summaryrefslogtreecommitdiff
path: root/sysdeps/unix/sysv/linux/faccessat.c
blob: fcb2dc80ca83de2a5abe37a1e6ac4b8031ed44cc (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
/* Test for access to file, relative to open directory.  Linux version.
   Copyright (C) 2006-2013 Free Software Foundation, Inc.
   This file is part of the GNU C Library.

   The GNU C Library is free software; you can redistribute it and/or
   modify it under the terms of the GNU Lesser General Public
   License as published by the Free Software Foundation; either
   version 2.1 of the License, or (at your option) any later version.

   The GNU C Library is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   Lesser General Public License for more details.

   You should have received a copy of the GNU Lesser General Public
   License along with the GNU C Library; if not, see
   <http://www.gnu.org/licenses/>.  */

#include <errno.h>
#include <fcntl.h>
#include <stddef.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <alloca.h>
#include <kernel-features.h>
#include <sysdep.h>


int
faccessat (fd, file, mode, flag)
     int fd;
     const char *file;
     int mode;
     int flag;
{
  if (flag & ~(AT_SYMLINK_NOFOLLOW | AT_EACCESS))
    {
      __set_errno (EINVAL);
      return -1;
    }

#ifdef __NR_faccessat
  if ((flag == 0 || ((flag & ~AT_EACCESS) == 0 && ! __libc_enable_secure))
# ifndef __ASSUME_ATFCTS
      && __have_atfcts >= 0
# endif
      )
    {
      int result = INLINE_SYSCALL (faccessat, 3, fd, file, mode);
# ifndef __ASSUME_ATFCTS
      if (result == -1 && errno == ENOSYS)
	__have_atfcts = -1;
      else
# endif
	return result;
    }
#endif

#ifndef __ASSUME_ATFCTS
  if ((!(flag & AT_EACCESS) || ! __libc_enable_secure)
# ifndef __NR_laccess		/* Linux so far has no laccess syscall.  */
      && !(flag & AT_SYMLINK_NOFOLLOW)
# endif
      )
    {
      /* If we are not set-uid or set-gid, access does the same.  */
      char *buf = NULL;

      if (fd != AT_FDCWD && file[0] != '/')
	{
	  size_t filelen = strlen (file);
	  if (__builtin_expect (filelen == 0, 0))
	    {
	      __set_errno (ENOENT);
	      return -1;
	    }

	  static const char procfd[] = "/proc/self/fd/%d/%s";
	  /* Buffer for the path name we are going to use.  It consists of
	     - the string /proc/self/fd/
	     - the file descriptor number
	     - the file name provided.
	     The final NUL is included in the sizeof.   A bit of overhead
	     due to the format elements compensates for possible negative
	     numbers.  */
	  size_t buflen = sizeof (procfd) + sizeof (int) * 3 + filelen;
	  buf = alloca (buflen);

	  __snprintf (buf, buflen, procfd, fd, file);
	  file = buf;
	}

      int result;
      INTERNAL_SYSCALL_DECL (err);

# ifdef __NR_laccess
      if (flag & AT_SYMLINK_NOFOLLOW)
	result = INTERNAL_SYSCALL (laccess, err, 2, file, mode);
      else
# endif
	result = INTERNAL_SYSCALL (access, err, 2, file, mode);

      if (__builtin_expect (INTERNAL_SYSCALL_ERROR_P (result, err), 0))
	{
	  __atfct_seterrno (INTERNAL_SYSCALL_ERRNO (result, err), fd, buf);
	  result = -1;
	}

      return result;
    }
#endif

  struct stat64 stats;
  if (__fxstatat64 (_STAT_VER, fd, file, &stats, flag & AT_SYMLINK_NOFOLLOW))
    return -1;

  mode &= (X_OK | W_OK | R_OK);	/* Clear any bogus bits. */
#if R_OK != S_IROTH || W_OK != S_IWOTH || X_OK != S_IXOTH
# error Oops, portability assumptions incorrect.
#endif

  if (mode == F_OK)
    return 0;			/* The file exists. */

  uid_t uid = (flag & AT_EACCESS) ? __geteuid () : __getuid ();

  /* The super-user can read and write any file, and execute any file
     that anyone can execute. */
  if (uid == 0 && ((mode & X_OK) == 0
		   || (stats.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))))
    return 0;

  int granted = (uid == stats.st_uid
		 ? (unsigned int) (stats.st_mode & (mode << 6)) >> 6
		 : (stats.st_gid == ((flag & AT_EACCESS)
				     ? __getegid () : __getgid ())
		    || __group_member (stats.st_gid))
		 ? (unsigned int) (stats.st_mode & (mode << 3)) >> 3
		 : (stats.st_mode & mode));

  if (granted == mode)
    return 0;

  __set_errno (EACCES);
  return -1;
}