1 /*
   2  * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 /*
  27  * Pathname canonicalization for Win32 file systems
  28  */
  29 
  30 #include <stdio.h>
  31 #include <stdlib.h>
  32 #include <string.h>
  33 #include <ctype.h>
  34 #include <assert.h>
  35 #include <sys/stat.h>
  36 
  37 #include <windows.h>
  38 #include <winbase.h>
  39 #include <errno.h>
  40 #include "io_util_md.h"
  41 
  42 #undef DEBUG_PATH        /* Define this to debug path code */
  43 
  44 #define isfilesep(c) ((c) == '/' || (c) == '\\')
  45 #define wisfilesep(c) ((c) == L'/' || (c) == L'\\')
  46 #define islb(c)      (IsDBCSLeadByte((BYTE)(c)))
  47 
  48 
  49 /* Copy bytes to dst, not going past dend; return dst + number of bytes copied,
  50    or NULL if dend would have been exceeded.  If first != '\0', copy that byte
  51    before copying bytes from src to send - 1. */
  52 
  53 static char *
  54 cp(char *dst, char *dend, char first, char *src, char *send)
  55 {
  56     char *p = src, *q = dst;
  57     if (first != '\0') {
  58         if (q < dend) {
  59             *q++ = first;
  60         } else {
  61             errno = ENAMETOOLONG;
  62             return NULL;
  63         }
  64     }
  65     if (send - p > dend - q) {
  66         errno = ENAMETOOLONG;
  67         return NULL;
  68     }
  69     while (p < send) {
  70         *q++ = *p++;
  71     }
  72     return q;
  73 }
  74 
  75 /* Wide character version of cp */
  76 
  77 static WCHAR*
  78 wcp(WCHAR *dst, WCHAR *dend, WCHAR first, WCHAR *src, WCHAR *send)
  79 {
  80     WCHAR *p = src, *q = dst;
  81     if (first != L'\0') {
  82         if (q < dend) {
  83             *q++ = first;
  84         } else {
  85             errno = ENAMETOOLONG;
  86             return NULL;
  87         }
  88     }
  89     if (send - p > dend - q) {
  90         errno = ENAMETOOLONG;
  91         return NULL;
  92     }
  93     while (p < send)
  94         *q++ = *p++;
  95     return q;
  96 }
  97 
  98 
  99 /* Find first instance of '\\' at or following start.  Return the address of
 100    that byte or the address of the null terminator if '\\' is not found. */
 101 
 102 static char *
 103 nextsep(char *start)
 104 {
 105     char *p = start;
 106     int c;
 107     while ((c = *p) && (c != '\\')) {
 108         p += ((islb(c) && p[1]) ? 2 : 1);
 109     }
 110     return p;
 111 }
 112 
 113 /* Wide character version of nextsep */
 114 
 115 static WCHAR *
 116 wnextsep(WCHAR *start)
 117 {
 118     WCHAR *p = start;
 119     int c;
 120     while ((c = *p) && (c != L'\\'))
 121         p++;
 122     return p;
 123 }
 124 
 125 /* Tell whether the given string contains any wildcard characters */
 126 
 127 static int
 128 wild(char *start)
 129 {
 130     char *p = start;
 131     int c;
 132     while (c = *p) {
 133         if ((c == '*') || (c == '?')) return 1;
 134         p += ((islb(c) && p[1]) ? 2 : 1);
 135     }
 136     return 0;
 137 }
 138 
 139 /* Wide character version of wild */
 140 
 141 static int
 142 wwild(WCHAR *start)
 143 {
 144     WCHAR *p = start;
 145     int c;
 146     while (c = *p) {
 147         if ((c == L'*') || (c == L'?'))
 148             return 1;
 149         p++;
 150     }
 151     return 0;
 152 }
 153 
 154 /* Tell whether the given string contains prohibited combinations of dots.
 155    In the canonicalized form no path element may have dots at its end.
 156    Allowed canonical paths: c:\xa...dksd\..ksa\.lk    c:\...a\.b\cd..x.x
 157    Prohibited canonical paths: c:\..\x  c:\x.\d c:\...
 158 */
 159 static int
 160 dots(char *start)
 161 {
 162     char *p = start;
 163     while (*p) {
 164         if ((p = strchr(p, '.')) == NULL) // find next occurence of '.'
 165             return 0; // no more dots
 166         p++; // next char
 167         while ((*p) == '.') // go to the end of dots
 168             p++;
 169         if (*p && (*p != '\\')) // path element does not end with a dot
 170             p++; // go to the next char
 171         else
 172             return 1; // path element does end with a dot - prohibited
 173     }
 174     return 0; // no prohibited combinations of dots found
 175 }
 176 
 177 /* Wide character version of dots */
 178 static int
 179 wdots(WCHAR *start)
 180 {
 181     WCHAR *p = start;
 182     // Skip "\\.\" prefix
 183     if (wcslen(p) > 4 && !wcsncmp(p, L"\\\\.\\", 4))
 184         p = p + 4;
 185 
 186     while (*p) {
 187         if ((p = wcschr(p, L'.')) == NULL) // find next occurence of '.'
 188             return 0; // no more dots
 189         p++; // next char
 190         while ((*p) == L'.') // go to the end of dots
 191             p++;
 192         if (*p && (*p != L'\\')) // path element does not end with a dot
 193             p++; // go to the next char
 194         else
 195             return 1; // path element does end with a dot - prohibited
 196     }
 197     return 0; // no prohibited combinations of dots found
 198 }
 199 
 200 /* If the lookup of a particular prefix fails because the file does not exist,
 201    because it is of the wrong type, because access is denied, or because the
 202    network is unreachable then canonicalization does not fail, it terminates
 203    successfully after copying the rest of the original path to the result path.
 204    Other I/O errors cause an error return.
 205 */
 206 
 207 int
 208 lastErrorReportable()
 209 {
 210     DWORD errval = GetLastError();
 211     if ((errval == ERROR_FILE_NOT_FOUND)
 212         || (errval == ERROR_DIRECTORY)
 213         || (errval == ERROR_PATH_NOT_FOUND)
 214         || (errval == ERROR_BAD_NETPATH)
 215         || (errval == ERROR_BAD_NET_NAME)
 216         || (errval == ERROR_ACCESS_DENIED)
 217         || (errval == ERROR_NETWORK_UNREACHABLE)
 218         || (errval == ERROR_NETWORK_ACCESS_DENIED)) {
 219         return 0;
 220     }
 221 
 222 #ifdef DEBUG_PATH
 223     jio_fprintf(stderr, "canonicalize: errval %d\n", errval);
 224 #endif
 225     return 1;
 226 }
 227 
 228 /* Convert a pathname to canonical form.  The input orig_path is assumed to
 229    have been converted to native form already, via JVM_NativePath().  This is
 230    necessary because _fullpath() rejects duplicate separator characters on
 231    Win95, though it accepts them on NT. */
 232 
 233 int
 234 canonicalize(char *orig_path, char *result, int size)
 235 {
 236     WIN32_FIND_DATA fd;
 237     HANDLE h;
 238     char path[1024];    /* Working copy of path */
 239     char *src, *dst, *dend;
 240 
 241     /* Reject paths that contain wildcards */
 242     if (wild(orig_path)) {
 243         errno = EINVAL;
 244         return -1;
 245     }
 246 
 247     /* Collapse instances of "foo\.." and ensure absoluteness.  Note that
 248        contrary to the documentation, the _fullpath procedure does not require
 249        the drive to be available.  It also does not reliably change all
 250        occurrences of '/' to '\\' on Win95, so now JVM_NativePath does that. */
 251     if(!_fullpath(path, orig_path, sizeof(path))) {
 252         return -1;
 253     }
 254 
 255     /* Correction for Win95: _fullpath may leave a trailing "\\"
 256        on a UNC pathname */
 257     if ((path[0] == '\\') && (path[1] == '\\')) {
 258         char *p = path + strlen(path);
 259         if ((p[-1] == '\\') && !islb(p[-2])) {
 260             p[-1] = '\0';
 261         }
 262     }
 263 
 264     if (dots(path)) /* Check for prohibited combinations of dots */
 265         return -1;
 266 
 267     src = path;            /* Start scanning here */
 268     dst = result;        /* Place results here */
 269     dend = dst + size;        /* Don't go to or past here */
 270 
 271     /* Copy prefix, assuming path is absolute */
 272     if (isalpha(src[0]) && (src[1] == ':') && (src[2] == '\\')) {
 273         /* Drive specifier */
 274         *src = toupper(*src);    /* Canonicalize drive letter */
 275         if (!(dst = cp(dst, dend, '\0', src, src + 2))) {
 276             return -1;
 277         }
 278         src += 2;
 279     } else if ((src[0] == '\\') && (src[1] == '\\')) {
 280         /* UNC pathname */
 281         char *p;
 282         p = nextsep(src + 2);    /* Skip past host name */
 283         if (!*p) {
 284         /* A UNC pathname must begin with "\\\\host\\share",
 285            so reject this path as invalid if there is no share name */
 286             errno = EINVAL;
 287             return -1;
 288     }
 289     p = nextsep(p + 1);    /* Skip past share name */
 290     if (!(dst = cp(dst, dend, '\0', src, p))) {
 291         return -1;
 292     }
 293     src = p;
 294     } else {
 295         /* Invalid path */
 296         errno = EINVAL;
 297         return -1;
 298     }
 299 
 300     /* Windows 95/98/Me bug - FindFirstFile fails on network mounted drives */
 301     /* for root pathes like "E:\" . If the path has this form, we should  */
 302     /* simply return it, it is already canonicalized. */
 303     if (strlen(path) == 3 && path[1] == ':' && path[2] == '\\') {
 304         /* At this point we have already copied the drive specifier ("z:")*/
 305         /* so we need to copy "\" and the null character. */
 306         result[2] = '\\';
 307         result[3] = '\0';
 308         return 0;
 309     }
 310 
 311     /* At this point we have copied either a drive specifier ("z:") or a UNC
 312        prefix ("\\\\host\\share") to the result buffer, and src points to the
 313        first byte of the remainder of the path.  We now scan through the rest
 314        of the path, looking up each prefix in order to find the true name of
 315        the last element of each prefix, thereby computing the full true name of
 316        the original path. */
 317     while (*src) {
 318         char *p = nextsep(src + 1);    /* Find next separator */
 319         char c = *p;
 320         assert(*src == '\\');        /* Invariant */
 321         *p = '\0';            /* Temporarily clear separator */
 322         h = FindFirstFile(path, &fd);    /* Look up prefix */
 323         *p = c;                /* Restore separator */
 324         if (h != INVALID_HANDLE_VALUE) {
 325             /* Lookup succeeded; append true name to result and continue */
 326             FindClose(h);
 327             if (!(dst = cp(dst, dend, '\\',
 328                            fd.cFileName,
 329                            fd.cFileName + strlen(fd.cFileName)))) {
 330                 return -1;
 331             }
 332             src = p;
 333             continue;
 334         } else {
 335             if (!lastErrorReportable()) {
 336                 if (!(dst = cp(dst, dend, '\0', src, src + strlen(src)))) {
 337                     return -1;
 338                 }
 339                 break;
 340             } else {
 341                 return -1;
 342             }
 343         }
 344     }
 345 
 346     if (dst >= dend) {
 347     errno = ENAMETOOLONG;
 348     return -1;
 349     }
 350     *dst = '\0';
 351     return 0;
 352 
 353 }
 354 
 355 
 356 /* Convert a pathname to canonical form.  The input prefix is assumed
 357    to be in canonical form already, and the trailing filename must not
 358    contain any wildcard, dot/double dot, or other "tricky" characters
 359    that are rejected by the canonicalize() routine above.  This
 360    routine is present to allow the canonicalization prefix cache to be
 361    used while still returning canonical names with the correct
 362    capitalization. */
 363 
 364 int
 365 canonicalizeWithPrefix(char* canonicalPrefix, char* pathWithCanonicalPrefix, char *result, int size)
 366 {
 367     WIN32_FIND_DATA fd;
 368     HANDLE h;
 369     char *src, *dst, *dend;
 370 
 371     src = pathWithCanonicalPrefix;
 372     dst = result;        /* Place results here */
 373     dend = dst + size;   /* Don't go to or past here */
 374 
 375     h = FindFirstFile(pathWithCanonicalPrefix, &fd);    /* Look up file */
 376     if (h != INVALID_HANDLE_VALUE) {
 377         /* Lookup succeeded; concatenate true name to prefix */
 378         FindClose(h);
 379         if (!(dst = cp(dst, dend, '\0',
 380                        canonicalPrefix,
 381                        canonicalPrefix + strlen(canonicalPrefix)))) {
 382             return -1;
 383         }
 384         if (!(dst = cp(dst, dend, '\\',
 385                        fd.cFileName,
 386                        fd.cFileName + strlen(fd.cFileName)))) {
 387             return -1;
 388         }
 389     } else {
 390         if (!lastErrorReportable()) {
 391             if (!(dst = cp(dst, dend, '\0', src, src + strlen(src)))) {
 392                 return -1;
 393             }
 394         } else {
 395             return -1;
 396         }
 397     }
 398 
 399     if (dst >= dend) {
 400         errno = ENAMETOOLONG;
 401         return -1;
 402     }
 403     *dst = '\0';
 404     return 0;
 405 }
 406 
 407 
 408 /* Wide character version of canonicalize. Size is a wide-character size. */
 409 
 410 int
 411 wcanonicalize(WCHAR *orig_path, WCHAR *result, int size)
 412 {
 413     WIN32_FIND_DATAW fd;
 414     HANDLE h;
 415     WCHAR *path;    /* Working copy of path */
 416     WCHAR *src, *dst, *dend, c;
 417 
 418     /* Reject paths that contain wildcards */
 419     if (wwild(orig_path)) {
 420         errno = EINVAL;
 421         return -1;
 422     }
 423 
 424     if ((path = (WCHAR*)malloc(size * sizeof(WCHAR))) == NULL)
 425         return -1;
 426 
 427     /* Collapse instances of "foo\.." and ensure absoluteness.  Note that
 428        contrary to the documentation, the _fullpath procedure does not require
 429        the drive to be available.  */
 430     if(!_wfullpath(path, orig_path, size)) {
 431         goto err;
 432     }
 433 
 434     if (wdots(path)) /* Check for prohibited combinations of dots */
 435         goto err;
 436 
 437     src = path;            /* Start scanning here */
 438     dst = result;        /* Place results here */
 439     dend = dst + size;        /* Don't go to or past here */
 440 
 441     /* Copy prefix, assuming path is absolute */
 442     c = src[0];
 443     if (((c <= L'z' && c >= L'a') || (c <= L'Z' && c >= L'A'))
 444        && (src[1] == L':') && (src[2] == L'\\')) {
 445         /* Drive specifier */
 446         *src = towupper(*src);    /* Canonicalize drive letter */
 447         if (!(dst = wcp(dst, dend, L'\0', src, src + 2))) {
 448             goto err;
 449         }
 450 
 451         src += 2;
 452     } else if ((src[0] == L'\\') && (src[1] == L'\\')) {
 453         /* UNC pathname */
 454         WCHAR *p;
 455         p = wnextsep(src + 2);    /* Skip past host name */
 456         if (!*p) {
 457             /* A UNC pathname must begin with "\\\\host\\share",
 458                so reject this path as invalid if there is no share name */
 459             errno = EINVAL;
 460             goto err;
 461         }
 462         p = wnextsep(p + 1);    /* Skip past share name */
 463         if (!(dst = wcp(dst, dend, L'\0', src, p)))
 464             goto err;
 465         src = p;
 466     } else {
 467         /* Invalid path */
 468         errno = EINVAL;
 469         goto err;
 470     }
 471     /* At this point we have copied either a drive specifier ("z:") or a UNC
 472        prefix ("\\\\host\\share") to the result buffer, and src points to the
 473        first byte of the remainder of the path.  We now scan through the rest
 474        of the path, looking up each prefix in order to find the true name of
 475        the last element of each prefix, thereby computing the full true name of
 476        the original path. */
 477     while (*src) {
 478         WCHAR *p = wnextsep(src + 1);    /* Find next separator */
 479         WCHAR c = *p;
 480         WCHAR *pathbuf;
 481         int pathlen;
 482 
 483         assert(*src == L'\\');        /* Invariant */
 484         *p = L'\0';            /* Temporarily clear separator */
 485 
 486         if ((pathlen = (int)wcslen(path)) > MAX_PATH - 1) {
 487             pathbuf = getPrefixed(path, pathlen);
 488             h = FindFirstFileW(pathbuf, &fd);    /* Look up prefix */
 489             free(pathbuf);
 490         } else
 491             h = FindFirstFileW(path, &fd);    /* Look up prefix */
 492 
 493         *p = c;                /* Restore separator */
 494         if (h != INVALID_HANDLE_VALUE) {
 495             /* Lookup succeeded; append true name to result and continue */
 496             FindClose(h);
 497             if (!(dst = wcp(dst, dend, L'\\', fd.cFileName,
 498                             fd.cFileName + wcslen(fd.cFileName)))){
 499                 goto err;
 500             }
 501             src = p;
 502             continue;
 503         } else {
 504             if (!lastErrorReportable()) {
 505                if (!(dst = wcp(dst, dend, L'\0', src, src + wcslen(src)))){
 506                    goto err;
 507                }
 508                 break;
 509             } else {
 510                 goto err;
 511             }
 512         }
 513     }
 514 
 515     if (dst >= dend) {
 516     errno = ENAMETOOLONG;
 517         goto err;
 518     }
 519     *dst = L'\0';
 520     free(path);
 521     return 0;
 522 
 523  err:
 524     free(path);
 525     return -1;
 526 }
 527 
 528 
 529 /* Wide character version of canonicalizeWithPrefix. */
 530 
 531 int
 532 wcanonicalizeWithPrefix(WCHAR *canonicalPrefix, WCHAR *pathWithCanonicalPrefix, WCHAR *result, int size)
 533 {
 534     WIN32_FIND_DATAW fd;
 535     HANDLE h;
 536     WCHAR *src, *dst, *dend;
 537     WCHAR *pathbuf;
 538     int pathlen;
 539 
 540     src = pathWithCanonicalPrefix;
 541     dst = result;        /* Place results here */
 542     dend = dst + size;   /* Don't go to or past here */
 543 
 544 
 545     if ((pathlen=(int)wcslen(pathWithCanonicalPrefix)) > MAX_PATH - 1) {
 546         pathbuf = getPrefixed(pathWithCanonicalPrefix, pathlen);
 547         h = FindFirstFileW(pathbuf, &fd);    /* Look up prefix */
 548         free(pathbuf);
 549     } else
 550         h = FindFirstFileW(pathWithCanonicalPrefix, &fd);    /* Look up prefix */
 551     if (h != INVALID_HANDLE_VALUE) {
 552         /* Lookup succeeded; append true name to result and continue */
 553         FindClose(h);
 554         if (!(dst = wcp(dst, dend, L'\0',
 555                         canonicalPrefix,
 556                         canonicalPrefix + wcslen(canonicalPrefix)))) {
 557             return -1;
 558         }
 559         if (!(dst = wcp(dst, dend, L'\\',
 560                         fd.cFileName,
 561                         fd.cFileName + wcslen(fd.cFileName)))) {
 562             return -1;
 563         }
 564     } else {
 565         if (!lastErrorReportable()) {
 566             if (!(dst = wcp(dst, dend, L'\0', src, src + wcslen(src)))) {
 567                 return -1;
 568             }
 569         } else {
 570             return -1;
 571         }
 572     }
 573 
 574     if (dst >= dend) {
 575         errno = ENAMETOOLONG;
 576         return -1;
 577     }
 578     *dst = L'\0';
 579     return 0;
 580 }
 581 
 582 
 583 /* The appropriate location of getPrefixed() should be io_util_md.c, but
 584    java.lang.instrument package has hardwired canonicalize_md.c into their
 585    dll, to avoid complicate solution such as including io_util_md.c into
 586    that package, as a workaround we put this method here.
 587  */
 588 
 589 /* copy \\?\ or \\?\UNC\ to the front of path*/
 590 WCHAR*
 591 getPrefixed(const WCHAR* path, int pathlen) {
 592     WCHAR* pathbuf = (WCHAR*)malloc((pathlen + 10) * sizeof (WCHAR));
 593     if (pathbuf != 0) {
 594         if (path[0] == L'\\' && path[1] == L'\\') {
 595             if (path[2] == L'?' && path[3] == L'\\'){
 596                 /* if it already has a \\?\ don't do the prefix */
 597                 wcscpy(pathbuf, path );
 598             } else {
 599                 /* only UNC pathname includes double slashes here */
 600                 wcscpy(pathbuf, L"\\\\?\\UNC\0");
 601                 wcscat(pathbuf, path + 1);
 602             }
 603         } else {
 604             wcscpy(pathbuf, L"\\\\?\\\0");
 605             wcscat(pathbuf, path );
 606         }
 607     }
 608     return pathbuf;
 609 }
--- EOF ---