realpath(): Properly fail "." or ".." components after non-directories.

If realpath() is called on pathnames like "/dev/null/." or "/dev/null/..", it should fail with [ENOTDIR]. Pathnames like "/dev/null/" already failed as they should. Also, put the check for non-directories after lstatting the previous component instead of when the empty component (consecutive or trailing slashes) is detected, saving an lstat() call and some lines of code. PR: kern/82980 MFC after: 2 weeks
2026-06-08 16:22:46 -04:00 · 2014-04-13 19:48:28 +00:00 · 2014-04-13 19:48:28 +00:00 · 310c8f3c99
commit 310c8f3c99
parent 48a098e360
1 changed files with 6 additions and 20 deletions
--- a/lib/libc/stdlib/realpath.c
+++ b/lib/libc/stdlib/realpath.c
@ -132,26 +132,7 @@ realpath(const char * __restrict path, char * __restrict resolved)
 			resolved[resolved_len] = '\0';
 		}
 		if (next_token[0] == '\0') {
-			/*
-			 * Handle consequential slashes.  The path
-			 * before slash shall point to a directory.
-			 *
-			 * Only the trailing slashes are not covered
-			 * by other checks in the loop, but we verify
-			 * the prefix for any (rare) "//" or "/\0"
-			 * occurrence to not implement lookahead.
-			 */
-			if (lstat(resolved, &sb) != 0) {
-				if (m)
-					free(resolved);
-				return (NULL);
-			}
-			if (!S_ISDIR(sb.st_mode)) {
-				if (m)
-					free(resolved);
-				errno = ENOTDIR;
-				return (NULL);
-			}
+			/* Handle consequential slashes. */
 			continue;
 		}
 		else if (strcmp(next_token, ".") == 0)
@ -236,6 +217,11 @@ realpath(const char * __restrict path, char * __restrict resolved)
 				}
 			}
 			left_len = strlcpy(left, symlink, sizeof(left));
+		} else if (!S_ISDIR(sb.st_mode) && p != NULL) {
+			if (m)
+				free(resolved);
+			errno = ENOTDIR;
+			return (NULL);
 		}
 	}