fully resolve symlinks when creating lockfiles

Make the code for resolving symlinks in lockfile.c more robust as
follows:

1. Handle relative symlinks
2. recursively resolve symlink chains up to 5

[jc: removed lstat/stat calls to do things stupid way]

Signed-off-by: Bradford C. Smith <bradford.carl.smith@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Bradford C. Smith 2007-07-26 13:34:14 -04:00 committed by Junio C Hamano
parent 7ab3cc70a6
commit 5d5a7a6738

View File

@ -25,23 +25,111 @@ static void remove_lock_file_on_signal(int signo)
raise(signo);
}
/*
* p = absolute or relative path name
*
* Return a pointer into p showing the beginning of the last path name
* element. If p is empty or the root directory ("/"), just return p.
*/
static char *last_path_elm(char *p)
{
/* r starts pointing to null at the end of the string */
char *r = strchr(p, '\0');
if (r == p)
return p; /* just return empty string */
r--; /* back up to last non-null character */
/* back up past trailing slashes, if any */
while (r > p && *r == '/')
r--;
/*
* then go backwards until I hit a slash, or the beginning of
* the string
*/
while (r > p && *(r-1) != '/')
r--;
return r;
}
/* We allow "recursive" symbolic links. Only within reason, though */
#define MAXDEPTH 5
/*
* p = path that may be a symlink
* s = full size of p
*
* If p is a symlink, attempt to overwrite p with a path to the real
* file or directory (which may or may not exist), following a chain of
* symlinks if necessary. Otherwise, leave p unmodified.
*
* This is a best-effort routine. If an error occurs, p will either be
* left unmodified or will name a different symlink in a symlink chain
* that started with p's initial contents.
*
* Always returns p.
*/
static char *resolve_symlink(char *p, size_t s)
{
int depth = MAXDEPTH;
while (depth--) {
char link[PATH_MAX];
int link_len = readlink(p, link, sizeof(link));
if (link_len < 0) {
/* not a symlink anymore */
return p;
}
else if (link_len < sizeof(link))
/* readlink() never null-terminates */
link[link_len] = '\0';
else {
warning("%s: symlink too long", p);
return p;
}
if (link[0] == '/') {
/* absolute path simply replaces p */
if (link_len < s)
strcpy(p, link);
else {
warning("%s: symlink too long", p);
return p;
}
} else {
/*
* link is a relative path, so I must replace the
* last element of p with it.
*/
char *r = (char*)last_path_elm(p);
if (r - p + link_len < s)
strcpy(r, link);
else {
warning("%s: symlink too long", p);
return p;
}
}
}
return p;
}
static int lock_file(struct lock_file *lk, const char *path)
{
int fd;
struct stat st;
if ((!lstat(path, &st)) && S_ISLNK(st.st_mode)) {
ssize_t sz;
static char target[PATH_MAX];
sz = readlink(path, target, sizeof(target));
if (sz < 0)
warning("Cannot readlink %s", path);
else if (target[0] != '/')
warning("Cannot lock target of relative symlink %s", path);
else
path = target;
}
sprintf(lk->filename, "%s.lock", path);
if (strlen(path) >= sizeof(lk->filename)) return -1;
strcpy(lk->filename, path);
/*
* subtract 5 from size to make sure there's room for adding
* ".lock" for the lock file name
*/
resolve_symlink(lk->filename, sizeof(lk->filename)-5);
strcat(lk->filename, ".lock");
fd = open(lk->filename, O_RDWR | O_CREAT | O_EXCL, 0666);
if (0 <= fd) {
if (!lock_file_list) {