexec with a chunk of optargs, starting at skip. (You can't just // call xexec() directly because toy_init() frees optargs.) void xexec_optargs(int skip) { char **s = toys.optargs; toys.optargs = 0; xexec(s+skip); } // Die unless we can exec argv[] (or run builtin command). Note that anything // with a path isn't a builtin, so /bin/sh won't match the builtin sh. void xexec(char **argv) { if (CFG_TOYBOX) toy_exec(argv); execvp(argv[0], argv); perror_exit("exec %s", argv[0]); } // Spawn child process, capturing stdin/stdout. // argv[]: command to exec. If null, child returns to original program. // pipes[]: stdin, stdout of new process. If null, block and wait for child. // return: pid of child process pid_t xpopen(char **argv, int *pipes) { int cestnepasun[4], pid; // Make the pipes? if (pipes) { if (pipe(cestnepasun) || pipe(cestnepasun+2)) perror_exit("pipe"); pipes[0] = cestnepasun[1]; pipes[1] = cestnepasun[2]; } // Child process if (!(pid = xfork())) { // Dance of the stdin/stdout redirection. if (pipes) { close(cestnepasun[1]); close(cestnepasun[2]); // if we had no stdin/out, pipe handles could overlap, so test for that if (cestnepasun[0]) { dup2(cestnepasun[0], 0); close(cestnepasun[0]); } dup2(cestnepasun[3], 1); dup2(cestnepasun[3], 2); if (cestnepasun[3] > 2) close(cestnepasun[3]); } if (argv) { if (CFG_TOYBOX) toy_exec(argv); execvp(argv[0], argv); _exit(127); } return 0; // Parent process } else { if (pipes) { close(cestnepasun[0]); close(cestnepasun[3]); } return pid; } } int xpclose(pid_t pid, int *pipes) { int rc = 127; if (pipes) { close(pipes[0]); close(pipes[1]); } waitpid(pid, &rc, 0); return WIFEXITED(rc) ? WEXITSTATUS(rc) : WTERMSIG(rc) + 127; } void xaccess(char *path, int flags) { if (access(path, flags)) perror_exit("Can't access '%s'", path); } // Die unless we can delete a file. (File must exist to be deleted.) void xunlink(char *path) { if (unlink(path)) perror_exit("unlink '%s'", path); } // Die unless we can open/create a file, returning file descriptor. int xcreate(char *path, int flags, int mode) { int fd = open(path, flags, mode); if (fd == -1) perror_exit("%s", path); return fd; } // Die unless we can open a file, returning file descriptor. int xopen(char *path, int flags) { return xcreate(path, flags, 0); } void xclose(int fd) { if (close(fd)) perror_exit("xclose"); } int xdup(int fd) { if (fd != -1) { fd = dup(fd); if (fd == -1) perror_exit("xdup"); } return fd; } FILE *xfdopen(int fd, char *mode) { FILE *f = fdopen(fd, mode); if (!f) perror_exit("xfdopen"); return f; } // Die unless we can open/create a file, returning FILE *. FILE *xfopen(char *path, char *mode) { FILE *f = fopen(path, mode); if (!f) perror_exit("No file %s", path); return f; } // Die if there's an error other than EOF. size_t xread(int fd, void *buf, size_t len) { ssize_t ret = read(fd, buf, len); if (ret < 0) perror_exit("xread"); return ret; } void xreadall(int fd, void *buf, size_t len) { if (len != readall(fd, buf, len)) perror_exit("xreadall"); } // There's no xwriteall(), just xwrite(). When we read, there may or may not // be more data waiting. When we write, there is data and it had better go // somewhere. void xwrite(int fd, void *buf, size_t len) { if (len != writeall(fd, buf, len)) perror_exit("xwrite"); } // Die if lseek fails, probably due to being called on a pipe. off_t xlseek(int fd, off_t offset, int whence) { offset = lseek(fd, offset, whence); if (offset<0) perror_exit("lseek"); return offset; } char *xgetcwd(void) { char *buf = getcwd(NULL, 0); if (!buf) perror_exit("xgetcwd"); return buf; } void xstat(char *path, struct stat *st) { if(stat(path, st)) perror_exit("Can't stat %s", path); } // Cannonicalize path, even to file with one or more missing components at end. // if exact, require last path component to exist char *xabspath(char *path, int exact) { struct string_list *todo, *done = 0; int try = 9999, dirfd = open("/", 0);; char buf[4096], *ret; // If this isn't an absolute path, start with cwd. if (*path != '/') { char *temp = xgetcwd(); splitpath(path, splitpath(temp, &todo)); free(temp); } else splitpath(path, &todo); // Iterate through path components while (todo) { struct string_list *new = llist_pop(&todo), **tail; ssize_t len; if (!try--) { errno = ELOOP; goto error; } // Removable path componenents. if (!strcmp(new->str, ".") || !strcmp(new->str, "..")) { int x = new->str[1]; free(new); if (x) { if (done) free(llist_pop(&done)); len = 0; } else continue; // Is this a symlink? } else len=readlinkat(dirfd, new->str, buf, 4096); if (len>4095) goto error; if (len<1) { int fd; char *s = ".."; // For .. just move dirfd if (len) { // Not a symlink: add to linked list, move dirfd, fail if error if ((exact || todo) && errno != EINVAL) goto error; new->next = done; done = new; if (errno == EINVAL && !todo) break; s = new->str; } fd = openat(dirfd, s, 0); if (fd == -1 && (exact || todo || errno != ENOENT)) goto error; close(dirfd); dirfd = fd; continue; } // If this symlink is to an absolute path, discard existing resolved path buf[len] = 0; if (*buf == '/') { llist_traverse(done, free); done=0; close(dirfd); dirfd = open("/", 0); } free(new); // prepend components of new path. Note symlink to "/" will leave new NULL tail = splitpath(buf, &new); // symlink to "/" will return null and leave tail alone if (new) { *tail = todo; todo = new; } } close(dirfd); // At this point done has the path, in reverse order. Reverse list while // calculating buffer length. try = 2; while (done) { struct string_list *temp = llist_pop(&done);; if (todo) try++; try += strlen(temp->str); temp->next = todo; todo = temp; } // Assemble return buffer ret = xmalloc(try); *ret = '/'; ret [try = 1] = 0; while (todo) { if (try>1) ret[try++] = '/'; try = stpcpy(ret+try, todo->str) - ret; free(llist_pop(&todo)); } return ret; error: close(dirfd); llist_traverse(todo, free); llist_traverse(done, free); return NULL; } // Resolve all symlinks, returning malloc() memory. char *xrealpath(char *path) { char *new = realpath(path, NULL); if (!new) perror_exit("realpath '%s'", path); return new; } void xchdir(char *path) { if (chdir(path)) error_exit("chdir '%s'", path); } void xchroot(char *path) { if (chroot(path)) error_exit("chroot '%s'", path); xchdir("/"); } struct passwd *xgetpwuid(uid_t uid) { struct passwd *pwd = getpwuid(uid); if (!pwd) error_exit("bad uid %ld", (long)uid); return pwd; } struct group *xgetgrgid(gid_t gid) { struct group *group = getgrgid(gid); if (!group) error_exit("bad gid %ld", (long)gid); return group; } struct passwd *xgetpwnam(char *name) { struct passwd *up = getpwnam(name); if (!up) error_exit("bad user '%s'", name); return up; } // setuid() can fail (for example, too many processes belonging to that user), // which opens a security hole if the process continues as the original user. void xsetuser(struct passwd *pwd) { if (initgroups(pwd->pw_name, pwd->pw_gid) || setgid(pwd->pw_uid) || setuid(pwd->pw_uid)) perror_exit("xsetuser '%s'", pwd->pw_name); } // This can return null (meaning file not found). It just won't return null // for memory allocation reasons. char *xreadlink(char *name) { int len, size = 0; char *buf = 0; // Grow by 64 byte chunks until it's big enough. for(;;) { size +=64; buf = xrealloc(buf, size); len = readlink(name, buf, size); if (len<0) { free(buf); return 0; } if (len