summaryrefslogtreecommitdiffstats
path: root/lib/opendir-safer.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/opendir-safer.c')
-rw-r--r--lib/opendir-safer.c76
1 files changed, 76 insertions, 0 deletions
diff --git a/lib/opendir-safer.c b/lib/opendir-safer.c
new file mode 100644
index 0000000..1677fb6
--- /dev/null
+++ b/lib/opendir-safer.c
@@ -0,0 +1,76 @@
+/* Invoke opendir, but avoid some glitches.
+
+ Copyright (C) 2009-2022 Free Software Foundation, Inc.
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <https://www.gnu.org/licenses/>. */
+
+/* Written by Eric Blake. */
+
+#include <config.h>
+
+#include "dirent-safer.h"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <unistd.h>
+
+/* Like opendir, but do not clobber stdin, stdout, or stderr. */
+
+DIR *
+opendir_safer (char const *name)
+{
+ DIR *dp = opendir (name);
+
+ if (dp)
+ {
+ int fd = dirfd (dp);
+
+ if (0 <= fd && fd <= STDERR_FILENO)
+ {
+ /* If fdopendir is native (as on Linux), then it is safe to
+ assume dirfd(fdopendir(n))==n. If we are using the
+ gnulib module fdopendir, then this guarantee is not met,
+ but fdopendir recursively calls opendir_safer up to 3
+ times to at least get a safe fd. If fdopendir is not
+ present but dirfd is accurate (as on cygwin 1.5.x), then
+ we recurse up to 3 times ourselves. Finally, if dirfd
+ always fails (as on mingw), then we are already safe. */
+ DIR *newdp;
+ int e;
+#if HAVE_FDOPENDIR || GNULIB_FDOPENDIR
+ int f = fcntl (fd, F_DUPFD_CLOEXEC, STDERR_FILENO + 1);
+ if (f < 0)
+ {
+ e = errno;
+ newdp = NULL;
+ }
+ else
+ {
+ newdp = fdopendir (f);
+ e = errno;
+ if (! newdp)
+ close (f);
+ }
+#else /* !FDOPENDIR */
+ newdp = opendir_safer (name);
+ e = errno;
+#endif
+ closedir (dp);
+ errno = e;
+ dp = newdp;
+ }
+ }
+
+ return dp;
+}