This is an automated email from the git hooks/post-receive script. guillem pushed a commit to branch main in repository dpkg.
View the commit online: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=42158472a5e6854888a16aa2e0216040ec2eae36 commit 42158472a5e6854888a16aa2e0216040ec2eae36 Author: Guillem Jover <guil...@debian.org> AuthorDate: Sat Apr 13 22:51:39 2024 +0200 dpkg-realpath: Rewrite in C This should make the code more robust against system issues on missing shell interpreters or realpath and readlink commands. --- po/POTFILES.in | 2 + src/Makefile.am | 7 +- src/dpkg-realpath.sh | 179 ------------------------------------- src/realpath/main.c | 242 +++++++++++++++++++++++++++++++++++++++++++++++++++ t/shellcheck.t | 1 - 5 files changed, 249 insertions(+), 182 deletions(-) diff --git a/po/POTFILES.in b/po/POTFILES.in index a2386011a..34dea53f4 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -76,6 +76,8 @@ lib/dpkg/version.c src/common/force.c src/common/selinux.c +src/realpath/main.c + src/deb/build.c src/deb/extract.c src/deb/info.c diff --git a/src/Makefile.am b/src/Makefile.am index 6d0f2f24a..abb1d96cf 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -27,6 +27,7 @@ bin_PROGRAMS = \ dpkg-deb \ dpkg-divert \ dpkg-query \ + dpkg-realpath \ dpkg-split \ dpkg-statoverride \ dpkg-trigger \ @@ -34,7 +35,6 @@ bin_PROGRAMS = \ bin_SCRIPTS = \ dpkg-maintscript-helper \ - dpkg-realpath \ # EOL pkglibexec_SCRIPTS = \ @@ -46,7 +46,6 @@ EXTRA_DIST += \ dpkg-db-backup.sh \ dpkg-db-keeper.sh \ dpkg-maintscript-helper.sh \ - dpkg-realpath.sh \ # EOL CLEANFILES += \ @@ -107,6 +106,10 @@ dpkg_query_SOURCES = \ query/main.c \ # EOL +dpkg_realpath_SOURCES = \ + realpath/main.c \ + # EOL + dpkg_split_SOURCES = \ split/dpkg-split.h \ split/info.c \ diff --git a/src/dpkg-realpath.sh b/src/dpkg-realpath.sh deleted file mode 100755 index 84438b49e..000000000 --- a/src/dpkg-realpath.sh +++ /dev/null @@ -1,179 +0,0 @@ -#!/bin/sh -# -# Copyright © 2020 Helmut Grohne <hel...@subdivi.de> -# Copyright © 2020 Guillem Jover <guil...@debian.org> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see <https://www.gnu.org/licenses/>. - -set -e - -PROGNAME=$(basename "$0") -version="unknown" -EOL="\n" - -PKGDATADIR_DEFAULT=src -PKGDATADIR="${DPKG_DATADIR:-$PKGDATADIR_DEFAULT}" - -# shellcheck source=src/sh/dpkg-error.sh -. "$PKGDATADIR/sh/dpkg-error.sh" - -show_version() -{ - cat <<END -Debian $PROGNAME version $version. - -This is free software; see the GNU General Public License version 2 or -later for copying conditions. There is NO warranty. -END -} - -show_usage() -{ - cat <<END -Usage: $PROGNAME [<option>...] <pathname> - -Options: - -z, --zero end output line with NUL, not newline. - --instdir <directory> set the root directory. - --root <directory> set the root directory. - --version show the version. - -?, --help show this help message. -END -} - -canonicalize() { - local src="$1" - local root="$DPKG_ROOT" - local loop=0 - local result="$root" - local dst - - # Check whether the path is relative and make it absolute otherwise. - if [ "$src" = "${src#/}" ]; then - src="$(pwd)/$src" - src="${src#"$root"}" - fi - - # Remove prefixed slashes. - while [ "$src" != "${src#/}" ]; do - src=${src#/} - done - while [ -n "$src" ]; do - # Get the first directory component. - prefix=${src%%/*} - # Remove the first directory component from src. - src=${src#"$prefix"} - # Remove prefixed slashes. - while [ "$src" != "${src#/}" ]; do - src=${src#/} - done - # Resolve the first directory component. - if [ "$prefix" = . ]; then - # Ignore, stay at the same directory. - : - elif [ "$prefix" = .. ]; then - # Go up one directory. - result=${result%/*} - if [ -n "$root" ] && [ "${result#"$root"}" = "$result" ]; then - result="$root" - fi - elif [ -h "$result/$prefix" ]; then - loop=$((loop + 1)) - if [ "$loop" -gt 25 ]; then - error "too many levels of symbolic links" - fi - # Resolve the symlink within $result. - dst=$(readlink "$result/$prefix") - case "$dst" in - /*) - # Absolute pathname, reset result back to $root. - result=$root - src="$dst${src:+/$src}" - # Remove prefixed slashes. - while [ "$src" != "${src#/}" ]; do - src=${src#/} - done - ;; - *) - # Relative pathname. - src="$dst${src:+/$src}" - ;; - esac - else - # Otherwise append the prefix. - result="$result/$prefix" - fi - done - # We are done, print the resolved pathname, w/o $root. - result="${result#"$root"}" - printf "%s$EOL" "${result:-/}" -} - -setup_colors - -DPKG_ROOT="${DPKG_ROOT:-}" -export DPKG_ROOT - -while [ $# -ne 0 ]; do - case "$1" in - -z|--zero) - EOL="\0" - ;; - --instdir|--root) - shift - DPKG_ROOT=$1 - ;; - --instdir=*) - DPKG_ROOT="${1#--instdir=}" - ;; - --root=*) - DPKG_ROOT="${1#--root=}" - ;; - --version) - show_version - exit 0 - ;; - --help|-\?) - show_usage - exit 0 - ;; - --) - shift - pathname="$1" - ;; - -*) - badusage "unknown option: $1" - ;; - *) - pathname="$1" - ;; - esac - shift -done - -# Normalize root directory. -DPKG_ROOT="${DPKG_ROOT:+$(realpath "$DPKG_ROOT")}" -# Remove default root dir. -if [ "$DPKG_ROOT" = "/" ]; then - DPKG_ROOT="" -fi - -[ -n "$pathname" ] || badusage "missing pathname" -if [ "${pathname#"$DPKG_ROOT"}" != "$pathname" ]; then - error "link '$pathname' includes root prefix '$DPKG_ROOT'" -fi - -canonicalize "$pathname" - -exit 0 diff --git a/src/realpath/main.c b/src/realpath/main.c new file mode 100644 index 000000000..387294a61 --- /dev/null +++ b/src/realpath/main.c @@ -0,0 +1,242 @@ +/* + * dpkg-realpath - print the resolved pathname with DPKG_ROOT support + * + * Copyright © 2020 Helmut Grohne <hel...@subdivi.de> + * Copyright © 2020-2024 Guillem Jover <guil...@debian.org> + * + * This is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <https://www.gnu.org/licenses/>. + */ + +#include <config.h> +#include <compat.h> + +#include <sys/types.h> +#include <sys/stat.h> + +#include <errno.h> +#if HAVE_LOCALE_H +#include <locale.h> +#endif +#include <string.h> +#include <unistd.h> +#include <stdint.h> +#include <stdlib.h> +#include <stdio.h> + +#include <dpkg/i18n.h> +#include <dpkg/dpkg.h> +#include <dpkg/dpkg-db.h> +#include <dpkg/debug.h> +#include <dpkg/string.h> +#include <dpkg/db-fsys.h> +#include <dpkg/options.h> + +static const char printforhelp[] = N_( +"Use --help for help about this utility."); + +static void DPKG_ATTR_NORET +printversion(const struct cmdinfo *cip, const char *value) +{ + printf(_("Debian %s version %s.\n"), dpkg_get_progname(), + PACKAGE_RELEASE); + + printf(_( +"This is free software; see the GNU General Public License version 2 or\n" +"later for copying conditions. There is NO warranty.\n")); + + m_output(stdout, _("<standard output>")); + + exit(0); +} + +static void DPKG_ATTR_NORET +usage(const struct cmdinfo *cip, const char *value) +{ + printf(_( +"Usage: %s [<option>...] <pathname>\n" +"\n"), dpkg_get_progname()); + + printf(_( +"Options:\n" +" -z, --zero end output line with NUL, not newline.\n" +" --instdir <directory> set the root directory.\n" +" --root <directory> set the root directory.\n" +" --version show the version.\n" +" --help show this help message.\n" +"\n")); + + m_output(stdout, _("<standard output>")); + + exit(0); +} + +static int opt_eol = '\n'; + +static char * +realpath_relative_to(const char *pathname, const char *rootdir) +{ + struct varbuf root = VARBUF_INIT; + struct varbuf src = VARBUF_INIT; + struct varbuf dst = VARBUF_INIT; + struct varbuf slink = VARBUF_INIT; + struct varbuf result = VARBUF_INIT; + struct varbuf prefix = VARBUF_INIT; + int loop = 0; + + varbuf_set_str(&root, rootdir); + varbuf_set_str(&src, pathname); + varbuf_set_str(&result, rootdir); + + /* Check whether the path is relative, make it absolute otherwise. */ + if (src.buf[0] != '/') { + struct varbuf abs_src = VARBUF_INIT; + + file_getcwd(&abs_src); + varbuf_add_char(&abs_src, '/'); + varbuf_add_varbuf(&abs_src, &src); + + varbuf_set_varbuf(&src, &abs_src); + varbuf_destroy(&abs_src); + + varbuf_trim_varbuf_prefix(&src, &root); + } + + /* Remove prefixed slashes. */ + varbuf_trim_char_prefix(&src, '/'); + + while (src.used) { + struct stat st; + const char *slash; + + /* Get the first directory component. */ + varbuf_set_varbuf(&prefix, &src); + slash = strchrnul(prefix.buf, '/'); + varbuf_trunc(&prefix, slash - prefix.buf); + + /* Remove the first directory component from src. */ + varbuf_trim_varbuf_prefix(&src, &prefix); + + /* Remove prefixed slashes. */ + varbuf_trim_char_prefix(&src, '/'); + + varbuf_set_varbuf(&slink, &result); + varbuf_add_char(&slink, '/'); + varbuf_add_varbuf(&slink, &prefix); + + /* Resolve the first directory component. */ + if (strcmp(prefix.buf, ".") == 0) { + /* Ignore, stay at the same directory. */ + } else if (strcmp(prefix.buf, "..") == 0) { + /* Go up one directory. */ + slash = strrchr(result.buf, '/'); + if (slash != NULL) + varbuf_trunc(&result, slash - result.buf); + + if (root.used && !varbuf_has_prefix(&result, &root)) + varbuf_set_varbuf(&result, &root); + } else if (lstat(slink.buf, &st) == 0 && S_ISLNK(st.st_mode)) { + ssize_t linksize; + + loop++; + if (loop > 25) + ohshit(_("too many levels of symbolic links")); + + /* Resolve the symlink within result. */ + linksize = file_readlink(slink.buf, &dst, st.st_size); + if (linksize < 0) + ohshite(_("cannot read link '%s'"), slink.buf); + else if ((off_t)linksize != st.st_size) + ohshit(_("symbolic link '%s' size has changed from %jd to %zd"), + slink.buf, (intmax_t)st.st_size, linksize); + + if (dst.buf[0] == '/') { + /* Absolute pathname, reset result back to + * root. */ + varbuf_set_varbuf(&result, &root); + + if (src.used) { + varbuf_add_char(&dst, '/'); + varbuf_add_varbuf(&dst, &src); + } + varbuf_set_varbuf(&src, &dst); + + /* Remove prefixed slashes. */ + varbuf_trim_char_prefix(&src, '/'); + } else { + /* Relative pathname. */ + if (src.used) { + varbuf_add_char(&dst, '/'); + varbuf_add_varbuf(&dst, &src); + } + varbuf_set_varbuf(&src, &dst); + } + } else { + /* Otherwise append the prefix. */ + varbuf_add_char(&result, '/'); + varbuf_add_varbuf(&result, &prefix); + } + } + + /* We are done, return the resolved pathname, w/o root. */ + varbuf_trim_varbuf_prefix(&result, &root); + + varbuf_destroy(&root); + varbuf_destroy(&src); + varbuf_destroy(&dst); + varbuf_destroy(&slink); + varbuf_destroy(&prefix); + + return varbuf_detach(&result); +} + +static const struct cmdinfo cmdinfos[] = { + { "zero", 'z', 0, &opt_eol, NULL, NULL, '\0' }, + { "instdir", 0, 1, NULL, NULL, set_instdir, 0 }, + { "root", 0, 1, NULL, NULL, set_instdir, 0 }, + { "version", 0, 0, NULL, NULL, printversion }, + { "help", '?', 0, NULL, NULL, usage }, + { NULL, 0 } +}; + +int +main(int argc, const char *const *argv) +{ + const char *instdir; + const char *pathname; + char *real_pathname; + + dpkg_locales_init(PACKAGE); + dpkg_program_init("dpkg-realpath"); + dpkg_options_parse(&argv, cmdinfos, printforhelp); + + debug(dbg_general, "root=%s admindir=%s", dpkg_fsys_get_dir(), dpkg_db_get_dir()); + + pathname = argv[0]; + if (pathname == NULL) + badusage(_("need a pathname argument")); + + instdir = dpkg_fsys_get_dir(); + if (strlen(instdir) && strncmp(pathname, instdir, strlen(instdir)) == 0) + badusage(_("link '%s' includes root prefix '%s'"), + pathname, instdir); + + real_pathname = realpath_relative_to(pathname, instdir); + printf("%s%c", real_pathname, opt_eol); + free(real_pathname); + + dpkg_program_done(); + dpkg_locales_done(); + + return 0; +} diff --git a/t/shellcheck.t b/t/shellcheck.t index 12858ecd3..046bbb3eb 100644 --- a/t/shellcheck.t +++ b/t/shellcheck.t @@ -42,7 +42,6 @@ my @files = qw( src/dpkg-db-backup.sh src/dpkg-db-keeper.sh src/dpkg-maintscript-helper.sh - src/dpkg-realpath.sh ); my @shellcheck_opts = ( '--external-sources', # Allow checking external source files. -- Dpkg.Org's dpkg