T0b1/wasmtime
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Refactor path_get and fix flags in path_open

Browse Source
This commit is contained in:
Jakub Konka
2019-06-13 16:53:20 +02:00
committed by Dan Gohman
parent b35719fe4a
commit a11f2b1d3a
2 changed files with 147 additions and 173 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/sys/unix/hostcalls_impl/fs.rs
View File

@@ -337,10 +337,10 @@ pub(crate) fn path_open(
let mut nix_all_oflags = if read && write { let mut nix_all_oflags = if read && write {
OFlag::O_RDWR OFlag::O_RDWR
} else if read { } else if write {
OFlag::O_RDONLY
} else {
OFlag::O_WRONLY OFlag::O_WRONLY
} else {
OFlag::O_RDONLY
}; };
// on non-Capsicum systems, we always want nofollow // on non-Capsicum systems, we always want nofollow

150
src/sys/unix/hostcalls_impl/fs_helpers.rs
View File

@@ -7,7 +7,8 @@ use crate::host;
use nix::libc::{self, c_long}; use nix::libc::{self, c_long};
use std::ffi::{OsStr, OsString}; use std::ffi::{OsStr, OsString};
use std::os::unix::prelude::{OsStrExt, OsStringExt, RawFd}; use std::os::unix::prelude::{OsStrExt, RawFd};
use std::path::{Component, Path};
/// Normalizes a path to ensure that the target path is located under the directory provided. /// Normalizes a path to ensure that the target path is located under the directory provided.
/// ///
@@ -57,6 +58,11 @@ pub fn path_get<P: AsRef<OsStr>>(
Err(errno) Err(errno)
} }
if path.as_ref().as_bytes().contains(&b'\0') {
// if contains NUL, return EILSEQ
return Err(host::__WASI_EILSEQ);
}
let dirfe = wasi_ctx.get_fd_entry(dirfd, needed_base, needed_inheriting)?; let dirfe = wasi_ctx.get_fd_entry(dirfd, needed_base, needed_inheriting)?;
// Stack of directory file descriptors. Index 0 always corresponds with the directory provided // Stack of directory file descriptors. Index 0 always corresponds with the directory provided
@@ -67,7 +73,7 @@ pub fn path_get<P: AsRef<OsStr>>(
// Stack of paths left to process. This is initially the `path` argument to this function, but // Stack of paths left to process. This is initially the `path` argument to this function, but
// any symlinks we encounter are processed by pushing them on the stack. // any symlinks we encounter are processed by pushing them on the stack.
let mut path_stack = vec![path.as_ref().to_owned().into_vec()]; let mut path_stack = vec![path.as_ref().to_owned()];
// Track the number of symlinks we've expanded, so we can return `ELOOP` after too many. // Track the number of symlinks we've expanded, so we can return `ELOOP` after too many.
let mut symlink_expansions = 0; let mut symlink_expansions = 0;
@@ -78,59 +84,37 @@ pub fn path_get<P: AsRef<OsStr>>(
// TODO: rewrite this using a custom posix path type, with a component iterator that respects // TODO: rewrite this using a custom posix path type, with a component iterator that respects
// trailing slashes. This version does way too much allocation, and is way too fiddly. // trailing slashes. This version does way too much allocation, and is way too fiddly.
loop { loop {
let component = if let Some(cur_path) = path_stack.pop() { match path_stack.pop() {
// eprintln!( Some(cur_path) => {
// "cur_path = {:?}", // eprintln!("cur_path = {:?}", cur_path);
// std::str::from_utf8(cur_path.as_slice()).unwrap()
// ); let ends_with_slash = cur_path.as_bytes().ends_with(b"/");
let mut split = cur_path.splitn(2, |&c| c == '/' as u8); let mut components = Path::new(&cur_path).components();
let head = split.next(); let head = match components.next() {
let tail = split.next(); None => return ret_error(&mut dir_stack, host::__WASI_ENOENT),
match (head, tail) { Some(p) => p,
(None, _) => { };
// split always returns at least a singleton iterator with an empty slice let tail = components.as_path();
panic!("unreachable");
if tail.components().next().is_some() {
let mut tail = tail.as_os_str().to_owned();
if ends_with_slash {
tail.push("/");
} }
// path is empty path_stack.push(tail);
(Some([]), None) => {
return ret_error(&mut dir_stack, host::__WASI_ENOENT);
} }
// path starts with `/`, is absolute
(Some([]), Some(_)) => { match head {
Component::Prefix(_) | Component::RootDir => {
// path is absolute!
return ret_error(&mut dir_stack, host::__WASI_ENOTCAPABLE); return ret_error(&mut dir_stack, host::__WASI_ENOTCAPABLE);
} }
// the final component of the path with no trailing slash Component::CurDir => {
(Some(component), None) => component.to_vec(), // "." so skip
(Some(component), Some(rest)) => { continue;
if rest.iter().all(|&c| c == '/' as u8) {
// the final component of the path with trailing slashes; put one trailing
// slash back on
let mut component = component.to_vec();
component.push('/' as u8);
component
} else {
// non-final component; push the rest back on the stack
path_stack.push(rest.to_vec());
component.to_vec()
} }
} Component::ParentDir => {
} // ".." so pop a dir
} else {
// if the path stack is ever empty, we return rather than going through the loop again
panic!("unreachable");
};
// eprintln!(
// "component = {:?}",
// std::str::from_utf8(component.as_slice()).unwrap()
// );
match component.as_slice() {
b"." => {
// skip component
}
b".." => {
// pop a directory
let dirfd = dir_stack.pop().expect("dir_stack is never empty"); let dirfd = dir_stack.pop().expect("dir_stack is never empty");
// we're not allowed to pop past the original directory // we're not allowed to pop past the original directory
@@ -142,15 +126,17 @@ pub fn path_get<P: AsRef<OsStr>>(
}); });
} }
} }
// should the component be a directory? it should if there is more path left to process, or Component::Normal(head) => {
// if it has a trailing slash and `needs_final_component` is not set let mut head = OsString::from(head);
component if ends_with_slash {
if !path_stack.is_empty() // preserve trailing slash
|| (component.ends_with(b"/") && !needs_final_component) => head.push("/");
{ }
if !path_stack.is_empty() || (ends_with_slash && !needs_final_component) {
match openat( match openat(
*dir_stack.last().expect("dir_stack is never empty"), *dir_stack.last().expect("dir_stack is never empty"),
component, head.as_os_str(),
OFlag::O_RDONLY | OFlag::O_DIRECTORY | OFlag::O_NOFOLLOW, OFlag::O_RDONLY | OFlag::O_DIRECTORY | OFlag::O_NOFOLLOW,
Mode::empty(), Mode::empty(),
) { ) {
@@ -168,7 +154,7 @@ pub fn path_get<P: AsRef<OsStr>>(
// attempt symlink expansion // attempt symlink expansion
match readlinkat( match readlinkat(
*dir_stack.last().expect("dir_stack is never empty"), *dir_stack.last().expect("dir_stack is never empty"),
component, head.as_os_str(),
readlink_buf.as_mut_slice(), readlink_buf.as_mut_slice(),
) { ) {
Ok(link_path) => { Ok(link_path) => {
@@ -177,13 +163,9 @@ pub fn path_get<P: AsRef<OsStr>>(
return ret_error(&mut dir_stack, host::__WASI_ELOOP); return ret_error(&mut dir_stack, host::__WASI_ELOOP);
} }
let mut link_path = link_path.as_bytes().to_vec(); let mut link_path = OsString::from(link_path);
if head.as_bytes().ends_with(b"/") {
// append a trailing slash if the component leading to it has one, so link_path.push("/");
// that we preserve any ENOTDIR that might come from trying to open a
// non-directory
if component.ends_with(b"/") {
link_path.push('/' as u8);
} }
path_stack.push(link_path); path_stack.push(link_path);
@@ -204,16 +186,14 @@ pub fn path_get<P: AsRef<OsStr>>(
); );
} }
} }
} } else if ends_with_slash
// the final component || (dirflags & host::__WASI_LOOKUP_SYMLINK_FOLLOW) != 0
component => { {
// if there's a trailing slash, or if `LOOKUP_SYMLINK_FOLLOW` is set, attempt // if there's a trailing slash, or if `LOOKUP_SYMLINK_FOLLOW` is set, attempt
// symlink expansion // symlink expansion
if component.ends_with(b"/") || (dirflags & host::__WASI_LOOKUP_SYMLINK_FOLLOW) != 0
{
match readlinkat( match readlinkat(
*dir_stack.last().expect("dir_stack is never empty"), *dir_stack.last().expect("dir_stack is never empty"),
component, head.as_os_str(),
readlink_buf.as_mut_slice(), readlink_buf.as_mut_slice(),
) { ) {
Ok(link_path) => { Ok(link_path) => {
@@ -221,14 +201,9 @@ pub fn path_get<P: AsRef<OsStr>>(
if symlink_expansions > MAX_SYMLINK_EXPANSIONS { if symlink_expansions > MAX_SYMLINK_EXPANSIONS {
return ret_error(&mut dir_stack, host::__WASI_ELOOP); return ret_error(&mut dir_stack, host::__WASI_ELOOP);
} }
let mut link_path = OsString::from(link_path);
let mut link_path = link_path.as_bytes().to_vec(); if head.as_bytes().ends_with(b"/") {
link_path.push("/");
// append a trailing slash if the component leading to it has one, so
// that we preserve any ENOTDIR that might come from trying to open a
// non-directory
if component.ends_with(b"/") {
link_path.push('/' as u8);
} }
path_stack.push(link_path); path_stack.push(link_path);
@@ -238,29 +213,28 @@ pub fn path_get<P: AsRef<OsStr>>(
let errno = e.as_errno().unwrap(); let errno = e.as_errno().unwrap();
if errno != Errno::EINVAL && errno != Errno::ENOENT { if errno != Errno::EINVAL && errno != Errno::ENOENT {
// only return an error if this path is not actually a symlink // only return an error if this path is not actually a symlink
return ret_error(&mut dir_stack, host_impl::errno_from_nix(errno)); return ret_error(
&mut dir_stack,
host_impl::errno_from_nix(errno),
);
} }
} }
} }
} }
// not a symlink, so we're done; // not a symlink, so we're done;
return Ok(( return Ok((ret_dir_success(&mut dir_stack), head));
ret_dir_success(&mut dir_stack),
OsStr::from_bytes(component).to_os_string(),
));
} }
} }
}
if path_stack.is_empty() { None => {
// no further components to process. means we've hit a case like "." or "a/..", or if the // no further components to process. means we've hit a case like "." or "a/..", or if the
// input path has trailing slashes and `needs_final_component` is not set // input path has trailing slashes and `needs_final_component` is not set
return Ok(( return Ok((
ret_dir_success(&mut dir_stack), ret_dir_success(&mut dir_stack),
OsStr::new(".").to_os_string(), OsStr::new(".").to_os_string(),
)); ));
} else { }
continue;
} }
} }
} }