1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
|
// filesystem unique_path.cpp --------------------------------------------------------//
// Copyright Beman Dawes 2010
// Copyright Andrey Semashev 2020, 2024
// Distributed under the Boost Software License, Version 1.0.
// See http://www.boost.org/LICENSE_1_0.txt
// Library home page: http://www.boost.org/libs/filesystem
//--------------------------------------------------------------------------------------//
#include "platform_config.hpp"
#include <boost/predef/library/c/cloudabi.h>
#include <boost/predef/os/bsd/open.h>
#include <boost/predef/os/bsd/free.h>
#ifdef BOOST_POSIX_API
#include <cerrno>
#include <stddef.h>
#include <unistd.h>
#include <fcntl.h>
#if !defined(BOOST_FILESYSTEM_DISABLE_ARC4RANDOM)
#if BOOST_OS_BSD_OPEN >= BOOST_VERSION_NUMBER(2, 1, 0) || \
BOOST_OS_BSD_FREE >= BOOST_VERSION_NUMBER(8, 0, 0) || \
BOOST_LIB_C_CLOUDABI
#include <stdlib.h>
#define BOOST_FILESYSTEM_HAS_ARC4RANDOM
#endif
#endif // !defined(BOOST_FILESYSTEM_DISABLE_ARC4RANDOM)
#if !defined(BOOST_FILESYSTEM_DISABLE_GETRANDOM)
#if (defined(__linux__) || defined(__linux) || defined(linux)) && \
(!defined(__ANDROID__) || __ANDROID_API__ >= 28)
#include <sys/syscall.h>
#if defined(SYS_getrandom)
#define BOOST_FILESYSTEM_HAS_GETRANDOM_SYSCALL
#endif // defined(SYS_getrandom)
#if defined(__has_include)
#if __has_include(<sys/random.h>)
#define BOOST_FILESYSTEM_HAS_GETRANDOM
#endif
#elif defined(__GLIBC__)
#if __GLIBC_PREREQ(2, 25)
#define BOOST_FILESYSTEM_HAS_GETRANDOM
#endif
#endif // BOOST_FILESYSTEM_HAS_GETRANDOM definition
#if defined(BOOST_FILESYSTEM_HAS_GETRANDOM)
#include <sys/random.h>
#endif
#endif // (defined(__linux__) || defined(__linux) || defined(linux)) && (!defined(__ANDROID__) || __ANDROID_API__ >= 28)
#endif // !defined(BOOST_FILESYSTEM_DISABLE_GETRANDOM)
#include <boost/scope/unique_fd.hpp>
#include "posix_tools.hpp"
#else // BOOST_WINDOWS_API
// We use auto-linking below to help users of static builds of Boost.Filesystem to link to whatever Windows SDK library we selected.
// The dependency information is currently not exposed in CMake config files generated by Boost.Build (https://github.com/boostorg/boost_install/issues/18),
// which makes it non-trivial for users to discover the libraries they need. This feature is deprecated and may be removed in the future,
// when the situation with CMake config files improves.
// Note that the library build system is the principal source of linking the library, which must work regardless of auto-linking.
#include <boost/predef/platform.h>
#include <boost/winapi/basic_types.hpp>
#if defined(BOOST_FILESYSTEM_HAS_BCRYPT) // defined on the command line by the project
#include <boost/winapi/error_codes.hpp>
#include <boost/winapi/bcrypt.hpp>
#if !defined(BOOST_FILESYSTEM_NO_DEPRECATED) && defined(_MSC_VER)
#pragma comment(lib, "bcrypt.lib")
#endif // !defined(BOOST_FILESYSTEM_NO_DEPRECATED) && defined(_MSC_VER)
#else // defined(BOOST_FILESYSTEM_HAS_BCRYPT)
#include <boost/winapi/crypt.hpp>
#include <boost/winapi/get_last_error.hpp>
#if !defined(BOOST_FILESYSTEM_NO_DEPRECATED) && defined(_MSC_VER)
#if !defined(_WIN32_WCE)
#pragma comment(lib, "advapi32.lib")
#else
#pragma comment(lib, "coredll.lib")
#endif
#endif // !defined(BOOST_FILESYSTEM_NO_DEPRECATED) && defined(_MSC_VER)
#endif // defined(BOOST_FILESYSTEM_HAS_BCRYPT)
#endif // BOOST_POSIX_API
#include <cstddef>
#include <boost/filesystem/config.hpp>
#include <boost/filesystem/operations.hpp>
#include "private_config.hpp"
#include "atomic_tools.hpp"
#include "error_handling.hpp"
#include <boost/filesystem/detail/header.hpp> // must be the last #include
#if defined(BOOST_POSIX_API)
// At least Mac OS X 10.6 and older doesn't support O_CLOEXEC
#ifndef O_CLOEXEC
#define O_CLOEXEC 0
#endif
#endif // defined(BOOST_POSIX_API)
namespace boost {
namespace filesystem {
namespace detail {
namespace {
#if defined(BOOST_POSIX_API) && !defined(BOOST_FILESYSTEM_HAS_ARC4RANDOM)
//! Fills buffer with cryptographically random data obtained from /dev/(u)random
int fill_random_dev_random(void* buf, std::size_t len)
{
boost::scope::unique_fd file;
while (true)
{
file.reset(::open("/dev/urandom", O_RDONLY | O_CLOEXEC));
if (!file)
{
if (errno == EINTR)
continue;
}
break;
}
if (!file)
{
while (true)
{
file.reset(::open("/dev/random", O_RDONLY | O_CLOEXEC));
if (!file)
{
const int err = errno;
if (err == EINTR)
continue;
return err;
}
break;
}
}
std::size_t bytes_read = 0u;
while (bytes_read < len)
{
ssize_t n = ::read(file.get(), buf, len - bytes_read);
if (BOOST_UNLIKELY(n < 0))
{
const int err = errno;
if (err == EINTR)
continue;
return err;
}
bytes_read += n;
buf = static_cast< char* >(buf) + n;
}
return 0;
}
#if defined(BOOST_FILESYSTEM_HAS_GETRANDOM) || defined(BOOST_FILESYSTEM_HAS_GETRANDOM_SYSCALL)
typedef int fill_random_t(void* buf, std::size_t len);
//! Pointer to the implementation of fill_random.
fill_random_t* fill_random = &fill_random_dev_random;
//! Fills buffer with cryptographically random data obtained from getrandom()
int fill_random_getrandom(void* buf, std::size_t len)
{
std::size_t bytes_read = 0u;
while (bytes_read < len)
{
#if defined(BOOST_FILESYSTEM_HAS_GETRANDOM)
ssize_t n = ::getrandom(buf, len - bytes_read, 0u);
#else
ssize_t n = ::syscall(SYS_getrandom, buf, len - bytes_read, 0u);
#endif
if (BOOST_UNLIKELY(n < 0))
{
const int err = errno;
if (err == EINTR)
continue;
if (err == ENOSYS && bytes_read == 0u)
{
filesystem::detail::atomic_store_relaxed(fill_random, &fill_random_dev_random);
return fill_random_dev_random(buf, len);
}
return err;
}
bytes_read += n;
buf = static_cast< char* >(buf) + n;
}
return 0;
}
#endif // defined(BOOST_FILESYSTEM_HAS_GETRANDOM) || defined(BOOST_FILESYSTEM_HAS_GETRANDOM_SYSCALL)
#endif // defined(BOOST_POSIX_API) && !defined(BOOST_FILESYSTEM_HAS_ARC4RANDOM)
void system_crypt_random(void* buf, std::size_t len, boost::system::error_code* ec)
{
#if defined(BOOST_POSIX_API)
#if defined(BOOST_FILESYSTEM_HAS_GETRANDOM) || defined(BOOST_FILESYSTEM_HAS_GETRANDOM_SYSCALL)
int err = filesystem::detail::atomic_load_relaxed(fill_random)(buf, len);
if (BOOST_UNLIKELY(err != 0))
emit_error(err, ec, "boost::filesystem::unique_path");
#elif defined(BOOST_FILESYSTEM_HAS_ARC4RANDOM)
arc4random_buf(buf, len);
#else
int err = fill_random_dev_random(buf, len);
if (BOOST_UNLIKELY(err != 0))
emit_error(err, ec, "boost::filesystem::unique_path");
#endif
#else // defined(BOOST_POSIX_API)
#if defined(BOOST_FILESYSTEM_HAS_BCRYPT)
boost::winapi::BCRYPT_ALG_HANDLE_ handle;
boost::winapi::NTSTATUS_ status = boost::winapi::BCryptOpenAlgorithmProvider(&handle, boost::winapi::BCRYPT_RNG_ALGORITHM_, nullptr, 0);
if (BOOST_UNLIKELY(status != 0))
{
fail:
emit_error(translate_ntstatus(status), ec, "boost::filesystem::unique_path");
return;
}
status = boost::winapi::BCryptGenRandom(handle, static_cast< boost::winapi::PUCHAR_ >(buf), static_cast< boost::winapi::ULONG_ >(len), 0);
boost::winapi::BCryptCloseAlgorithmProvider(handle, 0);
if (BOOST_UNLIKELY(status != 0))
goto fail;
#else // defined(BOOST_FILESYSTEM_HAS_BCRYPT)
boost::winapi::HCRYPTPROV_ handle;
boost::winapi::DWORD_ err = 0u;
if (BOOST_UNLIKELY(!boost::winapi::CryptAcquireContextW(&handle, nullptr, nullptr, boost::winapi::PROV_RSA_FULL_, boost::winapi::CRYPT_VERIFYCONTEXT_ | boost::winapi::CRYPT_SILENT_)))
{
err = boost::winapi::GetLastError();
fail:
emit_error(err, ec, "boost::filesystem::unique_path");
return;
}
boost::winapi::BOOL_ gen_ok = boost::winapi::CryptGenRandom(handle, static_cast< boost::winapi::DWORD_ >(len), static_cast< boost::winapi::BYTE_* >(buf));
if (BOOST_UNLIKELY(!gen_ok))
err = boost::winapi::GetLastError();
boost::winapi::CryptReleaseContext(handle, 0);
if (BOOST_UNLIKELY(!gen_ok))
goto fail;
#endif // defined(BOOST_FILESYSTEM_HAS_BCRYPT)
#endif // defined(BOOST_POSIX_API)
}
#ifdef BOOST_WINDOWS_API
BOOST_CONSTEXPR_OR_CONST wchar_t hex[] = L"0123456789abcdef";
BOOST_CONSTEXPR_OR_CONST wchar_t percent = L'%';
#else
BOOST_CONSTEXPR_OR_CONST char hex[] = "0123456789abcdef";
BOOST_CONSTEXPR_OR_CONST char percent = '%';
#endif
} // unnamed namespace
#if defined(linux) || defined(__linux) || defined(__linux__)
//! Initializes fill_random implementation pointer
void init_fill_random_impl(unsigned int major_ver, unsigned int minor_ver, unsigned int patch_ver)
{
#if defined(BOOST_FILESYSTEM_HAS_INIT_PRIORITY) && \
(defined(BOOST_FILESYSTEM_HAS_GETRANDOM) || defined(BOOST_FILESYSTEM_HAS_GETRANDOM_SYSCALL))
fill_random_t* fr = &fill_random_dev_random;
if (major_ver > 3u || (major_ver == 3u && minor_ver >= 17u))
fr = &fill_random_getrandom;
filesystem::detail::atomic_store_relaxed(fill_random, fr);
#endif
}
#endif // defined(linux) || defined(__linux) || defined(__linux__)
BOOST_FILESYSTEM_DECL
path unique_path(path const& model, system::error_code* ec)
{
// This function used wstring for fear of misidentifying
// a part of a multibyte character as a percent sign.
// However, double byte encodings only have 80-FF as lead
// bytes and 40-7F as trailing bytes, whereas % is 25.
// So, use string on POSIX and avoid conversions.
path::string_type s(model.native());
char ran[16] = {}; // init to avoid clang static analyzer message
// see ticket #8954
BOOST_CONSTEXPR_OR_CONST unsigned int max_nibbles = 2u * sizeof(ran); // 4-bits per nibble
unsigned int nibbles_used = max_nibbles;
for (path::string_type::size_type i = 0, n = s.size(); i < n; ++i)
{
if (s[i] == percent) // digit request
{
if (nibbles_used == max_nibbles)
{
system_crypt_random(ran, sizeof(ran), ec);
if (ec && *ec)
return path();
nibbles_used = 0;
}
unsigned int c = ran[nibbles_used / 2u];
c >>= 4u * (nibbles_used++ & 1u); // if odd, shift right 1 nibble
s[i] = hex[c & 0xf]; // convert to hex digit and replace
}
}
if (ec)
ec->clear();
return s;
}
} // namespace detail
} // namespace filesystem
} // namespace boost
#include <boost/filesystem/detail/footer.hpp>
|