xref: /openbsd-src/bin/cp/utils.c (revision db3296cf5c1dd9058ceecc3a29fe4aaa0bd26000) 
1 /*	$OpenBSD: utils.c,v 1.23 2003/07/29 00:24:14 deraadt Exp $	*/
2 /*	$NetBSD: utils.c,v 1.6 1997/02/26 14:40:51 cgd Exp $	*/
3 
4 /*-
5  * Copyright (c) 1991, 1993, 1994
6  *	The Regents of the University of California.  All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  * 3. Neither the name of the University nor the names of its contributors
17  *    may be used to endorse or promote products derived from this software
18  *    without specific prior written permission.
19  *
20  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30  * SUCH DAMAGE.
31  */
32 
33 #ifndef lint
34 #if 0
35 static char sccsid[] = "@(#)utils.c	8.3 (Berkeley) 4/1/94";
36 #else
37 static char rcsid[] = "$OpenBSD: utils.c,v 1.23 2003/07/29 00:24:14 deraadt Exp $";
38 #endif
39 #endif /* not lint */
40 
41 #include <sys/param.h>
42 #include <sys/stat.h>
43 #include <sys/mman.h>
44 #include <sys/time.h>
45 
46 #include <err.h>
47 #include <errno.h>
48 #include <fcntl.h>
49 #include <fts.h>
50 #include <stdio.h>
51 #include <stdlib.h>
52 #include <string.h>
53 #include <unistd.h>
54 
55 #include "extern.h"
56 
57 int
58 copy_file(FTSENT *entp, int dne)
59 {
60 	static char buf[MAXBSIZE];
61 	struct stat to_stat, *fs;
62 	int ch, checkch, from_fd, rcount, rval, to_fd, wcount;
63 #ifdef VM_AND_BUFFER_CACHE_SYNCHRONIZED
64 	char *p;
65 #endif
66 
67 	if ((from_fd = open(entp->fts_path, O_RDONLY, 0)) == -1) {
68 		warn("%s", entp->fts_path);
69 		return (1);
70 	}
71 
72 	fs = entp->fts_statp;
73 
74 	/*
75 	 * In -f (force) mode, we always unlink the destination first
76 	 * if it exists.  Note that -i and -f are mutually exclusive.
77 	 */
78 	if (!dne && fflag)
79 		(void)unlink(to.p_path);
80 
81 	/*
82 	 * If the file exists and we're interactive, verify with the user.
83 	 * If the file DNE, set the mode to be the from file, minus setuid
84 	 * bits, modified by the umask; arguably wrong, but it makes copying
85 	 * executables work right and it's been that way forever.  (The
86 	 * other choice is 666 or'ed with the execute bits on the from file
87 	 * modified by the umask.)
88 	 */
89 	if (!dne && !fflag) {
90 		if (iflag) {
91 			(void)fprintf(stderr, "overwrite %s? ", to.p_path);
92 			checkch = ch = getchar();
93 			while (ch != '\n' && ch != EOF)
94 				ch = getchar();
95 			if (checkch != 'y' && checkch != 'Y') {
96 				(void)close(from_fd);
97 				return (0);
98 			}
99 		}
100 		to_fd = open(to.p_path, O_WRONLY | O_TRUNC, 0);
101 	} else
102 		to_fd = open(to.p_path, O_WRONLY | O_TRUNC | O_CREAT,
103 		    fs->st_mode & ~(S_ISTXT | S_ISUID | S_ISGID));
104 
105 	if (to_fd == -1) {
106 		warn("%s", to.p_path);
107 		(void)close(from_fd);
108 		return (1);;
109 	}
110 
111 	rval = 0;
112 
113 	/*
114 	 * Mmap and write if less than 8M (the limit is so we don't totally
115 	 * trash memory on big files.  This is really a minor hack, but it
116 	 * wins some CPU back.
117 	 */
118 #ifdef VM_AND_BUFFER_CACHE_SYNCHRONIZED
119 	if (fs->st_size <= 8 * 1048576) {
120 		if ((p = mmap(NULL, (size_t)fs->st_size, PROT_READ,
121 		    MAP_FILE|MAP_SHARED, from_fd, (off_t)0)) == MAP_FAILED) {
122 			warn("mmap: %s", entp->fts_path);
123 			rval = 1;
124 		} else {
125 			if (write(to_fd, p, fs->st_size) != fs->st_size) {
126 				warn("%s", to.p_path);
127 				rval = 1;
128 			}
129 			/* Some systems don't unmap on close(2). */
130 			if (munmap(p, fs->st_size) < 0) {
131 				warn("%s", entp->fts_path);
132 				rval = 1;
133 			}
134 		}
135 	} else
136 #endif
137 	{
138 		while ((rcount = read(from_fd, buf, MAXBSIZE)) > 0) {
139 			wcount = write(to_fd, buf, rcount);
140 			if (rcount != wcount || wcount == -1) {
141 				warn("%s", to.p_path);
142 				rval = 1;
143 				break;
144 			}
145 		}
146 		if (rcount < 0) {
147 			warn("%s", entp->fts_path);
148 			rval = 1;
149 		}
150 	}
151 
152 	if (rval == 1) {
153 		(void)close(from_fd);
154 		(void)close(to_fd);
155 		return (1);
156 	}
157 
158 	if (pflag && setfile(fs, to_fd))
159 		rval = 1;
160 	/*
161 	 * If the source was setuid or setgid, lose the bits unless the
162 	 * copy is owned by the same user and group.
163 	 */
164 #define	RETAINBITS \
165 	(S_ISUID | S_ISGID | S_ISVTX | S_IRWXU | S_IRWXG | S_IRWXO)
166 	else if (fs->st_mode & (S_ISUID | S_ISGID) && fs->st_uid == myuid) {
167 		if (fstat(to_fd, &to_stat)) {
168 			warn("%s", to.p_path);
169 			rval = 1;
170 		} else if (fs->st_gid == to_stat.st_gid &&
171 		    fchmod(to_fd, fs->st_mode & RETAINBITS & ~myumask)) {
172 			warn("%s", to.p_path);
173 			rval = 1;
174 		}
175 	}
176 	(void)close(from_fd);
177 	if (close(to_fd)) {
178 		warn("%s", to.p_path);
179 		rval = 1;
180 	}
181 	return (rval);
182 }
183 
184 int
185 copy_link(FTSENT *p, int exists)
186 {
187 	int len;
188 	char link[MAXPATHLEN];
189 
190 	if ((len = readlink(p->fts_path, link, sizeof(link)-1)) == -1) {
191 		warn("readlink: %s", p->fts_path);
192 		return (1);
193 	}
194 	link[len] = '\0';
195 	if (exists && unlink(to.p_path)) {
196 		warn("unlink: %s", to.p_path);
197 		return (1);
198 	}
199 	if (symlink(link, to.p_path)) {
200 		warn("symlink: %s", link);
201 		return (1);
202 	}
203 	return (pflag ? setlink(p->fts_statp) : 0);
204 }
205 
206 int
207 copy_fifo(struct stat *from_stat, int exists)
208 {
209 	if (exists && unlink(to.p_path)) {
210 		warn("unlink: %s", to.p_path);
211 		return (1);
212 	}
213 	if (mkfifo(to.p_path, from_stat->st_mode)) {
214 		warn("mkfifo: %s", to.p_path);
215 		return (1);
216 	}
217 	return (pflag ? setfile(from_stat, 0) : 0);
218 }
219 
220 int
221 copy_special(struct stat *from_stat, int exists)
222 {
223 	if (exists && unlink(to.p_path)) {
224 		warn("unlink: %s", to.p_path);
225 		return (1);
226 	}
227 	if (mknod(to.p_path, from_stat->st_mode, from_stat->st_rdev)) {
228 		warn("mknod: %s", to.p_path);
229 		return (1);
230 	}
231 	return (pflag ? setfile(from_stat, 0) : 0);
232 }
233 
234 
235 int
236 setfile(struct stat *fs, int fd)
237 {
238 	static struct timeval tv[2];
239 	int rval;
240 
241 	rval = 0;
242 	fs->st_mode &= S_ISTXT | S_ISUID | S_ISGID | S_IRWXU | S_IRWXG | S_IRWXO;
243 
244 	TIMESPEC_TO_TIMEVAL(&tv[0], &fs->st_atimespec);
245 	TIMESPEC_TO_TIMEVAL(&tv[1], &fs->st_mtimespec);
246 	if (utimes(to.p_path, tv)) {
247 		warn("utimes: %s", to.p_path);
248 		rval = 1;
249 	}
250 	/*
251 	 * Changing the ownership probably won't succeed, unless we're root
252 	 * or POSIX_CHOWN_RESTRICTED is not set.  Set uid/gid before setting
253 	 * the mode; current BSD behavior is to remove all setuid bits on
254 	 * chown.  If chown fails, lose setuid/setgid bits.
255 	 */
256 	if (fd ? fchown(fd, fs->st_uid, fs->st_gid) :
257 	    chown(to.p_path, fs->st_uid, fs->st_gid)) {
258 		if (errno != EPERM) {
259 			warn("chown: %s", to.p_path);
260 			rval = 1;
261 		}
262 		fs->st_mode &= ~(S_ISTXT | S_ISUID | S_ISGID);
263 	}
264 	if (fd ? fchmod(fd, fs->st_mode) : chmod(to.p_path, fs->st_mode)) {
265 		warn("chown: %s", to.p_path);
266 		rval = 1;
267 	}
268 
269 	/*
270 	 * XXX
271 	 * NFS doesn't support chflags; ignore errors unless there's reason
272 	 * to believe we're losing bits.  (Note, this still won't be right
273 	 * if the server supports flags and we were trying to *remove* flags
274 	 * on a file that we copied, i.e., that we didn't create.)
275 	 */
276 	errno = 0;
277 	if (fd ? fchflags(fd, fs->st_flags) : chflags(to.p_path, fs->st_flags))
278 		if (errno != EOPNOTSUPP || fs->st_flags != 0) {
279 			warn("chflags: %s", to.p_path);
280 			rval = 1;
281 		}
282 	return (rval);
283 }
284 
285 
286 int
287 setlink(struct stat *fs)
288 {
289 
290 	if (lchown(to.p_path, fs->st_uid, fs->st_gid)) {
291 		if (errno != EPERM) {
292 			warn("lchown: %s", to.p_path);
293 			return (1);
294 		}
295 	}
296 	return (0);
297 }
298 
299 
300 void
301 usage(void)
302 {
303 	(void)fprintf(stderr,
304 	    "usage: %s [-R [-H | -L | -P]] [-fip] src target\n", __progname);
305 	(void)fprintf(stderr,
306 	    "       %s [-R [-H | -L | -P]] [-fip] src1 ... srcN directory\n",
307 	    __progname);
308 	exit(1);
309 }
310