__archive_mktemp function should simply be in one file for maintenance, and so

I migrated that of Windows implementation into archive_util.c. SVN-Revision: 3661
author: Michihiro NAKAJIMA <ggcueroad@gmail.com> 2011-08-28 02:38:41 -0400
committer: Michihiro NAKAJIMA <ggcueroad@gmail.com> 2011-08-28 02:38:41 -0400
commit: f54f2b7568d0cd12156048b3af896beb26414d8f (patch)
tree: 559156e5368f0b91a98e95c17f28ccbc28c7c6f5 /libarchive/archive_util.c
parent: 9ebf90e3f2bbcb2748a451ec3b54ec595a80f205 (diff)
download: libarchive-f54f2b7568d0cd12156048b3af896beb26414d8f.tar.gz
1 files changed, 154 insertions, 1 deletions
diff --git a/libarchive/archive_util.c b/libarchive/archive_util.c
index f6bec3bb..be7b2220 100644
--- a/libarchive/archive_util.c
+++ b/libarchive/archive_util.c
@@ -42,6 +42,9 @@ __FBSDID("$FreeBSD: head/lib/libarchive/archive_util.c 201098 2009-12-28 02:58:1
 #ifdef HAVE_STRING_H
 #include <string.h>
 #endif
+#ifdef HAVE_WINCRYPT_H
+#include <wincrypt.h>
+#endif
 
 #include "archive.h"
 #include "archive_private.h"
@@ -186,7 +189,157 @@ __archive_errx(int retvalue, const char *msg)
 /*
  * Create a temporary file
  */
-#if !defined(_WIN32) || defined(__CYGWIN__)
+#if defined(_WIN32) && !defined(__CYGWIN__)
+
+/*
+ * Do not use Windows tmpfile() function.
+ * It will make a temporary file under the root directory
+ * and it'll cause permission error if a user who is
+ * non-Administrator creates temporary files.
+ * Also Windows version of mktemp family including _mktemp_s
+ * are not secure.
+ */
+int
+__archive_mktemp(const char *tmpdir)
+{
+	static const wchar_t num[] = {
+		L'0', L'1', L'2', L'3', L'4', L'5', L'6', L'7',
+		L'8', L'9', L'A', L'B', L'C', L'D', L'E', L'F',
+		L'G', L'H', L'I', L'J', L'K', L'L', L'M', L'N',
+		L'O', L'P', L'Q', L'R', L'S', L'T', L'U', L'V',
+		L'W', L'X', L'Y', L'Z', L'a', L'b', L'c', L'd',
+		L'e', L'f', L'g', L'h', L'i', L'j', L'k', L'l',
+		L'm', L'n', L'o', L'p', L'q', L'r', L's', L't',
+		L'u', L'v', L'w', L'x', L'y', L'z'
+	};
+	HCRYPTPROV hProv;
+	struct archive_wstring temp_name;
+	wchar_t *ws;
+	DWORD attr;
+	wchar_t *xp, *ep;
+	int fd;
+
+	hProv = (HCRYPTPROV)NULL;
+	fd = -1;
+	ws = NULL;
+	archive_string_init(&temp_name);
+
+	/* Get a temporary directory. */
+	if (tmpdir == NULL) {
+		size_t l;
+		wchar_t *tmp;
+
+		l = GetTempPathW(0, NULL);
+		if (l == 0) {
+			la_dosmaperr(GetLastError());
+			goto exit_tmpfile;
+		}
+		tmp = malloc(l*sizeof(wchar_t));
+		if (tmp == NULL) {
+			errno = ENOMEM;
+			goto exit_tmpfile;
+		}
+		GetTempPathW(l, tmp);
+		archive_wstrcpy(&temp_name, tmp);
+		free(tmp);
+	} else {
+		archive_wstring_append_from_mbs(&temp_name, tmpdir,
+		    strlen(tmpdir));
+		if (temp_name.s[temp_name.length-1] != L'/')
+			archive_wstrappend_wchar(&temp_name, L'/');
+	}
+
+	/* Check if temp_name is a directory. */
+	attr = GetFileAttributesW(temp_name.s);
+	if (attr == (DWORD)-1) {
+		if (GetLastError() != ERROR_FILE_NOT_FOUND) {
+			la_dosmaperr(GetLastError());
+			goto exit_tmpfile;
+		}
+		ws = __la_win_permissive_name_w(temp_name.s);
+		if (ws == NULL) {
+			errno = EINVAL;
+			goto exit_tmpfile;
+		}
+		attr = GetFileAttributesW(ws);
+		if (attr == (DWORD)-1) {
+			la_dosmaperr(GetLastError());
+			goto exit_tmpfile;
+		}
+	}
+	if (!(attr & FILE_ATTRIBUTE_DIRECTORY)) {
+		errno = ENOTDIR;
+		goto exit_tmpfile;
+	}
+
+	/*
+	 * Create a temporary file.
+	 */
+	archive_wstrcat(&temp_name, L"libarchive_");
+	xp = temp_name.s + archive_strlen(&temp_name);
+	archive_wstrcat(&temp_name, L"XXXXXXXXXX");
+	ep = temp_name.s + archive_strlen(&temp_name);
+
+	if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL,
+		CRYPT_VERIFYCONTEXT)) {
+		la_dosmaperr(GetLastError());
+		goto exit_tmpfile;
+	}
+
+	for (;;) {
+		wchar_t *p;
+		HANDLE h;
+
+		/* Generate a random file name through CryptGenRandom(). */
+		p = xp;
+		if (!CryptGenRandom(hProv, (ep - p)*sizeof(wchar_t), (BYTE*)p)) {
+			la_dosmaperr(GetLastError());
+			goto exit_tmpfile;
+		}
+		for (; p < ep; p++)
+			*p = num[((DWORD)*p) % (sizeof(num)/sizeof(num[0]))];
+
+		free(ws);
+		ws = __la_win_permissive_name_w(temp_name.s);
+		if (ws == NULL) {
+			errno = EINVAL;
+			goto exit_tmpfile;
+		}
+		/* Specifies FILE_FLAG_DELETE_ON_CLOSE flag is to
+		 * delete this temporary file immediately when this
+		 * file closed. */
+		h = CreateFileW(ws,
+		    GENERIC_READ | GENERIC_WRITE | DELETE,
+		    0,/* Not share */
+		    NULL,
+		    CREATE_NEW,/* Create a new file only */
+		    FILE_ATTRIBUTE_TEMPORARY | FILE_FLAG_DELETE_ON_CLOSE,
+		    NULL);
+		if (h == INVALID_HANDLE_VALUE) {
+			/* The same file already exists. retry with
+			 * a new filename. */
+			if (GetLastError() == ERROR_FILE_EXISTS)
+				continue;
+			/* Otherwise, fail creation temporary file. */
+			la_dosmaperr(GetLastError());
+			goto exit_tmpfile;
+		}
+		fd = _open_osfhandle((intptr_t)h, _O_BINARY | _O_RDWR);
+		if (fd == -1) {
+			CloseHandle(h);
+			goto exit_tmpfile;
+		} else
+			break;/* success! */
+	}
+exit_tmpfile:
+	if (hProv != (HCRYPTPROV)NULL)
+		CryptReleaseContext(hProv, 0);
+	free(ws);
+	archive_wstring_free(&temp_name);
+	return (fd);
+}
+
+#else
 
 static int
 get_tempdir(struct archive_string *temppath)
author	Michihiro NAKAJIMA <ggcueroad@gmail.com>	2011-08-28 02:38:41 -0400
committer	Michihiro NAKAJIMA <ggcueroad@gmail.com>	2011-08-28 02:38:41 -0400
commit	f54f2b7568d0cd12156048b3af896beb26414d8f (patch)
tree	559156e5368f0b91a98e95c17f28ccbc28c7c6f5 /libarchive/archive_util.c
parent	9ebf90e3f2bbcb2748a451ec3b54ec595a80f205 (diff)
download	libarchive-f54f2b7568d0cd12156048b3af896beb26414d8f.tar.gz