X-Git-Url: https://wimlib.net/git/?a=blobdiff_plain;f=src%2Fwin32_apply.c;h=d744268613f9db1ed08c357bc3dd3f84676d13e1;hb=ca0419160ac10e3bb3836a01d53a9960105dc608;hp=9135a7db690839f714d27c7de8db635bde0af7e7;hpb=0cf4f7d1cc404113224c15cc13662acf742f2bf4;p=wimlib diff --git a/src/win32_apply.c b/src/win32_apply.c index 9135a7db..d7442686 100644 --- a/src/win32_apply.c +++ b/src/win32_apply.c @@ -3,7 +3,7 @@ */ /* - * Copyright (C) 2013 Eric Biggers + * Copyright (C) 2013, 2014 Eric Biggers * * This file is part of wimlib, a library for working with WIM files. * @@ -30,14 +30,13 @@ #include "wimlib/win32_common.h" #include "wimlib/apply.h" -#include "wimlib/capture.h" /* for mangle_pat() */ +#include "wimlib/capture.h" /* for mangle_pat() and match_pattern_list() */ #include "wimlib/dentry.h" #include "wimlib/error.h" #include "wimlib/lookup_table.h" #include "wimlib/resource.h" #include "wimlib/textfile.h" #include "wimlib/xml.h" -#include "wimlib/wildcard.h" #include "wimlib/wim.h" #include "wimlib/wimboot.h" @@ -130,7 +129,6 @@ in_prepopulate_list(struct wim_dentry *dentry, struct apply_ctx *ctx) { struct string_set *pats; const tchar *path; - size_t path_nchars; pats = get_private_data(ctx)->prepopulate_pats; if (!pats || !pats->num_strings) @@ -140,14 +138,7 @@ in_prepopulate_list(struct wim_dentry *dentry, struct apply_ctx *ctx) if (!path) return false; - path_nchars = tstrlen(path); - - for (size_t i = 0; i < pats->num_strings; i++) - if (match_path(path, path_nchars, pats->strings[i], - OS_PREFERRED_PATH_SEPARATOR, true)) - return true; - - return false; + return match_pattern_list(path, tstrlen(path), pats); } static int @@ -156,6 +147,125 @@ hash_lookup_table(WIMStruct *wim, u8 hash[SHA1_HASH_SIZE]) return wim_reshdr_to_hash(&wim->hdr.lookup_table_reshdr, wim, hash); } +/* Given a Windows-style path, return the number of characters of the prefix + * that specify the path to the root directory of a drive, or return 0 if the + * drive is relative (or at least on the current drive, in the case of + * absolute-but-not-really-absolute paths like \Windows\System32) */ +static size_t +win32_path_drive_spec_len(const wchar_t *path) +{ + size_t n = 0; + + if (!wcsncmp(path, L"\\\\?\\", 4)) { + /* \\?\-prefixed path. Check for following drive letter and + * path separator. */ + if (path[4] != L'\0' && path[5] == L':' && + is_any_path_separator(path[6])) + n = 7; + } else { + /* Not a \\?\-prefixed path. Check for an initial drive letter + * and path separator. */ + if (path[0] != L'\0' && path[1] == L':' && + is_any_path_separator(path[2])) + n = 3; + } + /* Include any additional path separators.*/ + if (n > 0) + while (is_any_path_separator(path[n])) + n++; + return n; +} + +static bool +win32_path_is_root_of_drive(const wchar_t *path) +{ + size_t drive_spec_len; + wchar_t full_path[32768]; + DWORD ret; + + ret = GetFullPathName(path, ARRAY_LEN(full_path), full_path, NULL); + if (ret > 0 && ret < ARRAY_LEN(full_path)) + path = full_path; + + /* Explicit drive letter and path separator? */ + drive_spec_len = win32_path_drive_spec_len(path); + if (drive_spec_len > 0 && path[drive_spec_len] == L'\0') + return true; + + /* All path separators? */ + for (const wchar_t *p = path; *p != L'\0'; p++) + if (!is_any_path_separator(*p)) + return false; + return true; +} + +/* Given a path, which may not yet exist, get a set of flags that describe the + * features of the volume the path is on. */ +static int +win32_get_vol_flags(const wchar_t *path, unsigned *vol_flags_ret, + bool *supports_SetFileShortName_ret) +{ + wchar_t *volume; + BOOL bret; + DWORD vol_flags; + size_t drive_spec_len; + wchar_t filesystem_name[MAX_PATH + 1]; + + if (supports_SetFileShortName_ret) + *supports_SetFileShortName_ret = false; + + drive_spec_len = win32_path_drive_spec_len(path); + + if (drive_spec_len == 0) + if (path[0] != L'\0' && path[1] == L':') /* Drive-relative path? */ + drive_spec_len = 2; + + if (drive_spec_len == 0) { + /* Path does not start with a drive letter; use the volume of + * the current working directory. */ + volume = NULL; + } else { + /* Path starts with a drive letter (or \\?\ followed by a drive + * letter); use it. */ + volume = alloca((drive_spec_len + 2) * sizeof(wchar_t)); + wmemcpy(volume, path, drive_spec_len); + /* Add trailing backslash in case this was a drive-relative + * path. */ + volume[drive_spec_len] = L'\\'; + volume[drive_spec_len + 1] = L'\0'; + } + bret = GetVolumeInformation( + volume, /* lpRootPathName */ + NULL, /* lpVolumeNameBuffer */ + 0, /* nVolumeNameSize */ + NULL, /* lpVolumeSerialNumber */ + NULL, /* lpMaximumComponentLength */ + &vol_flags, /* lpFileSystemFlags */ + filesystem_name, /* lpFileSystemNameBuffer */ + ARRAY_LEN(filesystem_name)); /* nFileSystemNameSize */ + if (!bret) { + set_errno_from_GetLastError(); + WARNING_WITH_ERRNO("Failed to get volume information for " + "path \"%ls\"", path); + vol_flags = 0xffffffff; + goto out; + } + + if (wcsstr(filesystem_name, L"NTFS")) { + /* FILE_SUPPORTS_HARD_LINKS is only supported on Windows 7 and later. + * Force it on anyway if filesystem is NTFS. */ + vol_flags |= FILE_SUPPORTS_HARD_LINKS; + + if (supports_SetFileShortName_ret) + *supports_SetFileShortName_ret = true; + } + +out: + DEBUG("using vol_flags = %x", vol_flags); + *vol_flags_ret = vol_flags; + return 0; +} + static int win32_start_extract(const wchar_t *path, struct apply_ctx *ctx) { @@ -193,7 +303,7 @@ win32_start_extract(const wchar_t *path, struct apply_ctx *ctx) if (vol_flags & FILE_SUPPORTS_REPARSE_POINTS) { ctx->supported_features.reparse_points = 1; - if (win32func_CreateSymbolicLinkW) + if (func_CreateSymbolicLinkW) ctx->supported_features.symlink_reparse_points = 1; } @@ -348,12 +458,12 @@ static int win32_create_symlink(const wchar_t *oldpath, const wchar_t *newpath, struct apply_ctx *ctx) { - if (!(*win32func_CreateSymbolicLinkW)(newpath, oldpath, 0)) { + if (!(*func_CreateSymbolicLinkW)(newpath, oldpath, 0)) { if (GetLastError() != ERROR_ALREADY_EXISTS) goto error; if (!win32_delete_file_wrapper(newpath)) goto error; - if (!(*win32func_CreateSymbolicLinkW)(newpath, oldpath, 0)) + if (!(*func_CreateSymbolicLinkW)(newpath, oldpath, 0)) goto error; } return 0; @@ -402,23 +512,48 @@ win32_extract_stream(const wchar_t *path, const wchar_t *stream_name, creationDisposition, FILE_FLAG_BACKUP_SEMANTICS | FILE_FLAG_OPEN_REPARSE_POINT, NULL); - if (h == INVALID_HANDLE_VALUE) - goto error; + if (h == INVALID_HANDLE_VALUE) { + set_errno_from_GetLastError(); + ret = WIMLIB_ERR_OPEN; + goto out; + } - ret = 0; - if (!lte) + if (!lte) { + ret = 0; goto out_close_handle; + } + + if (!SetFilePointerEx(h, + (LARGE_INTEGER) { .QuadPart = lte->size}, + NULL, + FILE_BEGIN)) + goto write_error; + + if (!SetEndOfFile(h)) + goto write_error; + + if (!SetFilePointerEx(h, + (LARGE_INTEGER) { .QuadPart = 0}, + NULL, + FILE_BEGIN)) + goto write_error; + ret = extract_stream(lte, lte->size, win32_extract_wim_chunk, h); -out_close_handle: - if (!CloseHandle(h)) - goto error; - if (ret && !errno) - errno = -1; - return ret; + goto out_close_handle; -error: +write_error: set_errno_from_GetLastError(); - return WIMLIB_ERR_WRITE; + ret = WIMLIB_ERR_WRITE; + +out_close_handle: + if (!CloseHandle(h)) { + if (!ret) { + set_errno_from_GetLastError(); + ret = WIMLIB_ERR_WRITE; + } + } +out: + return ret; } static int @@ -705,23 +840,6 @@ error: return WIMLIB_ERR_WRITE; /* XXX: need better error code */ } -static DWORD -do_win32_set_security_descriptor(HANDLE h, const wchar_t *path, - SECURITY_INFORMATION info, - PSECURITY_DESCRIPTOR desc) -{ -#ifdef WITH_NTDLL - if (func_NtSetSecurityObject) { - return (*func_RtlNtStatusToDosError)( - (*func_NtSetSecurityObject)(h, info, desc)); - } -#endif - if (SetFileSecurity(path, info, desc)) - return ERROR_SUCCESS; - else - return GetLastError(); -} - /* * Set an arbitrary security descriptor on an arbitrary file (or directory), * working around bugs and design flaws in the Windows operating system. @@ -736,7 +854,9 @@ win32_set_security_descriptor(const wchar_t *path, const u8 *desc, size_t desc_size, struct apply_ctx *ctx) { SECURITY_INFORMATION info; + DWORD dwDesiredAccess; HANDLE h; + DWORD status; int ret; /* We really just want to set entire the security descriptor as-is, but @@ -748,8 +868,6 @@ win32_set_security_descriptor(const wchar_t *path, const u8 *desc, info = OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION; - h = INVALID_HANDLE_VALUE; - /* Prefer NtSetSecurityObject() to SetFileSecurity(). SetFileSecurity() * itself necessarily uses NtSetSecurityObject() as the latter is the * underlying system call for setting security information, but @@ -759,83 +877,69 @@ win32_set_security_descriptor(const wchar_t *path, const u8 *desc, * Administrator can have access denied. (Of course, this not mentioned * in the MS "documentation".) */ -#ifdef WITH_NTDLL - if (func_NtSetSecurityObject) { - DWORD dwDesiredAccess; - - /* Open a handle for NtSetSecurityObject() with as many relevant - * access rights as possible. - * - * We don't know which rights will be actually granted. It - * could be less than what is needed to actually assign the full - * security descriptor, especially if the process is running as - * a non-Administrator. However, by default we just do the best - * we can, unless WIMLIB_EXTRACT_FLAG_STRICT_ACLS has been - * enabled. The MAXIMUM_ALLOWED access right is seemingly - * designed for this use case; however, it does not work - * properly in all cases: it can cause CreateFile() to fail with - * ERROR_ACCESS_DENIED, even though by definition - * MAXIMUM_ALLOWED access only requests access rights that are - * *not* denied. (Needless to say, MS does not document this - * bug.) */ - - dwDesiredAccess = WRITE_DAC | - WRITE_OWNER | - ACCESS_SYSTEM_SECURITY; - for (;;) { - DWORD err; - - h = win32_open_existing_file(path, dwDesiredAccess); - if (h != INVALID_HANDLE_VALUE) - break; - err = GetLastError(); - if (err == ERROR_ACCESS_DENIED || - err == ERROR_PRIVILEGE_NOT_HELD) - { - /* Don't increment partial_security_descriptors - * here or check WIMLIB_EXTRACT_FLAG_STRICT_ACLS - * here. It will be done later if needed; here - * we are just trying to get as many relevant - * access rights as possible. */ - if (dwDesiredAccess & ACCESS_SYSTEM_SECURITY) { - dwDesiredAccess &= ~ACCESS_SYSTEM_SECURITY; - continue; - } - if (dwDesiredAccess & WRITE_DAC) { - dwDesiredAccess &= ~WRITE_DAC; - continue; - } - if (dwDesiredAccess & WRITE_OWNER) { - dwDesiredAccess &= ~WRITE_OWNER; - continue; - } + /* Open a handle for NtSetSecurityObject() with as many relevant + * access rights as possible. + * + * We don't know which rights will be actually granted. It + * could be less than what is needed to actually assign the full + * security descriptor, especially if the process is running as + * a non-Administrator. However, by default we just do the best + * we can, unless WIMLIB_EXTRACT_FLAG_STRICT_ACLS has been + * enabled. The MAXIMUM_ALLOWED access right is seemingly + * designed for this use case; however, it does not work + * properly in all cases: it can cause CreateFile() to fail with + * ERROR_ACCESS_DENIED, even though by definition + * MAXIMUM_ALLOWED access only requests access rights that are + * *not* denied. (Needless to say, MS does not document this + * bug.) */ + + dwDesiredAccess = WRITE_DAC | WRITE_OWNER | ACCESS_SYSTEM_SECURITY; + while ((h = win32_open_existing_file(path, + dwDesiredAccess)) == INVALID_HANDLE_VALUE) + { + DWORD err; + + err = GetLastError(); + if (err == ERROR_ACCESS_DENIED || + err == ERROR_PRIVILEGE_NOT_HELD) + { + /* Don't increment partial_security_descriptors + * here or check WIMLIB_EXTRACT_FLAG_STRICT_ACLS + * here. It will be done later if needed; here + * we are just trying to get as many relevant + * access rights as possible. */ + if (dwDesiredAccess & ACCESS_SYSTEM_SECURITY) { + dwDesiredAccess &= ~ACCESS_SYSTEM_SECURITY; + continue; + } + if (dwDesiredAccess & WRITE_DAC) { + dwDesiredAccess &= ~WRITE_DAC; + continue; + } + if (dwDesiredAccess & WRITE_OWNER) { + dwDesiredAccess &= ~WRITE_OWNER; + continue; } - /* Other error, or couldn't open the file even with no - * access rights specified. Something else must be - * wrong. */ - set_errno_from_win32_error(err); - return WIMLIB_ERR_SET_SECURITY; } + /* Other error, or couldn't open the file even with no + * access rights specified. Something else must be + * wrong. */ + set_errno_from_win32_error(err); + return WIMLIB_ERR_SET_SECURITY; } -#endif /* Try setting the security descriptor. */ - for (;;) { - DWORD err; - - err = do_win32_set_security_descriptor(h, path, info, - (PSECURITY_DESCRIPTOR)desc); - if (err == ERROR_SUCCESS) { - ret = 0; - break; - } - + ret = 0; + while (!(NT_SUCCESS(status = (*func_NtSetSecurityObject)(h, + info, + (PSECURITY_DESCRIPTOR)desc)))) + { /* Failed to set the requested parts of the security descriptor. * If the error was permissions-related, try to set fewer parts * of the security descriptor, unless * WIMLIB_EXTRACT_FLAG_STRICT_ACLS is enabled. */ - if ((err == ERROR_PRIVILEGE_NOT_HELD || - err == ERROR_ACCESS_DENIED) && + if ((status == STATUS_PRIVILEGE_NOT_HELD || + status == STATUS_ACCESS_DENIED) && !(ctx->extract_flags & WIMLIB_EXTRACT_FLAG_STRICT_ACLS)) { if (info & SACL_SECURITY_INFORMATION) { @@ -859,16 +963,13 @@ win32_set_security_descriptor(const wchar_t *path, const u8 *desc, * security descriptor could not be set. */ if (!(info & SACL_SECURITY_INFORMATION)) ctx->partial_security_descriptors--; - set_errno_from_win32_error(err); + set_errno_from_nt_status(status); ret = WIMLIB_ERR_SET_SECURITY; break; } /* Close handle opened for NtSetSecurityObject(). */ -#ifdef WITH_NTDLL - if (func_NtSetSecurityObject) - CloseHandle(h); -#endif + CloseHandle(h); return ret; }