Introduce the GLOB_MAXPATH flag, which allows the user to limit the
number of paths which glob(3) will return. Remove the hardcoded limit from the last commit, which restores the previous unbounded behavior. Document the new flag in the manual page.
This commit is contained in:
parent
5070a55a81
commit
b7db4c94c3
@ -34,6 +34,7 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)glob.h 8.1 (Berkeley) 6/2/93
|
||||
* $FreeBSD$
|
||||
*/
|
||||
|
||||
#ifndef _GLOB_H_
|
||||
@ -76,9 +77,11 @@ typedef struct {
|
||||
#define GLOB_NOMAGIC 0x0200 /* GLOB_NOCHECK without magic chars (csh). */
|
||||
#define GLOB_QUOTE 0x0400 /* Quote special chars with \. */
|
||||
#define GLOB_TILDE 0x0800 /* Expand tilde names from the passwd file. */
|
||||
#define GLOB_MAXPATH 0x1000 /* limit number of returned paths */
|
||||
|
||||
#define GLOB_NOSPACE (-1) /* Malloc call failed. */
|
||||
#define GLOB_ABEND (-2) /* Unignored error. */
|
||||
#define GLOB_LIMIT (-3) /* Path limit was hit. */
|
||||
|
||||
__BEGIN_DECLS
|
||||
int glob __P((const char *, int, int (*)(const char *, int), glob_t *));
|
||||
|
@ -260,6 +260,14 @@ character, avoiding any special interpretation of the character.
|
||||
Expand patterns that start with
|
||||
.Ql ~
|
||||
to user name home directories.
|
||||
.It Dv GLOB_MAXPATH
|
||||
Limit the total number of returned pathnames to the value provided in
|
||||
.Fa gl_matchc .
|
||||
If
|
||||
.Fn glob
|
||||
would match more pathnames,
|
||||
.Dv GLOB_LIMIT
|
||||
will be returned.
|
||||
.El
|
||||
.Pp
|
||||
If, during the search, a directory is encountered that cannot be opened
|
||||
@ -376,6 +384,14 @@ The scan was stopped because an error was encountered and either
|
||||
was set or
|
||||
.Fa \*(lp*errfunc\*(rp\*(lp\*(rp
|
||||
returned non-zero.
|
||||
.It Dv GLOB_LIMIT
|
||||
The flag
|
||||
.Dv GLOB_MAXPATH
|
||||
was provided, and the specified limit passed to
|
||||
.Fn glob
|
||||
in
|
||||
.Fa pglob\->gl_matchc
|
||||
was reached.
|
||||
.El
|
||||
.Pp
|
||||
The arguments
|
||||
@ -412,6 +428,7 @@ that the flags
|
||||
.Dv GLOB_ALTDIRFUNC ,
|
||||
.Dv GLOB_BRACE ,
|
||||
.Dv GLOB_MAGCHAR ,
|
||||
.Dv GLOB_MAXPATH ,
|
||||
.Dv GLOB_NOMAGIC ,
|
||||
.Dv GLOB_QUOTE ,
|
||||
and
|
||||
|
@ -80,14 +80,6 @@ static char sccsid[] = "@(#)glob.c 8.3 (Berkeley) 10/13/93";
|
||||
|
||||
#include "collate.h"
|
||||
|
||||
/*
|
||||
* XXX
|
||||
* Arbitrarily limit the number of pathnames that glob may
|
||||
* return, to prevent DoS attacks. This should probably be
|
||||
* configurable by the user.
|
||||
*/
|
||||
#define MAX_GLOBENTRIES 16384
|
||||
|
||||
#define DOLLAR '$'
|
||||
#define DOT '.'
|
||||
#define EOS '\0'
|
||||
@ -147,14 +139,14 @@ static Char *g_strchr __P((Char *, int));
|
||||
static Char *g_strcat __P((Char *, const Char *));
|
||||
#endif
|
||||
static int g_stat __P((Char *, struct stat *, glob_t *));
|
||||
static int glob0 __P((const Char *, glob_t *));
|
||||
static int glob1 __P((Char *, glob_t *));
|
||||
static int glob2 __P((Char *, Char *, Char *, glob_t *));
|
||||
static int glob3 __P((Char *, Char *, Char *, Char *, glob_t *));
|
||||
static int globextend __P((const Char *, glob_t *));
|
||||
static int glob0 __P((const Char *, glob_t *, int *));
|
||||
static int glob1 __P((Char *, glob_t *, int *));
|
||||
static int glob2 __P((Char *, Char *, Char *, glob_t *, int *));
|
||||
static int glob3 __P((Char *, Char *, Char *, Char *, glob_t *, int *));
|
||||
static int globextend __P((const Char *, glob_t *, int *));
|
||||
static const Char * globtilde __P((const Char *, Char *, size_t, glob_t *));
|
||||
static int globexp1 __P((const Char *, glob_t *));
|
||||
static int globexp2 __P((const Char *, const Char *, glob_t *, int *));
|
||||
static int globexp1 __P((const Char *, glob_t *, int *));
|
||||
static int globexp2 __P((const Char *, const Char *, glob_t *, int *, int *));
|
||||
static int match __P((Char *, Char *, Char *));
|
||||
#ifdef DEBUG
|
||||
static void qprintf __P((const char *, Char *));
|
||||
@ -167,7 +159,7 @@ glob(pattern, flags, errfunc, pglob)
|
||||
glob_t *pglob;
|
||||
{
|
||||
const u_char *patnext;
|
||||
int c;
|
||||
int c, limit;
|
||||
Char *bufnext, *bufend, patbuf[MAXPATHLEN+1];
|
||||
|
||||
patnext = (u_char *) pattern;
|
||||
@ -177,6 +169,10 @@ glob(pattern, flags, errfunc, pglob)
|
||||
if (!(flags & GLOB_DOOFFS))
|
||||
pglob->gl_offs = 0;
|
||||
}
|
||||
if (flags & GLOB_MAXPATH)
|
||||
limit = pglob->gl_matchc;
|
||||
else
|
||||
limit = 0;
|
||||
pglob->gl_flags = flags & ~GLOB_MAGCHAR;
|
||||
pglob->gl_errfunc = errfunc;
|
||||
pglob->gl_matchc = 0;
|
||||
@ -202,9 +198,9 @@ glob(pattern, flags, errfunc, pglob)
|
||||
*bufnext = EOS;
|
||||
|
||||
if (flags & GLOB_BRACE)
|
||||
return globexp1(patbuf, pglob);
|
||||
return globexp1(patbuf, pglob, &limit);
|
||||
else
|
||||
return glob0(patbuf, pglob);
|
||||
return glob0(patbuf, pglob, &limit);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -212,22 +208,23 @@ glob(pattern, flags, errfunc, pglob)
|
||||
* invoke the standard globbing routine to glob the rest of the magic
|
||||
* characters
|
||||
*/
|
||||
static int globexp1(pattern, pglob)
|
||||
static int globexp1(pattern, pglob, limit)
|
||||
const Char *pattern;
|
||||
glob_t *pglob;
|
||||
int *limit;
|
||||
{
|
||||
const Char* ptr = pattern;
|
||||
int rv;
|
||||
|
||||
/* Protect a single {}, for find(1), like csh */
|
||||
if (pattern[0] == LBRACE && pattern[1] == RBRACE && pattern[2] == EOS)
|
||||
return glob0(pattern, pglob);
|
||||
return glob0(pattern, pglob, limit);
|
||||
|
||||
while ((ptr = (const Char *) g_strchr((Char *) ptr, LBRACE)) != NULL)
|
||||
if (!globexp2(ptr, pattern, pglob, &rv))
|
||||
if (!globexp2(ptr, pattern, pglob, &rv, limit))
|
||||
return rv;
|
||||
|
||||
return glob0(pattern, pglob);
|
||||
return glob0(pattern, pglob, limit);
|
||||
}
|
||||
|
||||
|
||||
@ -236,10 +233,10 @@ static int globexp1(pattern, pglob)
|
||||
* If it succeeds then it invokes globexp1 with the new pattern.
|
||||
* If it fails then it tries to glob the rest of the pattern and returns.
|
||||
*/
|
||||
static int globexp2(ptr, pattern, pglob, rv)
|
||||
static int globexp2(ptr, pattern, pglob, rv, limit)
|
||||
const Char *ptr, *pattern;
|
||||
glob_t *pglob;
|
||||
int *rv;
|
||||
int *rv, *limit;
|
||||
{
|
||||
int i;
|
||||
Char *lm, *ls;
|
||||
@ -275,7 +272,7 @@ static int globexp2(ptr, pattern, pglob, rv)
|
||||
|
||||
/* Non matching braces; just glob the pattern */
|
||||
if (i != 0 || *pe == EOS) {
|
||||
*rv = glob0(patbuf, pglob);
|
||||
*rv = glob0(patbuf, pglob, limit);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -322,7 +319,7 @@ static int globexp2(ptr, pattern, pglob, rv)
|
||||
#ifdef DEBUG
|
||||
qprintf("globexp2:", patbuf);
|
||||
#endif
|
||||
*rv = globexp1(patbuf, pglob);
|
||||
*rv = globexp1(patbuf, pglob, limit);
|
||||
|
||||
/* move after the comma, to the next string */
|
||||
pl = pm + 1;
|
||||
@ -416,9 +413,10 @@ globtilde(pattern, patbuf, patbuf_len, pglob)
|
||||
* to find no matches.
|
||||
*/
|
||||
static int
|
||||
glob0(pattern, pglob)
|
||||
glob0(pattern, pglob, limit)
|
||||
const Char *pattern;
|
||||
glob_t *pglob;
|
||||
int *limit;
|
||||
{
|
||||
const Char *qpatnext;
|
||||
int c, err, oldpathc;
|
||||
@ -481,7 +479,7 @@ glob0(pattern, pglob)
|
||||
qprintf("glob0:", patbuf);
|
||||
#endif
|
||||
|
||||
if ((err = glob1(patbuf, pglob)) != 0)
|
||||
if ((err = glob1(patbuf, pglob, limit)) != 0)
|
||||
return(err);
|
||||
|
||||
/*
|
||||
@ -494,7 +492,7 @@ glob0(pattern, pglob)
|
||||
((pglob->gl_flags & GLOB_NOCHECK) ||
|
||||
((pglob->gl_flags & GLOB_NOMAGIC) &&
|
||||
!(pglob->gl_flags & GLOB_MAGCHAR))))
|
||||
return(globextend(pattern, pglob));
|
||||
return(globextend(pattern, pglob, limit));
|
||||
else if (!(pglob->gl_flags & GLOB_NOSORT))
|
||||
qsort(pglob->gl_pathv + pglob->gl_offs + oldpathc,
|
||||
pglob->gl_pathc - oldpathc, sizeof(char *), compare);
|
||||
@ -509,16 +507,17 @@ compare(p, q)
|
||||
}
|
||||
|
||||
static int
|
||||
glob1(pattern, pglob)
|
||||
glob1(pattern, pglob, limit)
|
||||
Char *pattern;
|
||||
glob_t *pglob;
|
||||
int *limit;
|
||||
{
|
||||
Char pathbuf[MAXPATHLEN+1];
|
||||
|
||||
/* A null pathname is invalid -- POSIX 1003.1 sect. 2.4. */
|
||||
if (*pattern == EOS)
|
||||
return(0);
|
||||
return(glob2(pathbuf, pathbuf, pattern, pglob));
|
||||
return(glob2(pathbuf, pathbuf, pattern, pglob, limit));
|
||||
}
|
||||
|
||||
/*
|
||||
@ -527,9 +526,10 @@ glob1(pattern, pglob)
|
||||
* meta characters.
|
||||
*/
|
||||
static int
|
||||
glob2(pathbuf, pathend, pattern, pglob)
|
||||
glob2(pathbuf, pathend, pattern, pglob, limit)
|
||||
Char *pathbuf, *pathend, *pattern;
|
||||
glob_t *pglob;
|
||||
int *limit;
|
||||
{
|
||||
struct stat sb;
|
||||
Char *p, *q;
|
||||
@ -554,7 +554,7 @@ glob2(pathbuf, pathend, pattern, pglob)
|
||||
*pathend = EOS;
|
||||
}
|
||||
++pglob->gl_matchc;
|
||||
return(globextend(pathbuf, pglob));
|
||||
return(globextend(pathbuf, pglob, limit));
|
||||
}
|
||||
|
||||
/* Find end of next segment, copy tentatively to pathend. */
|
||||
@ -572,15 +572,17 @@ glob2(pathbuf, pathend, pattern, pglob)
|
||||
while (*pattern == SEP)
|
||||
*pathend++ = *pattern++;
|
||||
} else /* Need expansion, recurse. */
|
||||
return(glob3(pathbuf, pathend, pattern, p, pglob));
|
||||
return(glob3(pathbuf, pathend, pattern, p, pglob,
|
||||
limit));
|
||||
}
|
||||
/* NOTREACHED */
|
||||
}
|
||||
|
||||
static int
|
||||
glob3(pathbuf, pathend, pattern, restpattern, pglob)
|
||||
glob3(pathbuf, pathend, pattern, restpattern, pglob, limit)
|
||||
Char *pathbuf, *pathend, *pattern, *restpattern;
|
||||
glob_t *pglob;
|
||||
int *limit;
|
||||
{
|
||||
register struct dirent *dp;
|
||||
DIR *dirp;
|
||||
@ -630,7 +632,7 @@ glob3(pathbuf, pathend, pattern, restpattern, pglob)
|
||||
*pathend = EOS;
|
||||
continue;
|
||||
}
|
||||
err = glob2(pathbuf, --dc, restpattern, pglob);
|
||||
err = glob2(pathbuf, --dc, restpattern, pglob, limit);
|
||||
if (err)
|
||||
break;
|
||||
}
|
||||
@ -658,9 +660,10 @@ glob3(pathbuf, pathend, pattern, restpattern, pglob)
|
||||
* gl_pathv points to (gl_offs + gl_pathc + 1) items.
|
||||
*/
|
||||
static int
|
||||
globextend(path, pglob)
|
||||
globextend(path, pglob, limit)
|
||||
const Char *path;
|
||||
glob_t *pglob;
|
||||
int *limit;
|
||||
{
|
||||
register char **pathv;
|
||||
register int i;
|
||||
@ -668,8 +671,8 @@ globextend(path, pglob)
|
||||
char *copy;
|
||||
const Char *p;
|
||||
|
||||
if (pglob->gl_pathc > MAX_GLOBENTRIES)
|
||||
return (GLOB_ABEND);
|
||||
if (*limit && pglob->gl_pathc > *limit)
|
||||
return (GLOB_LIMIT);
|
||||
|
||||
newsize = sizeof(*pathv) * (2 + pglob->gl_pathc + pglob->gl_offs);
|
||||
pathv = pglob->gl_pathv ?
|
||||
|
Loading…
x
Reference in New Issue
Block a user