/src/httpd/srclib/apr/file_io/unix/mktemp.c

Source (jump to first uncovered line)
/* Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
/*
 * Copyright (c) 1987, 1993
 * The Regents of the University of California.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    This product includes software developed by the University of
 *    California, Berkeley and its contributors.
 * 4. Neither the name of the University nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

#include "apr_private.h"
#include "apr_file_io.h" /* prototype of apr_mkstemp() */
#include "apr_strings.h" /* prototype of apr_mkstemp() */
#include "apr_arch_file_io.h" /* prototype of apr_mkstemp() */
#include "apr_portable.h" /* for apr_os_file_put() */
#include "apr_arch_inherit.h"

#ifndef HAVE_MKSTEMP

#if defined(SVR4) || defined(WIN32) || defined(NETWARE)
#ifdef SVR4
#if HAVE_INTTYPES_H
#include <inttypes.h>
#endif
#endif
#define arc4random() rand()
#define seedrandom(a) srand(a)
#else
#if APR_HAVE_STDINT_H
#include <stdint.h>
#endif
#define arc4random() random()
#define seedrandom(a) srandom(a)
#endif

#if APR_HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
#if APR_HAVE_FCNTL_H
#include <fcntl.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#ifdef HAVE_TIME_H
#include <time.h>
#endif

static const unsigned char padchar[] =
"0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
static apr_uint32_t randseed=0;

static int gettemp(char *path, apr_file_t **doopen, apr_int32_t flags, apr_pool_t *p)
{
    register char *start, *trv, *suffp;
    char *pad;
    apr_finfo_t sbuf;
    apr_status_t rv;
    apr_uint32_t randnum;

    if (randseed==0) {
        randseed = (int)apr_time_now();
        seedrandom(randseed);
    }

    for (trv = path; *trv; ++trv)
        ;
    suffp = trv;
    --trv;
    if (trv < path) {
        return APR_EINVAL;
    }

    /* Fill space with random characters */
    while (*trv == 'X') {
        randnum = arc4random() % (sizeof(padchar) - 1);
        *trv-- = padchar[randnum];
    }
    start = trv + 1;

    /*
     * check the target directory.
     */
    for (;; --trv) {
        if (trv <= path)
            break;
        if (*trv == '/') {
            *trv = '\0';
            rv = apr_stat(&sbuf, path, APR_FINFO_TYPE, p);
            *trv = '/';
            if (rv != APR_SUCCESS)
                return rv;
            if (sbuf.filetype != APR_DIR) {
                return APR_ENOTDIR;
            }
            break;
        }
    }

    for (;;) {
        if ((rv = apr_file_open(doopen, path, flags,
                                APR_FPROT_UREAD | APR_FPROT_UWRITE, p)) == APR_SUCCESS)
            return APR_SUCCESS;
        if (!APR_STATUS_IS_EEXIST(rv))
            return rv;

        /* If we have a collision, cycle through the space of filenames */
        for (trv = start;;) {
            if (*trv == '\0' || trv == suffp)
                return APR_EINVAL; /* XXX: is this the correct return code? */
            pad = strchr((char *)padchar, *trv);
            if (pad == NULL || !*++pad) {
                *trv++ = padchar[0];
            }
            else {
                *trv++ = *pad;
                break;
            }
        }
    }
    /*NOTREACHED*/
}

#else

#if APR_HAVE_STDLIB_H
#include <stdlib.h> /* for mkstemp() - Single Unix */
#endif
#if APR_HAVE_UNISTD_H
#include <unistd.h> /* for mkstemp() - FreeBSD */
#endif
#endif /* !defined(HAVE_MKSTEMP) */

#if defined(HAVE_MKOSTEMP64)
#define wrap_mkostemp(t, f) mkostemp64(t, (f))
#elif defined(HAVE_MKOSTEMP)
#define wrap_mkostemp(t, f) mkostemp(t, (f))
#elif defined(HAVE_MKSTEMP64)
#define wrap_mkostemp(t, f) mkstemp64(t)
#else
#define wrap_mkostemp(t, f) mkstemp(t)
#endif

APR_DECLARE(apr_status_t) apr_file_mktemp(apr_file_t **fp, char *template, apr_int32_t flags, apr_pool_t *p)
{
#ifdef HAVE_MKSTEMP
    int fd;
#endif
    flags = (!flags) ? APR_FOPEN_CREATE | APR_FOPEN_READ | APR_FOPEN_WRITE | APR_FOPEN_EXCL |
                       APR_FOPEN_DELONCLOSE : flags;
#ifndef HAVE_MKSTEMP
    return gettemp(template, fp, flags, p);
#else

    fd = wrap_mkostemp(template,
                       (flags & APR_FOPEN_NOCLEANUP) ? 0 : O_CLOEXEC);
    if (fd == -1) {
        return errno;
    }
    /* XXX: We must reset several flags values as passed-in, since
     * mkstemp didn't subscribe to our preference flags.
     *
     * We either have to unset the flags, or fix up the fd and other
     * xthread and inherit bits appropriately.  Since gettemp() above
     * calls apr_file_open, our flags are respected in that code path.
     */
    apr_os_file_put(fp, &fd, flags, p);
    (*fp)->fname = apr_pstrdup(p, template);

    if (!(flags & APR_FOPEN_NOCLEANUP)) {
#if !defined(HAVE_MKOSTEMP64) && !defined(HAVE_MKOSTEMP)
        int flags;

        if ((flags = fcntl(fd, F_GETFD)) == -1)
            return errno;

        flags |= FD_CLOEXEC;
        if (fcntl(fd, F_SETFD, flags) == -1)
            return errno;
#endif

        apr_pool_cleanup_register((*fp)->pool, (void *)(*fp),
                                  apr_unix_file_cleanup,
                                  apr_unix_child_file_cleanup);

        /* Clear APR_FOPEN_NOCLEANUP set by apr_os_file_put() */
        (*fp)->flags &= ~APR_FOPEN_NOCLEANUP;
     }
#endif
    return APR_SUCCESS;
}


Coverage Report

Created: 2023-03-26 06:28

Line	Count	Source (jump to first uncovered line)
1		/* Licensed to the Apache Software Foundation (ASF) under one or more
2		* contributor license agreements. See the NOTICE file distributed with
3		* this work for additional information regarding copyright ownership.
4		* The ASF licenses this file to You under the Apache License, Version 2.0
5		* (the "License"); you may not use this file except in compliance with
6		* the License. You may obtain a copy of the License at
7		*
8		* http://www.apache.org/licenses/LICENSE-2.0
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*/
16		/*
17		* Copyright (c) 1987, 1993
18		* The Regents of the University of California. All rights reserved.
19		*
20		* Redistribution and use in source and binary forms, with or without
21		* modification, are permitted provided that the following conditions
22		* are met:
23		* 1. Redistributions of source code must retain the above copyright
24		* notice, this list of conditions and the following disclaimer.
25		* 2. Redistributions in binary form must reproduce the above copyright
26		* notice, this list of conditions and the following disclaimer in the
27		* documentation and/or other materials provided with the distribution.
28		* 3. All advertising materials mentioning features or use of this software
29		* must display the following acknowledgement:
30		* This product includes software developed by the University of
31		* California, Berkeley and its contributors.
32		* 4. Neither the name of the University nor the names of its contributors
33		* may be used to endorse or promote products derived from this software
34		* without specific prior written permission.
35		*
36		* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
37		* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38		* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
39		* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
40		* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
41		* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
42		* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43		* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
44		* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
45		* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
46		* SUCH DAMAGE.
47		*/
48
49		#include "apr_private.h"
50		#include "apr_file_io.h" /* prototype of apr_mkstemp() */
51		#include "apr_strings.h" /* prototype of apr_mkstemp() */
52		#include "apr_arch_file_io.h" /* prototype of apr_mkstemp() */
53		#include "apr_portable.h" /* for apr_os_file_put() */
54		#include "apr_arch_inherit.h"
55
56		#ifndef HAVE_MKSTEMP
57
58		#if defined(SVR4) \|\| defined(WIN32) \|\| defined(NETWARE)
59		#ifdef SVR4
60		#if HAVE_INTTYPES_H
61		#include <inttypes.h>
62		#endif
63		#endif
64		#define arc4random() rand()
65		#define seedrandom(a) srand(a)
66		#else
67		#if APR_HAVE_STDINT_H
68		#include <stdint.h>
69		#endif
70		#define arc4random() random()
71		#define seedrandom(a) srandom(a)
72		#endif
73
74		#if APR_HAVE_SYS_TYPES_H
75		#include <sys/types.h>
76		#endif
77		#ifdef HAVE_SYS_STAT_H
78		#include <sys/stat.h>
79		#endif
80		#if APR_HAVE_FCNTL_H
81		#include <fcntl.h>
82		#endif
83		#include <stdio.h>
84		#include <stdlib.h>
85		#include <string.h>
86		#include <ctype.h>
87		#ifdef HAVE_TIME_H
88		#include <time.h>
89		#endif
90
91		static const unsigned char padchar[] =
92		"0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
93		static apr_uint32_t randseed=0;
94
95		static int gettemp(char path, apr_file_t doopen, apr_int32_t flags, apr_pool_t p)
96		{
97		register char start, trv, *suffp;
98		char *pad;
99		apr_finfo_t sbuf;
100		apr_status_t rv;
101		apr_uint32_t randnum;
102
103		if (randseed==0) {
104		randseed = (int)apr_time_now();
105		seedrandom(randseed);
106		}
107
108		for (trv = path; *trv; ++trv)
109		;
110		suffp = trv;
111		--trv;
112		if (trv < path) {
113		return APR_EINVAL;
114		}
115
116		/* Fill space with random characters */
117		while (*trv == 'X') {
118		randnum = arc4random() % (sizeof(padchar) - 1);
119		*trv-- = padchar[randnum];
120		}
121		start = trv + 1;
122
123		/*
124		* check the target directory.
125		*/
126		for (;; --trv) {
127		if (trv <= path)
128		break;
129		if (*trv == '/') {
130		*trv = '\0';
131		rv = apr_stat(&sbuf, path, APR_FINFO_TYPE, p);
132		*trv = '/';
133		if (rv != APR_SUCCESS)
134		return rv;
135		if (sbuf.filetype != APR_DIR) {
136		return APR_ENOTDIR;
137		}
138		break;
139		}
140		}
141
142		for (;;) {
143		if ((rv = apr_file_open(doopen, path, flags,
144		APR_FPROT_UREAD \| APR_FPROT_UWRITE, p)) == APR_SUCCESS)
145		return APR_SUCCESS;
146		if (!APR_STATUS_IS_EEXIST(rv))
147		return rv;
148
149		/* If we have a collision, cycle through the space of filenames */
150		for (trv = start;;) {
151		if (*trv == '\0' \|\| trv == suffp)
152		return APR_EINVAL; /* XXX: is this the correct return code? */
153		pad = strchr((char )padchar, trv);
154		if (pad == NULL \|\| !*++pad) {
155		*trv++ = padchar[0];
156		}
157		else {
158		trv++ = pad;
159		break;
160		}
161		}
162		}
163		/NOTREACHED/
164		}
165
166		#else
167
168		#if APR_HAVE_STDLIB_H
169		#include <stdlib.h> /* for mkstemp() - Single Unix */
170		#endif
171		#if APR_HAVE_UNISTD_H
172		#include <unistd.h> /* for mkstemp() - FreeBSD */
173		#endif
174		#endif /* !defined(HAVE_MKSTEMP) */
175
176		#if defined(HAVE_MKOSTEMP64)
177		#define wrap_mkostemp(t, f) mkostemp64(t, (f))
178		#elif defined(HAVE_MKOSTEMP)
179	634	#define wrap_mkostemp(t, f) mkostemp(t, (f))
180		#elif defined(HAVE_MKSTEMP64)
181		#define wrap_mkostemp(t, f) mkstemp64(t)
182		#else
183		#define wrap_mkostemp(t, f) mkstemp(t)
184		#endif
185
186		APR_DECLARE(apr_status_t) apr_file_mktemp(apr_file_t *fp, char template, apr_int32_t flags, apr_pool_t *p)
187	317	{
188	317	#ifdef HAVE_MKSTEMP
189	317	int fd;
190	317	#endif
191	317	flags = (!flags) ? APR_FOPEN_CREATE \| APR_FOPEN_READ \| APR_FOPEN_WRITE \| APR_FOPEN_EXCL \|
192	317	APR_FOPEN_DELONCLOSE : flags;
193		#ifndef HAVE_MKSTEMP
194		return gettemp(template, fp, flags, p);
195		#else
196
197	317	fd = wrap_mkostemp(template,
198	317	(flags & APR_FOPEN_NOCLEANUP) ? 0 : O_CLOEXEC);
199	317	if (fd == -1) {
200	0	return errno;
201	0	}
202		/* XXX: We must reset several flags values as passed-in, since
203		* mkstemp didn't subscribe to our preference flags.
204		*
205		* We either have to unset the flags, or fix up the fd and other
206		* xthread and inherit bits appropriately. Since gettemp() above
207		* calls apr_file_open, our flags are respected in that code path.
208		*/
209	317	apr_os_file_put(fp, &fd, flags, p);
210	317	(*fp)->fname = apr_pstrdup(p, template);
211
212	317	if (!(flags & APR_FOPEN_NOCLEANUP)) {
213		#if !defined(HAVE_MKOSTEMP64) && !defined(HAVE_MKOSTEMP)
214		int flags;
215
216		if ((flags = fcntl(fd, F_GETFD)) == -1)
217		return errno;
218
219		flags \|= FD_CLOEXEC;
220		if (fcntl(fd, F_SETFD, flags) == -1)
221		return errno;
222		#endif
223
224	317	apr_pool_cleanup_register((fp)->pool, (void )(*fp),
225	317	apr_unix_file_cleanup,
226	317	apr_unix_child_file_cleanup);
227
228		/* Clear APR_FOPEN_NOCLEANUP set by apr_os_file_put() */
229	317	(*fp)->flags &= ~APR_FOPEN_NOCLEANUP;
230	317	}
231	317	#endif
232	317	return APR_SUCCESS;
233	317	}
234