1 /*
2 * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 /*
27 * Pathname canonicalization for Win32 file systems
28 */
29
30 #include <stdio.h>
31 #include <stdlib.h>
32 #include <string.h>
33 #include <ctype.h>
34 #include <assert.h>
35 #include <sys/stat.h>
36
37 #include <windows.h>
38 #include <winbase.h>
39 #include <errno.h>
40 #include "io_util_md.h"
41
42 #undef DEBUG_PATH /* Define this to debug path code */
43
44 #define isfilesep(c) ((c) == '/' || (c) == '\\')
45 #define wisfilesep(c) ((c) == L'/' || (c) == L'\\')
46 #define islb(c) (IsDBCSLeadByte((BYTE)(c)))
47
48
49 /* Copy bytes to dst, not going past dend; return dst + number of bytes copied,
50 or NULL if dend would have been exceeded. If first != '\0', copy that byte
51 before copying bytes from src to send - 1. */
52
53 static char *
54 cp(char *dst, char *dend, char first, char *src, char *send)
55 {
56 char *p = src, *q = dst;
57 if (first != '\0') {
58 if (q < dend) {
59 *q++ = first;
60 } else {
61 errno = ENAMETOOLONG;
62 return NULL;
63 }
64 }
65 if (send - p > dend - q) {
66 errno = ENAMETOOLONG;
67 return NULL;
68 }
69 while (p < send) {
70 *q++ = *p++;
71 }
72 return q;
73 }
74
75 /* Wide character version of cp */
76
77 static WCHAR*
78 wcp(WCHAR *dst, WCHAR *dend, WCHAR first, WCHAR *src, WCHAR *send)
79 {
80 WCHAR *p = src, *q = dst;
81 if (first != L'\0') {
82 if (q < dend) {
83 *q++ = first;
84 } else {
85 errno = ENAMETOOLONG;
86 return NULL;
87 }
88 }
89 if (send - p > dend - q) {
90 errno = ENAMETOOLONG;
91 return NULL;
92 }
93 while (p < send)
94 *q++ = *p++;
95 return q;
96 }
97
98
99 /* Find first instance of '\\' at or following start. Return the address of
100 that byte or the address of the null terminator if '\\' is not found. */
101
102 static char *
103 nextsep(char *start)
104 {
105 char *p = start;
106 int c;
107 while ((c = *p) && (c != '\\')) {
108 p += ((islb(c) && p[1]) ? 2 : 1);
109 }
110 return p;
111 }
112
113 /* Wide character version of nextsep */
114
115 static WCHAR *
116 wnextsep(WCHAR *start)
117 {
118 WCHAR *p = start;
119 int c;
120 while ((c = *p) && (c != L'\\'))
121 p++;
122 return p;
123 }
124
125 /* Tell whether the given string contains any wildcard characters */
126
127 static int
128 wild(char *start)
129 {
130 char *p = start;
131 int c;
132 while (c = *p) {
133 if ((c == '*') || (c == '?')) return 1;
134 p += ((islb(c) && p[1]) ? 2 : 1);
135 }
136 return 0;
137 }
138
139 /* Wide character version of wild */
140
141 static int
142 wwild(WCHAR *start)
143 {
144 WCHAR *p = start;
145 int c;
146 while (c = *p) {
147 if ((c == L'*') || (c == L'?'))
148 return 1;
149 p++;
150 }
151 return 0;
152 }
153
154 /* Tell whether the given string contains prohibited combinations of dots.
155 In the canonicalized form no path element may have dots at its end.
156 Allowed canonical paths: c:\xa...dksd\..ksa\.lk c:\...a\.b\cd..x.x
157 Prohibited canonical paths: c:\..\x c:\x.\d c:\...
158 */
159 static int
160 dots(char *start)
161 {
162 char *p = start;
163 while (*p) {
164 if ((p = strchr(p, '.')) == NULL) // find next occurence of '.'
165 return 0; // no more dots
166 p++; // next char
167 while ((*p) == '.') // go to the end of dots
168 p++;
169 if (*p && (*p != '\\')) // path element does not end with a dot
170 p++; // go to the next char
171 else
172 return 1; // path element does end with a dot - prohibited
173 }
174 return 0; // no prohibited combinations of dots found
175 }
176
177 /* Wide character version of dots */
178 static int
179 wdots(WCHAR *start)
180 {
181 WCHAR *p = start;
182 while (*p) {
183 if ((p = wcschr(p, L'.')) == NULL) // find next occurence of '.'
184 return 0; // no more dots
185 p++; // next char
186 while ((*p) == L'.') // go to the end of dots
187 p++;
188 if (*p && (*p != L'\\')) // path element does not end with a dot
189 p++; // go to the next char
190 else
191 return 1; // path element does end with a dot - prohibited
192 }
193 return 0; // no prohibited combinations of dots found
194 }
195
196 /* If the lookup of a particular prefix fails because the file does not exist,
197 because it is of the wrong type, because access is denied, or because the
198 network is unreachable then canonicalization does not fail, it terminates
199 successfully after copying the rest of the original path to the result path.
200 Other I/O errors cause an error return.
201 */
202
203 int
204 lastErrorReportable()
205 {
206 DWORD errval = GetLastError();
207 if ((errval == ERROR_FILE_NOT_FOUND)
208 || (errval == ERROR_DIRECTORY)
209 || (errval == ERROR_PATH_NOT_FOUND)
210 || (errval == ERROR_BAD_NETPATH)
211 || (errval == ERROR_BAD_NET_NAME)
212 || (errval == ERROR_ACCESS_DENIED)
213 || (errval == ERROR_NETWORK_UNREACHABLE)
214 || (errval == ERROR_NETWORK_ACCESS_DENIED)) {
215 return 0;
216 }
217
218 #ifdef DEBUG_PATH
219 jio_fprintf(stderr, "canonicalize: errval %d\n", errval);
220 #endif
221 return 1;
222 }
223
224 /* Convert a pathname to canonical form. The input orig_path is assumed to
225 have been converted to native form already, via JVM_NativePath(). This is
226 necessary because _fullpath() rejects duplicate separator characters on
227 Win95, though it accepts them on NT. */
228
229 int
230 canonicalize(char *orig_path, char *result, int size)
231 {
232 WIN32_FIND_DATA fd;
233 HANDLE h;
234 char path[1024]; /* Working copy of path */
235 char *src, *dst, *dend;
236
237 /* Reject paths that contain wildcards */
238 if (wild(orig_path)) {
239 errno = EINVAL;
240 return -1;
241 }
242
243 /* Collapse instances of "foo\.." and ensure absoluteness. Note that
244 contrary to the documentation, the _fullpath procedure does not require
245 the drive to be available. It also does not reliably change all
246 occurrences of '/' to '\\' on Win95, so now JVM_NativePath does that. */
247 if(!_fullpath(path, orig_path, sizeof(path))) {
248 return -1;
249 }
250
251 /* Correction for Win95: _fullpath may leave a trailing "\\"
252 on a UNC pathname */
253 if ((path[0] == '\\') && (path[1] == '\\')) {
254 char *p = path + strlen(path);
255 if ((p[-1] == '\\') && !islb(p[-2])) {
256 p[-1] = '\0';
257 }
258 }
259
260 if (dots(path)) /* Check for prohibited combinations of dots */
261 return -1;
262
263 src = path; /* Start scanning here */
264 dst = result; /* Place results here */
265 dend = dst + size; /* Don't go to or past here */
266
267 /* Copy prefix, assuming path is absolute */
268 if (isalpha(src[0]) && (src[1] == ':') && (src[2] == '\\')) {
269 /* Drive specifier */
270 *src = toupper(*src); /* Canonicalize drive letter */
271 if (!(dst = cp(dst, dend, '\0', src, src + 2))) {
272 return -1;
273 }
274 src += 2;
275 } else if ((src[0] == '\\') && (src[1] == '\\')) {
276 /* UNC pathname */
277 char *p;
278 p = nextsep(src + 2); /* Skip past host name */
279 if (!*p) {
280 /* A UNC pathname must begin with "\\\\host\\share",
281 so reject this path as invalid if there is no share name */
282 errno = EINVAL;
283 return -1;
284 }
285 p = nextsep(p + 1); /* Skip past share name */
286 if (!(dst = cp(dst, dend, '\0', src, p))) {
287 return -1;
288 }
289 src = p;
290 } else {
291 /* Invalid path */
292 errno = EINVAL;
293 return -1;
294 }
295
296 /* Windows 95/98/Me bug - FindFirstFile fails on network mounted drives */
297 /* for root pathes like "E:\" . If the path has this form, we should */
298 /* simply return it, it is already canonicalized. */
299 if (strlen(path) == 3 && path[1] == ':' && path[2] == '\\') {
300 /* At this point we have already copied the drive specifier ("z:")*/
301 /* so we need to copy "\" and the null character. */
302 result[2] = '\\';
303 result[3] = '\0';
304 return 0;
305 }
306
307 /* At this point we have copied either a drive specifier ("z:") or a UNC
308 prefix ("\\\\host\\share") to the result buffer, and src points to the
309 first byte of the remainder of the path. We now scan through the rest
310 of the path, looking up each prefix in order to find the true name of
311 the last element of each prefix, thereby computing the full true name of
312 the original path. */
313 while (*src) {
314 char *p = nextsep(src + 1); /* Find next separator */
315 char c = *p;
316 assert(*src == '\\'); /* Invariant */
317 *p = '\0'; /* Temporarily clear separator */
318 h = FindFirstFile(path, &fd); /* Look up prefix */
319 *p = c; /* Restore separator */
320 if (h != INVALID_HANDLE_VALUE) {
321 /* Lookup succeeded; append true name to result and continue */
322 FindClose(h);
323 if (!(dst = cp(dst, dend, '\\',
324 fd.cFileName,
325 fd.cFileName + strlen(fd.cFileName)))) {
326 return -1;
327 }
328 src = p;
329 continue;
330 } else {
331 if (!lastErrorReportable()) {
332 if (!(dst = cp(dst, dend, '\0', src, src + strlen(src)))) {
333 return -1;
334 }
335 break;
336 } else {
337 return -1;
338 }
339 }
340 }
341
342 if (dst >= dend) {
343 errno = ENAMETOOLONG;
344 return -1;
345 }
346 *dst = '\0';
347 return 0;
348
349 }
350
351
352 /* Convert a pathname to canonical form. The input prefix is assumed
353 to be in canonical form already, and the trailing filename must not
354 contain any wildcard, dot/double dot, or other "tricky" characters
355 that are rejected by the canonicalize() routine above. This
356 routine is present to allow the canonicalization prefix cache to be
357 used while still returning canonical names with the correct
358 capitalization. */
359
360 int
361 canonicalizeWithPrefix(char* canonicalPrefix, char* pathWithCanonicalPrefix, char *result, int size)
362 {
363 WIN32_FIND_DATA fd;
364 HANDLE h;
365 char *src, *dst, *dend;
366
367 src = pathWithCanonicalPrefix;
368 dst = result; /* Place results here */
369 dend = dst + size; /* Don't go to or past here */
370
371 h = FindFirstFile(pathWithCanonicalPrefix, &fd); /* Look up file */
372 if (h != INVALID_HANDLE_VALUE) {
373 /* Lookup succeeded; concatenate true name to prefix */
374 FindClose(h);
375 if (!(dst = cp(dst, dend, '\0',
376 canonicalPrefix,
377 canonicalPrefix + strlen(canonicalPrefix)))) {
378 return -1;
379 }
380 if (!(dst = cp(dst, dend, '\\',
381 fd.cFileName,
382 fd.cFileName + strlen(fd.cFileName)))) {
383 return -1;
384 }
385 } else {
386 if (!lastErrorReportable()) {
387 if (!(dst = cp(dst, dend, '\0', src, src + strlen(src)))) {
388 return -1;
389 }
390 } else {
391 return -1;
392 }
393 }
394
395 if (dst >= dend) {
396 errno = ENAMETOOLONG;
397 return -1;
398 }
399 *dst = '\0';
400 return 0;
401 }
402
403
404 /* Wide character version of canonicalize. Size is a wide-character size. */
405
406 int
407 wcanonicalize(WCHAR *orig_path, WCHAR *result, int size)
408 {
409 WIN32_FIND_DATAW fd;
410 HANDLE h;
411 WCHAR *path; /* Working copy of path */
412 WCHAR *src, *dst, *dend, c;
413
414 /* Reject paths that contain wildcards */
415 if (wwild(orig_path)) {
416 errno = EINVAL;
417 return -1;
418 }
419
420 if ((path = (WCHAR*)malloc(size * sizeof(WCHAR))) == NULL)
421 return -1;
422
423 /* Collapse instances of "foo\.." and ensure absoluteness. Note that
424 contrary to the documentation, the _fullpath procedure does not require
425 the drive to be available. */
426 if(!_wfullpath(path, orig_path, size)) {
427 goto err;
428 }
429
430 if (wdots(path)) /* Check for prohibited combinations of dots */
431 goto err;
432
433 src = path; /* Start scanning here */
434 dst = result; /* Place results here */
435 dend = dst + size; /* Don't go to or past here */
436
437 /* Copy prefix, assuming path is absolute */
438 c = src[0];
439 if (((c <= L'z' && c >= L'a') || (c <= L'Z' && c >= L'A'))
440 && (src[1] == L':') && (src[2] == L'\\')) {
441 /* Drive specifier */
442 *src = towupper(*src); /* Canonicalize drive letter */
443 if (!(dst = wcp(dst, dend, L'\0', src, src + 2))) {
444 goto err;
445 }
446
447 src += 2;
448 } else if ((src[0] == L'\\') && (src[1] == L'\\')) {
449 /* UNC pathname */
450 WCHAR *p;
451 p = wnextsep(src + 2); /* Skip past host name */
452 if (!*p) {
453 /* A UNC pathname must begin with "\\\\host\\share",
454 so reject this path as invalid if there is no share name */
455 errno = EINVAL;
456 goto err;
457 }
458 p = wnextsep(p + 1); /* Skip past share name */
459 if (!(dst = wcp(dst, dend, L'\0', src, p)))
460 goto err;
461 src = p;
462 } else {
463 /* Invalid path */
464 errno = EINVAL;
465 goto err;
466 }
467 /* At this point we have copied either a drive specifier ("z:") or a UNC
468 prefix ("\\\\host\\share") to the result buffer, and src points to the
469 first byte of the remainder of the path. We now scan through the rest
470 of the path, looking up each prefix in order to find the true name of
471 the last element of each prefix, thereby computing the full true name of
472 the original path. */
473 while (*src) {
474 WCHAR *p = wnextsep(src + 1); /* Find next separator */
475 WCHAR c = *p;
476 WCHAR *pathbuf;
477 int pathlen;
478
479 assert(*src == L'\\'); /* Invariant */
480 *p = L'\0'; /* Temporarily clear separator */
481
482 if ((pathlen = (int)wcslen(path)) > MAX_PATH - 1) {
483 pathbuf = getPrefixed(path, pathlen);
484 h = FindFirstFileW(pathbuf, &fd); /* Look up prefix */
485 free(pathbuf);
486 } else
487 h = FindFirstFileW(path, &fd); /* Look up prefix */
488
489 *p = c; /* Restore separator */
490 if (h != INVALID_HANDLE_VALUE) {
491 /* Lookup succeeded; append true name to result and continue */
492 FindClose(h);
493 if (!(dst = wcp(dst, dend, L'\\', fd.cFileName,
494 fd.cFileName + wcslen(fd.cFileName)))){
495 goto err;
496 }
497 src = p;
498 continue;
499 } else {
500 if (!lastErrorReportable()) {
501 if (!(dst = wcp(dst, dend, L'\0', src, src + wcslen(src)))){
502 goto err;
503 }
504 break;
505 } else {
506 goto err;
507 }
508 }
509 }
510
511 if (dst >= dend) {
512 errno = ENAMETOOLONG;
513 goto err;
514 }
515 *dst = L'\0';
516 free(path);
517 return 0;
518
519 err:
520 free(path);
521 return -1;
522 }
523
524
525 /* Wide character version of canonicalizeWithPrefix. */
526
527 int
528 wcanonicalizeWithPrefix(WCHAR *canonicalPrefix, WCHAR *pathWithCanonicalPrefix, WCHAR *result, int size)
529 {
530 WIN32_FIND_DATAW fd;
531 HANDLE h;
532 WCHAR *src, *dst, *dend;
533 WCHAR *pathbuf;
534 int pathlen;
535
536 src = pathWithCanonicalPrefix;
537 dst = result; /* Place results here */
538 dend = dst + size; /* Don't go to or past here */
539
540
541 if ((pathlen=(int)wcslen(pathWithCanonicalPrefix)) > MAX_PATH - 1) {
542 pathbuf = getPrefixed(pathWithCanonicalPrefix, pathlen);
543 h = FindFirstFileW(pathbuf, &fd); /* Look up prefix */
544 free(pathbuf);
545 } else
546 h = FindFirstFileW(pathWithCanonicalPrefix, &fd); /* Look up prefix */
547 if (h != INVALID_HANDLE_VALUE) {
548 /* Lookup succeeded; append true name to result and continue */
549 FindClose(h);
550 if (!(dst = wcp(dst, dend, L'\0',
551 canonicalPrefix,
552 canonicalPrefix + wcslen(canonicalPrefix)))) {
553 return -1;
554 }
555 if (!(dst = wcp(dst, dend, L'\\',
556 fd.cFileName,
557 fd.cFileName + wcslen(fd.cFileName)))) {
558 return -1;
559 }
560 } else {
561 if (!lastErrorReportable()) {
562 if (!(dst = wcp(dst, dend, L'\0', src, src + wcslen(src)))) {
563 return -1;
564 }
565 } else {
566 return -1;
567 }
568 }
569
570 if (dst >= dend) {
571 errno = ENAMETOOLONG;
572 return -1;
573 }
574 *dst = L'\0';
575 return 0;
576 }
577
578
579 /* The appropriate location of getPrefixed() should be io_util_md.c, but
580 java.lang.instrument package has hardwired canonicalize_md.c into their
581 dll, to avoid complicate solution such as including io_util_md.c into
582 that package, as a workaround we put this method here.
583 */
584
585 /* copy \\?\ or \\?\UNC\ to the front of path*/
586 WCHAR*
587 getPrefixed(const WCHAR* path, int pathlen) {
588 WCHAR* pathbuf = (WCHAR*)malloc((pathlen + 10) * sizeof (WCHAR));
589 if (pathbuf != 0) {
590 if (path[0] == L'\\' && path[1] == L'\\') {
591 if (path[2] == L'?' && path[3] == L'\\'){
592 /* if it already has a \\?\ don't do the prefix */
593 wcscpy(pathbuf, path );
594 } else {
595 /* only UNC pathname includes double slashes here */
596 wcscpy(pathbuf, L"\\\\?\\UNC\0");
597 wcscat(pathbuf, path + 1);
598 }
599 } else {
600 wcscpy(pathbuf, L"\\\\?\\\0");
601 wcscat(pathbuf, path );
602 }
603 }
604 return pathbuf;
605 }