xref: /openbsd-src/bin/cp/utils.c (revision ae3cb403620ab940fbaabb3055fac045a63d56b7) 
1 /*	$OpenBSD: utils.c,v 1.40 2017/06/27 21:43:46 tedu Exp $	*/
2 /*	$NetBSD: utils.c,v 1.6 1997/02/26 14:40:51 cgd Exp $	*/
3 
4 /*-
5  * Copyright (c) 1991, 1993, 1994
6  *	The Regents of the University of California.  All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  * 3. Neither the name of the University nor the names of its contributors
17  *    may be used to endorse or promote products derived from this software
18  *    without specific prior written permission.
19  *
20  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30  * SUCH DAMAGE.
31  */
32 
33 #include <sys/param.h>		/* MAXBSIZE */
34 #include <sys/stat.h>
35 #include <sys/mman.h>
36 #include <sys/time.h>
37 
38 #include <err.h>
39 #include <errno.h>
40 #include <fcntl.h>
41 #include <fts.h>
42 #include <stdio.h>
43 #include <stdlib.h>
44 #include <string.h>
45 #include <unistd.h>
46 #include <limits.h>
47 
48 #include "extern.h"
49 
50 int
51 copy_file(FTSENT *entp, int dne)
52 {
53 	static char *buf;
54 	static char *zeroes;
55 	struct stat to_stat, *fs;
56 	int ch, checkch, from_fd, rcount, rval, to_fd, wcount;
57 #ifdef VM_AND_BUFFER_CACHE_SYNCHRONIZED
58 	char *p;
59 #endif
60 
61 	if (!buf) {
62 		buf = malloc(MAXBSIZE);
63 		if (!buf)
64 			err(1, "malloc");
65 	}
66 	if (!zeroes) {
67 		zeroes = calloc(1, MAXBSIZE);
68 		if (!zeroes)
69 			err(1, "calloc");
70 	}
71 
72 	if ((from_fd = open(entp->fts_path, O_RDONLY, 0)) == -1) {
73 		warn("%s", entp->fts_path);
74 		return (1);
75 	}
76 
77 	fs = entp->fts_statp;
78 
79 	/*
80 	 * In -f (force) mode, we always unlink the destination first
81 	 * if it exists.  Note that -i and -f are mutually exclusive.
82 	 */
83 	if (!dne && fflag)
84 		(void)unlink(to.p_path);
85 
86 	/*
87 	 * If the file exists and we're interactive, verify with the user.
88 	 * If the file DNE, set the mode to be the from file, minus setuid
89 	 * bits, modified by the umask; arguably wrong, but it makes copying
90 	 * executables work right and it's been that way forever.  (The
91 	 * other choice is 666 or'ed with the execute bits on the from file
92 	 * modified by the umask.)
93 	 */
94 	if (!dne && !fflag) {
95 		if (iflag) {
96 			(void)fprintf(stderr, "overwrite %s? ", to.p_path);
97 			checkch = ch = getchar();
98 			while (ch != '\n' && ch != EOF)
99 				ch = getchar();
100 			if (checkch != 'y' && checkch != 'Y') {
101 				(void)close(from_fd);
102 				return (0);
103 			}
104 		}
105 		to_fd = open(to.p_path, O_WRONLY | O_TRUNC, 0);
106 	} else
107 		to_fd = open(to.p_path, O_WRONLY | O_TRUNC | O_CREAT,
108 		    fs->st_mode & ~(S_ISTXT | S_ISUID | S_ISGID));
109 
110 	if (to_fd == -1) {
111 		warn("%s", to.p_path);
112 		(void)close(from_fd);
113 		return (1);
114 	}
115 
116 	rval = 0;
117 
118 	/*
119 	 * Mmap and write if less than 8M (the limit is so we don't totally
120 	 * trash memory on big files.  This is really a minor hack, but it
121 	 * wins some CPU back.
122 	 */
123 #ifdef VM_AND_BUFFER_CACHE_SYNCHRONIZED
124 	/* XXX broken for 0-size mmap */
125 	if (fs->st_size <= 8 * 1048576) {
126 		if ((p = mmap(NULL, (size_t)fs->st_size, PROT_READ,
127 		    MAP_FILE|MAP_SHARED, from_fd, (off_t)0)) == MAP_FAILED) {
128 			warn("mmap: %s", entp->fts_path);
129 			rval = 1;
130 		} else {
131 			madvise(p, fs->st_size, MADV_SEQUENTIAL);
132 			if (write(to_fd, p, fs->st_size) != fs->st_size) {
133 				warn("%s", to.p_path);
134 				rval = 1;
135 			}
136 			/* Some systems don't unmap on close(2). */
137 			if (munmap(p, fs->st_size) < 0) {
138 				warn("%s", entp->fts_path);
139 				rval = 1;
140 			}
141 		}
142 	} else
143 #endif
144 	{
145 		int skipholes = 0;
146 		struct stat tosb;
147 		if (!fstat(to_fd, &tosb) && S_ISREG(tosb.st_mode))
148 			skipholes = 1;
149 		while ((rcount = read(from_fd, buf, MAXBSIZE)) > 0) {
150 			if (skipholes && memcmp(buf, zeroes, rcount) == 0)
151 				wcount = lseek(to_fd, rcount, SEEK_CUR) == -1 ? -1 : rcount;
152 			else
153 				wcount = write(to_fd, buf, rcount);
154 			if (rcount != wcount || wcount == -1) {
155 				warn("%s", to.p_path);
156 				rval = 1;
157 				break;
158 			}
159 		}
160 		if (skipholes && rcount >= 0)
161 			rcount = ftruncate(to_fd, lseek(to_fd, 0, SEEK_CUR));
162 		if (rcount < 0) {
163 			warn("%s", entp->fts_path);
164 			rval = 1;
165 		}
166 	}
167 
168 	if (rval == 1) {
169 		(void)close(from_fd);
170 		(void)close(to_fd);
171 		return (1);
172 	}
173 
174 	if (pflag && setfile(fs, to_fd))
175 		rval = 1;
176 	/*
177 	 * If the source was setuid or setgid, lose the bits unless the
178 	 * copy is owned by the same user and group.
179 	 */
180 #define	RETAINBITS \
181 	(S_ISUID | S_ISGID | S_ISVTX | S_IRWXU | S_IRWXG | S_IRWXO)
182 	if (!pflag && dne &&
183 	    fs->st_mode & (S_ISUID | S_ISGID) && fs->st_uid == myuid) {
184 		if (fstat(to_fd, &to_stat)) {
185 			warn("%s", to.p_path);
186 			rval = 1;
187 		} else if (fs->st_gid == to_stat.st_gid &&
188 		    fchmod(to_fd, fs->st_mode & RETAINBITS & ~myumask)) {
189 			warn("%s", to.p_path);
190 			rval = 1;
191 		}
192 	}
193 	(void)close(from_fd);
194 	if (close(to_fd)) {
195 		warn("%s", to.p_path);
196 		rval = 1;
197 	}
198 	return (rval);
199 }
200 
201 int
202 copy_link(FTSENT *p, int exists)
203 {
204 	int len;
205 	char name[PATH_MAX];
206 
207 	if ((len = readlink(p->fts_path, name, sizeof(name)-1)) == -1) {
208 		warn("readlink: %s", p->fts_path);
209 		return (1);
210 	}
211 	name[len] = '\0';
212 	if (exists && unlink(to.p_path)) {
213 		warn("unlink: %s", to.p_path);
214 		return (1);
215 	}
216 	if (symlink(name, to.p_path)) {
217 		warn("symlink: %s", name);
218 		return (1);
219 	}
220 	return (pflag ? setfile(p->fts_statp, -1) : 0);
221 }
222 
223 int
224 copy_fifo(struct stat *from_stat, int exists)
225 {
226 	if (exists && unlink(to.p_path)) {
227 		warn("unlink: %s", to.p_path);
228 		return (1);
229 	}
230 	if (mkfifo(to.p_path, from_stat->st_mode)) {
231 		warn("mkfifo: %s", to.p_path);
232 		return (1);
233 	}
234 	return (pflag ? setfile(from_stat, -1) : 0);
235 }
236 
237 int
238 copy_special(struct stat *from_stat, int exists)
239 {
240 	if (exists && unlink(to.p_path)) {
241 		warn("unlink: %s", to.p_path);
242 		return (1);
243 	}
244 	if (mknod(to.p_path, from_stat->st_mode, from_stat->st_rdev)) {
245 		warn("mknod: %s", to.p_path);
246 		return (1);
247 	}
248 	return (pflag ? setfile(from_stat, -1) : 0);
249 }
250 
251 
252 int
253 setfile(struct stat *fs, int fd)
254 {
255 	struct timespec ts[2];
256 	int rval;
257 
258 	rval = 0;
259 	fs->st_mode &= S_ISTXT | S_ISUID | S_ISGID | S_IRWXU | S_IRWXG | S_IRWXO;
260 
261 	ts[0] = fs->st_atim;
262 	ts[1] = fs->st_mtim;
263 	if (fd >= 0 ? futimens(fd, ts) :
264 	    utimensat(AT_FDCWD, to.p_path, ts, AT_SYMLINK_NOFOLLOW)) {
265 		warn("update times: %s", to.p_path);
266 		rval = 1;
267 	}
268 	/*
269 	 * Changing the ownership probably won't succeed, unless we're root
270 	 * or POSIX_CHOWN_RESTRICTED is not set.  Set uid/gid before setting
271 	 * the mode; current BSD behavior is to remove all setuid bits on
272 	 * chown.  If chown fails, lose setuid/setgid bits.
273 	 */
274 	if (fd >= 0 ? fchown(fd, fs->st_uid, fs->st_gid) :
275 	    lchown(to.p_path, fs->st_uid, fs->st_gid)) {
276 		if (errno != EPERM) {
277 			warn("chown: %s", to.p_path);
278 			rval = 1;
279 		}
280 		fs->st_mode &= ~(S_ISTXT | S_ISUID | S_ISGID);
281 	}
282 	if (fd >= 0 ? fchmod(fd, fs->st_mode) :
283 	    fchmodat(AT_FDCWD, to.p_path, fs->st_mode, AT_SYMLINK_NOFOLLOW)) {
284 		warn("chmod: %s", to.p_path);
285 		rval = 1;
286 	}
287 
288 	/*
289 	 * XXX
290 	 * NFS doesn't support chflags; ignore errors unless there's reason
291 	 * to believe we're losing bits.  (Note, this still won't be right
292 	 * if the server supports flags and we were trying to *remove* flags
293 	 * on a file that we copied, i.e., that we didn't create.)
294 	 */
295 	errno = 0;
296 	if (fd >= 0 ? fchflags(fd, fs->st_flags) :
297 	    chflagsat(AT_FDCWD, to.p_path, fs->st_flags, AT_SYMLINK_NOFOLLOW))
298 		if (errno != EOPNOTSUPP || fs->st_flags != 0) {
299 			warn("chflags: %s", to.p_path);
300 			rval = 1;
301 		}
302 	return (rval);
303 }
304 
305 
306 void
307 usage(void)
308 {
309 	(void)fprintf(stderr,
310 	    "usage: %s [-fipv] [-R [-H | -L | -P]] source target\n", __progname);
311 	(void)fprintf(stderr,
312 	    "       %s [-fipv] [-R [-H | -L | -P]] source ... directory\n",
313 	    __progname);
314 	exit(1);
315 }
316