*/
static int check_filesystem (guestfs_h *g, const char *device);
static int check_linux_root (guestfs_h *g, struct inspect_fs *fs);
+static void check_architecture (guestfs_h *g, struct inspect_fs *fs);
static int check_fstab (guestfs_h *g, struct inspect_fs *fs);
static int check_windows_root (guestfs_h *g, struct inspect_fs *fs);
static int check_windows_arch (guestfs_h *g, struct inspect_fs *fs);
static int add_fstab_entry (guestfs_h *g, struct inspect_fs *fs,
const char *spec, const char *mp);
static char *resolve_fstab_device (guestfs_h *g, const char *spec);
+static int download_to_tmp (guestfs_h *g, const char *filename, char *localtmp, int64_t max_size);
+static int inspect_with_augeas (guestfs_h *g, struct inspect_fs *fs, const char *filename, int (*f) (guestfs_h *, struct inspect_fs *));
+static char *first_line_of_file (guestfs_h *g, const char *filename);
static int
check_for_filesystem_on (guestfs_h *g, const char *device)
parse_release_file (guestfs_h *g, struct inspect_fs *fs,
const char *release_filename)
{
- char **product_name = guestfs_head_n (g, 1, release_filename);
- if (product_name == NULL)
+ fs->product_name = first_line_of_file (g, release_filename);
+ if (fs->product_name == NULL)
return -1;
- if (product_name[0] == NULL) {
- error (g, "%s: file is empty", release_filename);
- guestfs___free_string_list (product_name);
- return -1;
- }
-
- /* Note that this string becomes owned by the handle and will
- * be freed by guestfs___free_inspect_info.
- */
- fs->product_name = product_name[0];
- free (product_name);
-
return 0;
}
static int
parse_lsb_release (guestfs_h *g, struct inspect_fs *fs)
{
+ const char *filename = "/etc/lsb-release";
+ int64_t size;
char **lines;
size_t i;
int r = 0;
- lines = guestfs_head_n (g, 10, "/etc/lsb-release");
+ /* Don't trust guestfs_head_n not to break with very large files.
+ * Check the file size is something reasonable first.
+ */
+ size = guestfs_filesize (g, filename);
+ if (size == -1)
+ /* guestfs_filesize failed and has already set error in handle */
+ return -1;
+ if (size > 1000000) {
+ error (g, _("size of %s is unreasonably large (%" PRIi64 " bytes)"),
+ filename, size);
+ return -1;
+ }
+
+ lines = guestfs_head_n (g, 10, filename);
if (lines == NULL)
return -1;
skip_release_checks:;
/* Determine the architecture. */
+ check_architecture (g, fs);
+
+ /* We already know /etc/fstab exists because it's part of the test
+ * for Linux root above. We must now parse this file to determine
+ * which filesystems are used by the operating system and how they
+ * are mounted.
+ */
+ if (inspect_with_augeas (g, fs, "/etc/fstab", check_fstab) == -1)
+ return -1;
+
+ return 0;
+}
+
+static void
+check_architecture (guestfs_h *g, struct inspect_fs *fs)
+{
const char *binaries[] =
{ "/bin/bash", "/bin/ls", "/bin/echo", "/bin/rm", "/bin/sh" };
size_t i;
+
for (i = 0; i < sizeof binaries / sizeof binaries[0]; ++i) {
if (guestfs_is_file (g, binaries[i]) > 0) {
/* Ignore errors from file_architecture call. */
}
}
}
-
- /* We already know /etc/fstab exists because it's part of the test
- * for Linux root above. We must now parse this file to determine
- * which filesystems are used by the operating system and how they
- * are mounted.
- * XXX What if !feature_available (g, "augeas")?
- */
- if (guestfs_aug_init (g, "/", 16|32) == -1)
- return -1;
-
- /* Tell Augeas to only load /etc/fstab (thanks Raphaël Pinson). */
- guestfs_aug_rm (g, "/augeas/load//incl[. != \"/etc/fstab\"]");
- guestfs_aug_load (g);
-
- r = check_fstab (g, fs);
- guestfs_aug_close (g);
- if (r == -1)
- return -1;
-
- return 0;
}
static int
return -1;
if (lines[0] == NULL) {
- error (g, "could not parse /etc/fstab or empty file");
+ error (g, _("could not parse /etc/fstab or empty file"));
guestfs___free_string_list (lines);
return -1;
}
static int
check_windows_registry (guestfs_h *g, struct inspect_fs *fs)
{
- TMP_TEMPLATE_ON_STACK (dir);
-#define dir_len (strlen (dir))
-#define software_hive_len (dir_len + 16)
- char software_hive[software_hive_len];
-#define cmd_len (dir_len + 16)
- char cmd[cmd_len];
+ TMP_TEMPLATE_ON_STACK (software_local);
size_t len = strlen (fs->windows_systemroot) + 64;
char software[len];
hive_h *h = NULL;
hive_value_h *values = NULL;
- if (mkdtemp (dir) == NULL) {
- perrorf (g, "mkdtemp");
+ if (download_to_tmp (g, software_path, software_local, 100000000) == -1)
goto out;
- }
- snprintf (software_hive, software_hive_len, "%s/software", dir);
-
- if (guestfs_download (g, software_path, software_hive) == -1)
- goto out;
-
- h = hivex_open (software_hive, g->verbose ? HIVEX_OPEN_VERBOSE : 0);
+ h = hivex_open (software_local, g->verbose ? HIVEX_OPEN_VERBOSE : 0);
if (h == NULL) {
perrorf (g, "hivex_open");
goto out;
if (fs->minor_version == -1) {
free (key);
free (version);
- return -1;
+ goto out;
}
}
free (values);
free (software_path);
- /* Free up the temporary directory. Note the directory name cannot
- * contain shell meta-characters because of the way it was
- * constructed above.
- */
- snprintf (cmd, cmd_len, "rm -rf %s", dir);
- ignore_value (system (cmd));
-#undef dir_len
-#undef software_hive_len
-#undef cmd_len
+ /* Free up the temporary file. */
+ unlink (software_local);
+#undef software_local_len
return ret;
}
long ret;
int r = xstrtol (str, NULL, 10, &ret, "");
if (r != LONGINT_OK) {
- error (g, "could not parse integer in version number: %s", str);
+ error (g, _("could not parse integer in version number: %s"), str);
return -1;
}
return ret;
return ret;
}
+/* Download to a guest file to a local temporary file. Refuse to
+ * download the guest file if it is larger than max_size. The caller
+ * is responsible for deleting the temporary file after use.
+ */
+static int
+download_to_tmp (guestfs_h *g, const char *filename,
+ char *localtmp, int64_t max_size)
+{
+ int fd;
+ char buf[32];
+ int64_t size;
+
+ size = guestfs_filesize (g, filename);
+ if (size == -1)
+ /* guestfs_filesize failed and has already set error in handle */
+ return -1;
+ if (size > max_size) {
+ error (g, _("size of %s is unreasonably large (%" PRIi64 " bytes)"),
+ filename, size);
+ return -1;
+ }
+
+ fd = mkstemp (localtmp);
+ if (fd == -1) {
+ perrorf (g, "mkstemp");
+ return -1;
+ }
+
+ snprintf (buf, sizeof buf, "/dev/fd/%d", fd);
+
+ if (guestfs_download (g, filename, buf) == -1) {
+ close (fd);
+ unlink (localtmp);
+ return -1;
+ }
+
+ if (close (fd) == -1) {
+ perrorf (g, "close: %s", localtmp);
+ unlink (localtmp);
+ return -1;
+ }
+
+ return 0;
+}
+
+/* Call 'f' with Augeas opened and having parsed 'filename' (this file
+ * must exist). As a security measure, this bails if the file is too
+ * large for a reasonable configuration file. After the call to 'f'
+ * Augeas is closed.
+ */
+static int
+inspect_with_augeas (guestfs_h *g, struct inspect_fs *fs, const char *filename,
+ int (*f) (guestfs_h *, struct inspect_fs *))
+{
+ /* Security: Refuse to do this if filename is too large. */
+ int64_t size = guestfs_filesize (g, filename);
+ if (size == -1)
+ /* guestfs_filesize failed and has already set error in handle */
+ return -1;
+ if (size > 100000) {
+ error (g, _("size of %s is unreasonably large (%" PRIi64 " bytes)"),
+ filename, size);
+ return -1;
+ }
+
+ /* If !feature_available (g, "augeas") then the next call will fail.
+ * Arguably we might want to fall back to a non-Augeas method in
+ * this case.
+ */
+ if (guestfs_aug_init (g, "/", 16|32) == -1)
+ return -1;
+
+ int r = -1;
+
+ /* Tell Augeas to only load one file (thanks Raphaël Pinson). */
+ char buf[strlen (filename) + 64];
+ snprintf (buf, strlen (filename) + 64, "/augeas/load//incl[. != \"%s\"]",
+ filename);
+ if (guestfs_aug_rm (g, buf) == -1)
+ goto out;
+
+ if (guestfs_aug_load (g) == -1)
+ goto out;
+
+ r = f (g, fs);
+
+ out:
+ guestfs_aug_close (g);
+
+ return r;
+}
+
+/* Get the first line of a small file, without any trailing newline
+ * character.
+ */
+static char *
+first_line_of_file (guestfs_h *g, const char *filename)
+{
+ char **lines;
+ int64_t size;
+ char *ret;
+
+ /* Don't trust guestfs_head_n not to break with very large files.
+ * Check the file size is something reasonable first.
+ */
+ size = guestfs_filesize (g, filename);
+ if (size == -1)
+ /* guestfs_filesize failed and has already set error in handle */
+ return NULL;
+ if (size > 1000000) {
+ error (g, _("size of %s is unreasonably large (%" PRIi64 " bytes)"),
+ filename, size);
+ return NULL;
+ }
+
+ lines = guestfs_head_n (g, 1, filename);
+ if (lines == NULL)
+ return NULL;
+ if (lines[0] == NULL) {
+ error (g, _("%s: file is empty"), filename);
+ guestfs___free_string_list (lines);
+ return NULL;
+ }
+ /* lines[1] should be NULL because of '1' argument above ... */
+
+ ret = lines[0]; /* caller frees */
+ free (lines); /* free the array */
+
+ return ret;
+}
+
#else /* no PCRE or hivex at compile time */
/* XXX These functions should be in an optgroup. */
return 1;
}
+/* Match a regular expression which contains exactly three captures. */
+int
+guestfs___match3 (guestfs_h *g, const char *str, const pcre *re,
+ char **ret1, char **ret2, char **ret3)
+{
+ size_t len = strlen (str);
+ int vec[30], r;
+
+ r = pcre_exec (re, NULL, str, len, 0, 0, vec, 30);
+ if (r == PCRE_ERROR_NOMATCH)
+ return 0;
+ if (r != 4) {
+ /* Internal error -- should not happen. */
+ fprintf (stderr, "libguestfs: %s: %s: internal error: pcre_exec returned unexpected error code %d when matching against the string \"%s\"\n",
+ __FILE__, __func__, r, str);
+ return 0;
+ }
+
+ *ret1 = safe_strndup (g, &str[vec[2]], vec[3]-vec[2]);
+ *ret2 = safe_strndup (g, &str[vec[4]], vec[5]-vec[4]);
+ *ret3 = safe_strndup (g, &str[vec[6]], vec[7]-vec[6]);
+
+ return 1;
+}
+
#endif /* HAVE_PCRE */