From nobody@FreeBSD.ORG Wed Jun 16 08:10:56 1999
Return-Path: <nobody@FreeBSD.ORG>
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id F3FB61501A; Wed, 16 Jun 1999 08:10:55 -0700 (PDT)
Message-Id: <19990616151055.F3FB61501A@hub.freebsd.org>
Date: Wed, 16 Jun 1999 08:10:55 -0700 (PDT)
From: jose@we.lc.ehu.es
Sender: nobody@FreeBSD.ORG
To: freebsd-gnats-submit@freebsd.org
Subject: realpath() fails when there is no permission to read the WD
X-Send-Pr-Version: www-1.0

>Number:         12244
>Category:       bin
>Synopsis:       realpath() fails when there is no permission to read the WD
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    fjoe
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jun 16 08:20:00 PDT 1999
>Closed-Date:    Thu May 22 10:13:50 PDT 2003
>Last-Modified:  Thu May 22 10:13:50 PDT 2003
>Originator:     Jose M. Alcaide
>Release:        3.2-RELEASE
>Organization:
Universidad del Pais Vasco - Dept. de Electricidad y Electronica
>Environment:
FreeBSD garatu.we.lc.ehu.es 3.2-RELEASE FreeBSD 3.2-RELEASE #0: Tue May 18 18:40:58 CEST 1999     root@garatu.we.lc.ehu.es:/usr/src/sys/compile/GARATU  i386

>Description:
The realpath() function fails when the WD cannot be opened for reading.
One of the utilities affected by this problem is mount(8): it fails
when the working directory is NFS-mounted, it is being exported
without root access, and there is no permission to read it.

The origin of this problem is that realpath() uses the open()/fchdir()
method for saving/restoring the working directory. Unfortunately, this
method fails when the WD cannot be opened. In this case, the more
traditional (although less efficient) getwd()/chdir() method does
work.
>How-To-Repeat:
Obvious.
>Fix:
Change the method realpath() uses for saving/restoring the working
directory (getwd()/chdir() instead of open()/fchdir()).


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: iedowse 
State-Changed-When: Sun Jan 20 10:01:13 PST 2002 
State-Changed-Why:  

Is this problem still present in more recent releases? 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=12244 

From: Ian Dowse <iedowse@maths.tcd.ie>
To: freebsd-gnats-submit@freebsd.org
Cc:  
Subject: Re: bin/12244: realpath() fails when there is no permission to read the WD 
Date: Mon, 21 Jan 2002 21:06:59 +0000

 Adding to the audit trail:
 
 In message <20020121021534.A853@v-ger.we.lc.ehu.es>, "Jose M. Alcaide" writes:
 >On Sun, Jan 20, 2002 at 10:02:15AM -0800, iedowse@FreeBSD.org wrote:
 >> Synopsis: realpath() fails when there is no permission to read the WD
 >> 
 >> State-Changed-From-To: open->feedback
 >> State-Changed-By: iedowse
 >> State-Changed-When: Sun Jan 20 10:01:13 PST 2002
 >> State-Changed-Why: 
 >> 
 >> Is this problem still present in more recent releases?
 >> 
 >> http://www.FreeBSD.org/cgi/query-pr.cgi?pr=12244
 >
 >Yes, it is. Realpath(3) continues using open()/fchdir() for
 >saving/restoring the current directory. I think that the getwd()/chdir()
 >method should be used as fallback.
 >
 >-- 
 >****** Jose M. Alcaide  //  jose@we.lc.ehu.es  //  jmas@FreeBSD.org ******
 >** "Beware of Programmers who carry screwdrivers" --  Leonard Brandwein **
State-Changed-From-To: feedback->open 
State-Changed-By: iedowse 
State-Changed-When: Mon Jan 21 13:12:44 PST 2002 
State-Changed-Why:  

This is still a problem. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=12244 

From: Sheldon Hearn <sheldonh@starjuice.net>
To: "Jose M. Alcaide" <jose@we.lc.ehu.es>
Cc: iedowse@FreeBSD.org, bug-followup@freebsd.org
Subject: Re: bin/12244: realpath() fails when there is no permission to read the WD 
Date: Thu, 31 Jan 2002 17:13:11 +0200

 On Mon, 21 Jan 2002 02:15:34 +0100, "Jose M. Alcaide" wrote:
 
 > Yes, it is. Realpath(3) continues using open()/fchdir() for
 > saving/restoring the current directory. I think that the getwd()/chdir()
 > method should be used as fallback.
 
 Could you submit a patch for that?
 
 Ciao,
 Sheldon.

From: "Jose M. Alcaide" <jose@we.lc.ehu.es>
To: Sheldon Hearn <sheldonh@starjuice.net>
Cc: iedowse@FreeBSD.org, bug-followup@FreeBSD.org
Subject: Re: bin/12244: realpath() fails when there is no permission to read the WD
Date: Tue, 26 Feb 2002 13:19:09 +0100

 --UlVJffcvxoiEqYs2
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 
 On Thu, Jan 31, 2002 at 05:13:11PM +0200, Sheldon Hearn wrote:
 > On Mon, 21 Jan 2002 02:15:34 +0100, "Jose M. Alcaide" wrote:
 > > Yes, it is. Realpath(3) continues using open()/fchdir() for
 > > saving/restoring the current directory. I think that the getwd()/chdir()
 > > method should be used as fallback.
 > 
 > Could you submit a patch for that?
 
 I have written a patch (attached). I did not tested it, but it is pretty
 trivial. It is somewhat ugly, too ;-)
 
 -- 
 ****** Jose M. Alcaide  //  jose@we.lc.ehu.es  //  jmas@FreeBSD.org ******
 ** "Beware of Programmers who carry screwdrivers" --  Leonard Brandwein **
 
 --UlVJffcvxoiEqYs2
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: attachment; filename="realpath.c.patch"
 
 --- lib/libc/stdlib/realpath.c.orig	Fri Jan 28 00:06:50 2000
 +++ lib/libc/stdlib/realpath.c	Tue Feb 26 13:16:31 2002
 @@ -63,14 +63,19 @@
  {
  	struct stat sb;
  	int fd, n, rootd, serrno;
 -	char *p, *q, wbuf[MAXPATHLEN];
 +	char *p, *q, wbuf[MAXPATHLEN], scwd[MAXPATHLEN];
  	int symlinks = 0;
  
 -	/* Save the starting point. */
 -	if ((fd = _open(".", O_RDONLY)) < 0) {
 -		(void)strcpy(resolved, ".");
 -		return (NULL);
 -	}
 +	/*
 +	 * Save the starting point:
 +	 * First, try open()/fchdir() method and, if this fails,
 +	 * then try getcwd()/chdir().
 +	 */
 +	if ((fd = _open(".", O_RDONLY)) < 0)
 +		if (getcwd(scwd, MAXPATHLEN) == 0) {
 +			(void)strcpy(resolved, ".");
 +			return (NULL);
 +		}
  
  	/*
  	 * Find the dirname and basename from the path to be resolved.
 @@ -96,7 +101,7 @@
  			q = resolved;
  		}
  		if (chdir(q) < 0)
 -			goto err1;
 +			goto err;
  	} else
  		p = resolved;
  
 @@ -105,17 +110,17 @@
  		if (S_ISLNK(sb.st_mode)) {
  			if (++symlinks > MAXSYMLINKS) {
  				errno = ELOOP;
 -				goto err1;
 +				goto err;
  			}
  			n = readlink(p, resolved, MAXPATHLEN - 1);
  			if (n < 0)
 -				goto err1;
 +				goto err;
  			resolved[n] = '\0';
  			goto loop;
  		}
  		if (S_ISDIR(sb.st_mode)) {
  			if (chdir(p) < 0)
 -				goto err1;
 +				goto err;
  			p = "";
  		}
  	}
 @@ -126,7 +131,7 @@
  	 */
  	(void)strcpy(wbuf, p);
  	if (getcwd(resolved, MAXPATHLEN) == 0)
 -		goto err1;
 +		goto err;
  
  	/*
  	 * Join the two strings together, ensuring that the right thing
 @@ -140,26 +145,38 @@
  	if (*wbuf) {
  		if (strlen(resolved) + strlen(wbuf) + rootd + 1 > MAXPATHLEN) {
  			errno = ENAMETOOLONG;
 -			goto err1;
 +			goto err;
  		}
  		if (rootd == 0)
  			(void)strcat(resolved, "/");
  		(void)strcat(resolved, wbuf);
  	}
  
 -	/* Go back to where we came from. */
 -	if (fchdir(fd) < 0) {
 -		serrno = errno;
 -		goto err2;
 -	}
 +	/*
 +	 * Go back to where we came from. If fd < 0, we are using the
 +	 * getcwd()/chdir() method; else, we are using open()/fchdir().
 +	 */
 +	if (fd < 0) {
 +		if (chdir(scwd) < 0)
 +			return (NULL);
 +	} else  if (fchdir(fd) < 0) {
 +			serrno = errno;
 +			(void)_close(fd);
 +			errno = serrno;
 +			return (NULL);
 +		}
  
  	/* It's okay if the close fails, what's an fd more or less? */
  	(void)_close(fd);
  	return (resolved);
  
 -err1:	serrno = errno;
 -	(void)fchdir(fd);
 -err2:	(void)_close(fd);
 +err:	serrno = errno;
 +	if (fd < 0)
 +		(void)chdir(scwd);
 +	else {
 +		(void)fchdir(fd);
 +		(void)_close(fd);
 +	}
  	errno = serrno;
  	return (NULL);
  }
 
 --UlVJffcvxoiEqYs2--
Responsible-Changed-From-To: freebsd-bugs->johan 
Responsible-Changed-By: johan 
Responsible-Changed-When: Sun Nov 24 07:59:54 PST 2002 
Responsible-Changed-Why:  
I will look into this and hopefully commit once 5.0 is out. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=12244 
State-Changed-From-To: open->patched 
State-Changed-By: johan 
State-Changed-When: Sat Apr 12 06:51:48 PDT 2003 
State-Changed-Why:  
A different fix was committed to current. 


Responsible-Changed-From-To: johan->fjoe 
Responsible-Changed-By: johan 
Responsible-Changed-When: Sat Apr 12 06:51:48 PDT 2003 
Responsible-Changed-Why:  
Over to Max as a reminder to MFC rev 1.14 - 1.17 

http://www.freebsd.org/cgi/query-pr.cgi?pr=12244 
State-Changed-From-To: patched->closed 
State-Changed-By: fjoe 
State-Changed-When: Thu May 22 10:12:38 PDT 2003 
State-Changed-Why:  
I MFC'ed the fix to RELENG_4. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=12244 
>Unformatted:
