static void
do_fprintf (struct format_val *dest,
struct segment *segment,
const char *pathname,
const struct stat *stat_buf)
{
char hbuf[LONGEST_HUMAN_READABLE + 1];
const char *cp;
switch (segment->segkind)
{
case KIND_PLAIN: /* Plain text string (no % conversion). */
/* trusted */
checked_fwrite(segment->text, 1, segment->text_len, dest);
break;
case KIND_STOP: /* Terminate argument and flush output. */
/* trusted */
checked_fwrite (segment->text, 1, segment->text_len, dest);
checked_fflush (dest);
break;
case KIND_FORMAT:
switch (segment->format_char[0])
{
case 'a': /* atime in `ctime' format. */
/* UNTRUSTED, probably unexploitable */
checked_fprintf (dest, segment->text, ctime_format (get_stat_atime (stat_buf)));
break;
case 'b': /* size in 512-byte blocks */
/* UNTRUSTED, probably unexploitable */
checked_fprintf (dest, segment->text,
human_readable ((uintmax_t) ST_NBLOCKS (*stat_buf),
hbuf, human_ceiling,
ST_NBLOCKSIZE, 512));
break;
case 'c': /* ctime in `ctime' format */
/* UNTRUSTED, probably unexploitable */
checked_fprintf (dest, segment->text, ctime_format (get_stat_ctime (stat_buf)));
break;
case 'd': /* depth in search tree */
/* UNTRUSTED, probably unexploitable */
checked_fprintf (dest, segment->text, state.curdepth);
break;
case 'D': /* Device on which file exists (stat.st_dev) */
/* trusted */
checked_fprintf (dest, segment->text,
human_readable ((uintmax_t) stat_buf->st_dev, hbuf,
human_ceiling, 1, 1));
break;
case 'f': /* base name of path */
/* sanitised */
{
char *base = base_name (pathname);
checked_print_quoted (dest, segment->text, base);
free (base);
}
break;
case 'F': /* file system type */
/* trusted */
checked_print_quoted (dest, segment->text, filesystem_type (stat_buf, pathname));
break;
case 'g': /* group name */
/* trusted */
/* (well, the actual group is selected by the user but
* its name was selected by the system administrator)
*/
{
struct group *g;
g = getgrgid (stat_buf->st_gid);
if (g)
{
segment->text[segment->text_len] = 's';
checked_fprintf (dest, segment->text, g->gr_name);
break;
}
else
{
/* Do nothing. */
/*FALLTHROUGH*/
}
}
/*FALLTHROUGH*/ /*...sometimes, so 'G' case.*/
case 'G': /* GID number */
/* UNTRUSTED, probably unexploitable */
checked_fprintf (dest, segment->text,
human_readable ((uintmax_t) stat_buf->st_gid, hbuf,
human_ceiling, 1, 1));
break;
case 'h': /* leading directories part of path */
/* sanitised */
{
cp = strrchr (pathname, '/');
if (cp == NULL) /* No leading directories. */
{
/* If there is no slash in the pathname, we still
* print the string because it contains characters
* other than just '%s'. The %h expands to ".".
*/
checked_print_quoted (dest, segment->text, ".");
}
else
{
char *s = strdup (pathname);
s[cp - pathname] = 0;
checked_print_quoted (dest, segment->text, s);
free (s);
}
}
break;
case 'H': /* ARGV element file was found under */
/* trusted */
{
char *s = xmalloc (state.starting_path_length+1);
memcpy (s, pathname, state.starting_path_length);
s[state.starting_path_length] = 0;
checked_fprintf (dest, segment->text, s);
free (s);
}
break;
case 'i': /* inode number */
/* UNTRUSTED, but not exploitable I think */
/* POSIX does not guarantee that ino_t is unsigned or even
* integral (except as an XSI extension), but we'll work on
* fixing that if we ever get a report of a system where
* ino_t is indeed a signed integral type or a non-integral
* arithmetic type. */
checked_fprintf (dest, segment->text,
human_readable ((uintmax_t) stat_buf->st_ino, hbuf,
human_ceiling,
1, 1));
break;
case 'k': /* size in 1K blocks */
/* UNTRUSTED, but not exploitable I think */
checked_fprintf (dest, segment->text,
human_readable ((uintmax_t) ST_NBLOCKS (*stat_buf),
hbuf, human_ceiling,
ST_NBLOCKSIZE, 1024));
break;
case 'l': /* object of symlink */
/* sanitised */
#ifdef S_ISLNK
{
char *linkname = 0;
if (S_ISLNK (stat_buf->st_mode))
{
linkname = areadlinkat (state.cwd_dir_fd, state.rel_pathname);
if (linkname == NULL)
{
nonfatal_target_file_error (errno, pathname);
state.exit_status = 1;
}
}
if (linkname)
{
checked_print_quoted (dest, segment->text, linkname);
}
else
{
/* We still need to honour the field width etc., so this is
* not a no-op.
*/
checked_print_quoted (dest, segment->text, "");
}
free (linkname);
}
#endif /* S_ISLNK */
break;
case 'M': /* mode as 10 chars (eg., "-rwxr-x--x" */
/* UNTRUSTED, probably unexploitable */
{
char modestring[16] ;
filemodestring (stat_buf, modestring);
modestring[10] = '\0';
checked_fprintf (dest, segment->text, modestring);
}
break;
case 'm': /* mode as octal number (perms only) */
/* UNTRUSTED, probably unexploitable */
{
/* Output the mode portably using the traditional numbers,
even if the host unwisely uses some other numbering
scheme. But help the compiler in the common case where
the host uses the traditional numbering scheme. */
mode_t m = stat_buf->st_mode;
bool traditional_numbering_scheme =
(S_ISUID == 04000 && S_ISGID == 02000 && S_ISVTX == 01000
&& S_IRUSR == 00400 && S_IWUSR == 00200 && S_IXUSR == 00100
&& S_IRGRP == 00040 && S_IWGRP == 00020 && S_IXGRP == 00010
&& S_IROTH == 00004 && S_IWOTH == 00002 && S_IXOTH == 00001);
checked_fprintf (dest, segment->text,
(traditional_numbering_scheme
? m & MODE_ALL
: ((m & S_ISUID ? 04000 : 0)
| (m & S_ISGID ? 02000 : 0)
| (m & S_ISVTX ? 01000 : 0)
| (m & S_IRUSR ? 00400 : 0)
| (m & S_IWUSR ? 00200 : 0)
| (m & S_IXUSR ? 00100 : 0)
| (m & S_IRGRP ? 00040 : 0)
| (m & S_IWGRP ? 00020 : 0)
| (m & S_IXGRP ? 00010 : 0)
| (m & S_IROTH ? 00004 : 0)
| (m & S_IWOTH ? 00002 : 0)
| (m & S_IXOTH ? 00001 : 0))));
}
break;
case 'n': /* number of links */
/* UNTRUSTED, probably unexploitable */
checked_fprintf (dest, segment->text,
human_readable ((uintmax_t) stat_buf->st_nlink,
hbuf,
human_ceiling,
1, 1));
break;
case 'p': /* pathname */
/* sanitised */
checked_print_quoted (dest, segment->text, pathname);
break;
case 'P': /* pathname with ARGV element stripped */
/* sanitised */
if (state.curdepth > 0)
{
cp = pathname + state.starting_path_length;
if (*cp == '/')
/* Move past the slash between the ARGV element
and the rest of the pathname. But if the ARGV element
ends in a slash, we didn't add another, so we've
already skipped past it. */
cp++;
}
else
{
cp = "";
}
checked_print_quoted (dest, segment->text, cp);
break;
case 's': /* size in bytes */
/* UNTRUSTED, probably unexploitable */
checked_fprintf (dest, segment->text,
human_readable ((uintmax_t) stat_buf->st_size,
hbuf, human_ceiling, 1, 1));
break;
case 'S': /* sparseness */
/* UNTRUSTED, probably unexploitable */
checked_fprintf (dest, segment->text, file_sparseness (stat_buf));
break;
case 't': /* mtime in `ctime' format */
/* UNTRUSTED, probably unexploitable */
checked_fprintf (dest, segment->text,
ctime_format (get_stat_mtime (stat_buf)));
break;
case 'u': /* user name */
/* trusted */
/* (well, the actual user is selected by the user on systems
* where chown is not restricted, but the user name was
* selected by the system administrator)
*/
{
struct passwd *p;
p = getpwuid (stat_buf->st_uid);
if (p)
{
segment->text[segment->text_len] = 's';
checked_fprintf (dest, segment->text, p->pw_name);
break;
}
/* else fallthru */
}
/* FALLTHROUGH*/ /* .. to case U */
case 'U': /* UID number */
/* UNTRUSTED, probably unexploitable */
checked_fprintf (dest, segment->text,
human_readable ((uintmax_t) stat_buf->st_uid, hbuf,
human_ceiling, 1, 1));
break;
/* %Y: type of file system entry like `ls -l`:
* (d,-,l,s,p,b,c,n) n=nonexistent (symlink)
*/
case 'Y': /* in case of symlink */
/* trusted */
{
#ifdef S_ISLNK
if (S_ISLNK (stat_buf->st_mode))
{
struct stat sbuf;
/* If we would normally follow links, do not do so.
* If we would normally not follow links, do so.
*/
if ((following_links () ? optionp_stat : optionl_stat)
(state.rel_pathname, &sbuf) != 0)
{
if ( errno == ENOENT )
{
checked_fprintf (dest, segment->text, "N");
break;
}
else if ( errno == ELOOP )
{
checked_fprintf (dest, segment->text, "L");
break;
}
else
{
checked_fprintf (dest, segment->text, "?");
error (0, errno, "%s",
safely_quote_err_filename (0, pathname));
/* exit_status = 1;
return ; */
break;
}
}
checked_fprintf (dest, segment->text,
mode_to_filetype (sbuf.st_mode & S_IFMT));
}
#endif /* S_ISLNK */
else
{
checked_fprintf (dest, segment->text,
mode_to_filetype (stat_buf->st_mode & S_IFMT));
}
}
break;
case 'y':
/* trusted */
{
checked_fprintf (dest, segment->text,
mode_to_filetype (stat_buf->st_mode & S_IFMT));
}
break;
case 'Z': /* SELinux security context */
{
security_context_t scontext;
int rv = (*options.x_getfilecon) (state.cwd_dir_fd, state.rel_pathname,
&scontext);
if (rv < 0)
{
/* If getfilecon fails, there will in the general case
still be some text to print. We just make %Z expand
to an empty string. */
checked_fprintf (dest, segment->text, "");
error (0, errno, _("getfilecon failed: %s"),
safely_quote_err_filename (0, pathname));
state.exit_status = 1;
}
else
{
checked_fprintf (dest, segment->text, scontext);
freecon (scontext);
}
}
break;
case 0:
case '%':
checked_fprintf (dest, segment->text);
break;
}
/* end of KIND_FORMAT case */
break;
}
}
/**
* Allocate a new inode with parent as the parent directory node and name as the filename
* within that parent directory. Returns a pointer to a memory-copy of the node which
* the client can (and should) free.
* 'ftype' is file type, used when adding the entry to the parent dir. 1 for regular file,
* 2 for directory, etc... 'no' is the inode number of 'parent'.
* Upon return, the inode number of the newly allocated inode will be stored in 'inode_no'.
*
* This function assumes that parent directory 'parent' does not contain any entry with
* same name as 'name'. Caller shuold ensure this.
* Note that inode just created using this function has size of 0, which means no data
* blocks have been allocated to the inode.
*/
ext2_inodetable_t *ext2_disk_alloc_inode
(
ext2_inodetable_t *parent,
uint32_t no,
char *name,
uint16_t mode,
uint32_t *inode_no
) {
if ((parent->mode & EXT2_S_IFDIR) == 0 || name == NULL) {
kprintf("[kernel/ext2] No name or bad parent.\n");
return NULL;
}
ext2_inodetable_t *inode;
uint32_t node_no = 0, node_offset = 0, group = 0;
char *bg_buffer = malloc(BLOCKSIZE);
/* Locate a block with an available inode. Will probably be the first block group. */
for (uint32_t i = 0; i < BGDS; ++i) {
if (BGD[i].free_inodes_count > 0) {
#if EXT2_DEBUG_BLOCK_DESCRIPTORS
kprintf("Group %d has %d free inodes!\n", i, BGD[i].free_inodes_count);
#endif
ext2_disk_read_block(BGD[i].inode_bitmap, (uint8_t *)bg_buffer);
while (BLOCKBIT(node_offset))
++node_offset;
node_no = node_offset + ext2_disk_inodes_per_group * i + 1;
group = i;
break;
}
}
if (!node_no) {
kprintf("[kernel/ext2] Failure: No free inodes in block descriptors!\n");
free(bg_buffer);
return NULL;
}
/* Alright, we found an inode (node_no), we need to mark it as in-use... */
uint8_t b = BLOCKBYTE(node_offset);
#if EXT2_DEBUG_BLOCK_DESCRIPTORS
kprintf("Located an inode at #%d (%d), the byte for this block is currently set to %x\n", node_no, node_offset, (uint32_t)b);
#endif
b |= SETBIT(node_offset);
#if EXT2_DEBUG_BLOCK_DESCRIPTORS
kprintf("We would want to set it to %x\n", (uint32_t)b);
kprintf("Setting it in our temporary buffer...\n");
#endif
BLOCKBYTE(node_offset) = b;
#if EXT2_DEBUG_BLOCK_DESCRIPTORS
kprintf("\nWriting back out.\n");
#endif
ext2_disk_write_block(BGD[group].inode_bitmap, (uint8_t *)bg_buffer);
free(bg_buffer);
#if EXT2_DEBUG_BLOCK_DESCRIPTORS
kprintf("Okay, now we need to update the available inodes count...\n");
kprintf("it is %d, it should be %d\n", BGD[group].free_inodes_count, BGD[group].free_inodes_count - 1);
kprintf("\n");
kprintf("%d\n", BGD[group].free_inodes_count);
#endif
BGD[group].free_inodes_count -= 1;
#if EXT2_DEBUG_BLOCK_DESCRIPTORS
kprintf("%d\n", BGD[group].free_inodes_count);
kprintf("\nOkay, writing the block descriptors back to disk.\n");
#endif
ext2_disk_write_block(2, (uint8_t *)BGD);
#if EXT2_DEBUG_BLOCK_DESCRIPTORS
kprintf("Alright, we have an inode (%d), time to write it out to disk and make the file in the directory.\n", node_no);
#endif
// Get the inode struct from the disk and init it
inode = ext2_disk_inode(node_no);
inode->size = 0;
inode->blocks = 0;
inode->mode = mode;
ext2_disk_write_inode(inode, node_no);
*inode_no = node_no;
// Create an entry in the parent directory
uint8_t ftype = mode_to_filetype(mode);
kprintf("[kernel/ext2] Allocated inode, inserting directory entry [%d]...\n", node_no);
insertdir_ext2_disk(parent, no, node_no, name, ftype);
return inode;
}
