Commit | Line | Data |
---|---|---|
2f1de3dd CW |
1 | /* update-game-score.c --- Update a score file |
2 | Copyright (C) 2002 Free Software Foundation, Inc. | |
3 | ||
4 | This file is part of GNU Emacs. | |
5 | ||
6 | GNU Emacs is free software; you can redistribute it and/or modify | |
7 | it under the terms of the GNU General Public License as published by | |
8 | the Free Software Foundation; either version 2, or (at your option) | |
9 | any later version. | |
10 | ||
11 | GNU Emacs is distributed in the hope that it will be useful, | |
12 | but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
14 | GNU General Public License for more details. | |
15 | ||
16 | You should have received a copy of the GNU General Public License | |
17 | along with GNU Emacs; see the file COPYING. If not, write to | |
18 | the Free Software Foundation, Inc., 59 Temple Place - Suite 330, | |
19 | Boston, MA 02111-1307, USA. */ | |
20 | ||
21 | /* This program is allows a game to securely and atomically update a | |
8eec804f CW |
22 | score file. It should be installed setuid, owned by an appropriate |
23 | user like `games'. | |
24 | ||
25 | Alternatively, it can be compiled without HAVE_SHARED_GAME_DIR | |
26 | defined, and in that case it will store scores in the user's home | |
27 | directory (it should NOT be setuid). | |
2f1de3dd CW |
28 | |
29 | Created 2002/03/22, by Colin Walters <walters@debian.org> | |
30 | */ | |
31 | ||
c42d6dbd EZ |
32 | #include <config.h> |
33 | ||
5b400482 | 34 | #ifdef HAVE_UNISTD_H |
2f1de3dd | 35 | #include <unistd.h> |
5b400482 | 36 | #endif |
2f1de3dd | 37 | #include <errno.h> |
5b400482 | 38 | #ifdef HAVE_STRING_H |
2f1de3dd | 39 | #include <string.h> |
5b400482 DL |
40 | #endif |
41 | #ifdef HAVE_STDLIB_H | |
2f1de3dd | 42 | #include <stdlib.h> |
5b400482 | 43 | #endif |
2f1de3dd CW |
44 | #include <stdio.h> |
45 | #include <time.h> | |
cd553ffb | 46 | #include <pwd.h> |
2f1de3dd | 47 | #include <ctype.h> |
5b400482 | 48 | #ifdef HAVE_FCNTL_H |
2f1de3dd | 49 | #include <fcntl.h> |
5b400482 DL |
50 | #endif |
51 | #ifdef STDC_HEADERS | |
8eec804f | 52 | #include <stdarg.h> |
5b400482 | 53 | #endif |
2f1de3dd | 54 | #include <sys/stat.h> |
2f1de3dd | 55 | |
5b400482 DL |
56 | /* Needed for SunOS4, for instance. */ |
57 | extern char *optarg; | |
58 | extern int optind, opterr; | |
59 | ||
2f1de3dd | 60 | #define MAX_ATTEMPTS 5 |
8eec804f CW |
61 | #define MAX_SCORES 200 |
62 | #define MAX_DATA_LEN 1024 | |
5795b420 | 63 | |
cf398788 CW |
64 | /* Declare the prototype for a general external function. */ |
65 | #if defined (PROTOTYPES) || defined (WINDOWSNT) | |
66 | #define P_(proto) proto | |
67 | #else | |
68 | #define P_(proto) () | |
69 | #endif | |
70 | ||
2f1de3dd | 71 | int |
a5d107f3 | 72 | usage (err) |
cf398788 | 73 | int err; |
2f1de3dd | 74 | { |
a5d107f3 RS |
75 | fprintf (stdout, "Usage: update-game-score [-m MAX ] [ -r ] game/scorefile SCORE DATA\n"); |
76 | fprintf (stdout, " update-game-score -h\n"); | |
77 | fprintf (stdout, " -h\t\tDisplay this help.\n"); | |
78 | fprintf (stdout, " -m MAX\t\tLimit the maximum number of scores to MAX.\n"); | |
79 | fprintf (stdout, " -r\t\tSort the scores in increasing order.\n"); | |
80 | fprintf (stdout, " -d DIR\t\tStore scores in DIR (only if not setuid).\n"); | |
81 | exit (err); | |
2f1de3dd CW |
82 | } |
83 | ||
a5d107f3 RS |
84 | int lock_file P_ ((const char *filename, void **state)); |
85 | int unlock_file P_ ((const char *filename, void *state)); | |
2f1de3dd CW |
86 | |
87 | struct score_entry | |
88 | { | |
89 | long score; | |
cd553ffb | 90 | char *username; |
2f1de3dd CW |
91 | char *data; |
92 | }; | |
93 | ||
a5d107f3 RS |
94 | int read_scores P_ ((const char *filename, struct score_entry **scores, |
95 | int *count)); | |
96 | int push_score P_ ((struct score_entry **scores, int *count, | |
97 | int newscore, char *username, char *newdata)); | |
98 | void sort_scores P_ ((struct score_entry *scores, int count, int reverse)); | |
99 | int write_scores P_ ((const char *filename, const struct score_entry *scores, | |
100 | int count)); | |
cf398788 | 101 | |
a5d107f3 | 102 | void lose P_ ((const char *msg)) NO_RETURN; |
cf398788 | 103 | |
a5d107f3 RS |
104 | void |
105 | lose (msg) | |
cf398788 CW |
106 | const char *msg; |
107 | { | |
a5d107f3 RS |
108 | fprintf (stderr, "%s\n", msg); |
109 | exit (1); | |
cf398788 | 110 | } |
2f1de3dd | 111 | |
a5d107f3 | 112 | void lose_syserr P_ ((const char *msg)) NO_RETURN; |
d99fabf0 | 113 | |
a5d107f3 RS |
114 | void |
115 | lose_syserr (msg) | |
cf398788 | 116 | const char *msg; |
d99fabf0 | 117 | { |
a5d107f3 RS |
118 | fprintf (stderr, "%s: %s\n", msg, strerror (errno)); |
119 | exit (1); | |
d99fabf0 CW |
120 | } |
121 | ||
cd553ffb | 122 | char * |
5b400482 | 123 | get_user_id P_ ((void)) |
cd553ffb CW |
124 | { |
125 | char *name; | |
a5d107f3 | 126 | struct passwd *buf = getpwuid (getuid ()); |
cd553ffb CW |
127 | if (!buf) |
128 | { | |
129 | int count = 1; | |
a5d107f3 | 130 | int uid = (int) getuid (); |
8eec804f CW |
131 | int tuid = uid; |
132 | while (tuid /= 10) | |
cd553ffb | 133 | count++; |
a5d107f3 | 134 | name = malloc (count+1); |
d99fabf0 CW |
135 | if (!name) |
136 | return NULL; | |
a5d107f3 | 137 | sprintf (name, "%d", uid); |
cd553ffb CW |
138 | return name; |
139 | } | |
140 | return buf->pw_name; | |
141 | } | |
142 | ||
5795b420 | 143 | char * |
a5d107f3 | 144 | get_prefix (running_suid, user_prefix) |
cf398788 CW |
145 | int running_suid; |
146 | char *user_prefix; | |
8eec804f | 147 | { |
d99fabf0 | 148 | if (!running_suid && user_prefix == NULL) |
a5d107f3 | 149 | lose ("Not using a shared game directory, and no prefix given."); |
d99fabf0 CW |
150 | if (running_suid) |
151 | { | |
152 | #ifdef HAVE_SHARED_GAME_DIR | |
153 | return HAVE_SHARED_GAME_DIR; | |
154 | #else | |
a5d107f3 | 155 | lose ("This program was compiled without HAVE_SHARED_GAME_DIR,\n and should not be suid."); |
d99fabf0 CW |
156 | #endif |
157 | } | |
158 | return user_prefix; | |
8eec804f CW |
159 | } |
160 | ||
2f1de3dd | 161 | int |
a5d107f3 | 162 | main (argc, argv) |
cf398788 CW |
163 | int argc; |
164 | char **argv; | |
2f1de3dd | 165 | { |
d99fabf0 | 166 | int c, running_suid; |
2f1de3dd | 167 | void *lockstate; |
d99fabf0 | 168 | char *user_id, *scorefile, *prefix, *user_prefix = NULL; |
2f1de3dd CW |
169 | struct stat buf; |
170 | struct score_entry *scores; | |
8eec804f | 171 | int newscore, scorecount, reverse = 0, max = MAX_SCORES; |
2f1de3dd CW |
172 | char *newdata; |
173 | ||
a5d107f3 | 174 | srand (time (0)); |
2f1de3dd | 175 | |
a5d107f3 | 176 | while ((c = getopt (argc, argv, "hrm:d:")) != -1) |
2f1de3dd CW |
177 | switch (c) |
178 | { | |
179 | case 'h': | |
a5d107f3 | 180 | usage (0); |
2f1de3dd | 181 | break; |
d99fabf0 CW |
182 | case 'd': |
183 | user_prefix = optarg; | |
184 | break; | |
2f1de3dd CW |
185 | case 'r': |
186 | reverse = 1; | |
187 | break; | |
188 | case 'm': | |
a5d107f3 | 189 | max = atoi (optarg); |
8eec804f CW |
190 | if (max > MAX_SCORES) |
191 | max = MAX_SCORES; | |
2f1de3dd CW |
192 | break; |
193 | default: | |
a5d107f3 | 194 | usage (1); |
2f1de3dd CW |
195 | } |
196 | ||
197 | if (optind+3 != argc) | |
a5d107f3 | 198 | usage (1); |
5795b420 | 199 | |
a5d107f3 | 200 | running_suid = (getuid () != geteuid ()); |
5795b420 | 201 | |
a5d107f3 | 202 | prefix = get_prefix (running_suid, user_prefix); |
8eec804f | 203 | |
a5d107f3 | 204 | scorefile = malloc (strlen (prefix) + strlen (argv[optind]) + 2); |
2f1de3dd | 205 | if (!scorefile) |
a5d107f3 | 206 | lose_syserr ("Couldn't allocate score file"); |
8eec804f | 207 | |
a5d107f3 RS |
208 | strcpy (scorefile, prefix); |
209 | strcat (scorefile, "/"); | |
210 | strcat (scorefile, argv[optind]); | |
211 | newscore = atoi (argv[optind+1]); | |
2f1de3dd | 212 | newdata = argv[optind+2]; |
a5d107f3 | 213 | if (strlen (newdata) > MAX_DATA_LEN) |
8eec804f | 214 | newdata[MAX_DATA_LEN] = '\0'; |
d99fabf0 | 215 | |
00a7e408 RS |
216 | user_id = get_user_id (); |
217 | if (user_id == NULL) | |
a5d107f3 | 218 | lose_syserr ("Couldn't determine user id"); |
177c0ea7 | 219 | |
a5d107f3 RS |
220 | if (stat (scorefile, &buf) < 0) |
221 | lose_syserr ("Failed to access scores file"); | |
177c0ea7 | 222 | |
a5d107f3 RS |
223 | if (lock_file (scorefile, &lockstate) < 0) |
224 | lose_syserr ("Failed to lock scores file"); | |
177c0ea7 | 225 | |
a5d107f3 | 226 | if (read_scores (scorefile, &scores, &scorecount) < 0) |
2f1de3dd | 227 | { |
a5d107f3 RS |
228 | unlock_file (scorefile, lockstate); |
229 | lose_syserr ("Failed to read scores file"); | |
2f1de3dd | 230 | } |
a5d107f3 | 231 | push_score (&scores, &scorecount, newscore, user_id, newdata); |
8eec804f CW |
232 | /* Limit the number of scores. If we're using reverse sorting, then |
233 | we should increment the beginning of the array, to skip over the | |
234 | *smallest* scores. Otherwise, we just decrement the number of | |
235 | scores, since the smallest will be at the end. */ | |
236 | if (scorecount > MAX_SCORES) | |
237 | scorecount -= (scorecount - MAX_SCORES); | |
238 | if (reverse) | |
239 | scores += (scorecount - MAX_SCORES); | |
a5d107f3 RS |
240 | sort_scores (scores, scorecount, reverse); |
241 | if (write_scores (scorefile, scores, scorecount) < 0) | |
2f1de3dd | 242 | { |
a5d107f3 RS |
243 | unlock_file (scorefile, lockstate); |
244 | lose_syserr ("Failed to write scores file"); | |
2f1de3dd | 245 | } |
a5d107f3 RS |
246 | unlock_file (scorefile, lockstate); |
247 | exit (0); | |
2f1de3dd CW |
248 | } |
249 | ||
250 | int | |
a5d107f3 | 251 | read_score (f, score) |
cf398788 CW |
252 | FILE *f; |
253 | struct score_entry *score; | |
2f1de3dd CW |
254 | { |
255 | int c; | |
a5d107f3 | 256 | if (feof (f)) |
2f1de3dd | 257 | return 1; |
a5d107f3 RS |
258 | while ((c = getc (f)) != EOF |
259 | && isdigit (c)) | |
cd553ffb CW |
260 | { |
261 | score->score *= 10; | |
262 | score->score += (c-48); | |
263 | } | |
a5d107f3 RS |
264 | while ((c = getc (f)) != EOF |
265 | && isspace (c)) | |
cd553ffb CW |
266 | ; |
267 | if (c == EOF) | |
268 | return -1; | |
a5d107f3 | 269 | ungetc (c, f); |
cd553ffb CW |
270 | #ifdef HAVE_GETDELIM |
271 | { | |
7605f1bd | 272 | size_t count = 0; |
a5d107f3 | 273 | if (getdelim (&score->username, &count, ' ', f) < 1 |
cd553ffb CW |
274 | || score->username == NULL) |
275 | return -1; | |
1d4328ff | 276 | /* Trim the space */ |
a5d107f3 | 277 | score->username[strlen (score->username)-1] = '\0'; |
2f1de3dd | 278 | } |
cd553ffb CW |
279 | #else |
280 | { | |
281 | int unameread = 0; | |
282 | int unamelen = 30; | |
a5d107f3 | 283 | char *username = malloc (unamelen); |
f5bceaf8 CW |
284 | if (!username) |
285 | return -1; | |
177c0ea7 | 286 | |
a5d107f3 RS |
287 | while ((c = getc (f)) != EOF |
288 | && !isspace (c)) | |
cd553ffb | 289 | { |
8eec804f | 290 | if (unameread >= unamelen-1) |
a5d107f3 | 291 | if (!(username = realloc (username, unamelen *= 2))) |
8eec804f | 292 | return -1; |
cd553ffb CW |
293 | username[unameread] = c; |
294 | unameread++; | |
295 | } | |
177c0ea7 | 296 | if (c == EOF) |
f5bceaf8 CW |
297 | return -1; |
298 | username[unameread] = '\0'; | |
cd553ffb CW |
299 | score->username = username; |
300 | } | |
301 | #endif | |
2f1de3dd CW |
302 | #ifdef HAVE_GETLINE |
303 | score->data = NULL; | |
7605f1bd | 304 | errno = 0; |
2f1de3dd | 305 | { |
7605f1bd | 306 | size_t len; |
a5d107f3 | 307 | if (getline (&score->data, &len, f) < 0) |
2f1de3dd | 308 | return -1; |
a5d107f3 | 309 | score->data[strlen (score->data)-1] = '\0'; |
2f1de3dd CW |
310 | } |
311 | #else | |
cd553ffb CW |
312 | { |
313 | int cur = 0; | |
314 | int len = 16; | |
a5d107f3 | 315 | char *buf = malloc (len); |
cd553ffb CW |
316 | if (!buf) |
317 | return -1; | |
a5d107f3 | 318 | while ((c = getc (f)) != EOF |
f5bceaf8 | 319 | && c != '\n') |
cd553ffb CW |
320 | { |
321 | if (cur >= len-1) | |
322 | { | |
a5d107f3 | 323 | if (!(buf = realloc (buf, len *= 2))) |
cd553ffb CW |
324 | return -1; |
325 | } | |
326 | buf[cur] = c; | |
327 | cur++; | |
328 | } | |
329 | score->data = buf; | |
5795b420 | 330 | score->data[cur] = '\0'; |
cd553ffb | 331 | } |
2f1de3dd | 332 | #endif |
2f1de3dd CW |
333 | return 0; |
334 | } | |
335 | ||
336 | int | |
a5d107f3 | 337 | read_scores (filename, scores, count) |
cf398788 CW |
338 | const char *filename; |
339 | struct score_entry **scores; | |
340 | int *count; | |
2f1de3dd CW |
341 | { |
342 | int readval, scorecount, cursize; | |
343 | struct score_entry *ret; | |
a5d107f3 | 344 | FILE *f = fopen (filename, "r"); |
177c0ea7 | 345 | if (!f) |
2f1de3dd CW |
346 | return -1; |
347 | scorecount = 0; | |
348 | cursize = 16; | |
00a7e408 | 349 | ret = (struct score_entry *) malloc (sizeof (struct score_entry) * cursize); |
177c0ea7 | 350 | if (!ret) |
2f1de3dd | 351 | return -1; |
a5d107f3 | 352 | while ((readval = read_score (f, &ret[scorecount])) == 0) |
2f1de3dd CW |
353 | { |
354 | /* We encoutered an error */ | |
355 | if (readval < 0) | |
356 | return -1; | |
357 | scorecount++; | |
358 | if (scorecount >= cursize) | |
359 | { | |
ee435bae JB |
360 | cursize *= 2; |
361 | ret = (struct score_entry *) | |
362 | realloc (ret, (sizeof (struct score_entry) * cursize)); | |
2f1de3dd CW |
363 | if (!ret) |
364 | return -1; | |
365 | } | |
366 | } | |
367 | *count = scorecount; | |
368 | *scores = ret; | |
369 | return 0; | |
370 | } | |
371 | ||
372 | int | |
a5d107f3 | 373 | score_compare (a, b) |
cf398788 CW |
374 | const void *a; |
375 | const void *b; | |
2f1de3dd CW |
376 | { |
377 | const struct score_entry *sa = (const struct score_entry *) a; | |
378 | const struct score_entry *sb = (const struct score_entry *) b; | |
379 | return (sb->score > sa->score) - (sb->score < sa->score); | |
380 | } | |
381 | ||
382 | int | |
a5d107f3 | 383 | score_compare_reverse (a, b) |
cf398788 CW |
384 | const void *a; |
385 | const void *b; | |
2f1de3dd CW |
386 | { |
387 | const struct score_entry *sa = (const struct score_entry *) a; | |
388 | const struct score_entry *sb = (const struct score_entry *) b; | |
389 | return (sa->score > sb->score) - (sa->score < sb->score); | |
390 | } | |
391 | ||
392 | int | |
177c0ea7 | 393 | push_score (scores, count, newscore, username, newdata) |
cf398788 CW |
394 | struct score_entry **scores; |
395 | int *count; int newscore; | |
396 | char *username; | |
397 | char *newdata; | |
2f1de3dd | 398 | { |
a5d107f3 | 399 | struct score_entry *newscores |
00a7e408 RS |
400 | = (struct score_entry *) realloc (*scores, |
401 | sizeof (struct score_entry) * ((*count) + 1)); | |
2f1de3dd CW |
402 | if (!newscores) |
403 | return -1; | |
404 | newscores[*count].score = newscore; | |
cd553ffb | 405 | newscores[*count].username = username; |
2f1de3dd CW |
406 | newscores[*count].data = newdata; |
407 | (*count) += 1; | |
408 | *scores = newscores; | |
409 | return 0; | |
410 | } | |
177c0ea7 | 411 | |
2f1de3dd | 412 | void |
a5d107f3 | 413 | sort_scores (scores, count, reverse) |
cf398788 CW |
414 | struct score_entry *scores; |
415 | int count; | |
177c0ea7 | 416 | int reverse; |
2f1de3dd | 417 | { |
a5d107f3 | 418 | qsort (scores, count, sizeof (struct score_entry), |
2f1de3dd CW |
419 | reverse ? score_compare_reverse : score_compare); |
420 | } | |
421 | ||
422 | int | |
a5d107f3 | 423 | write_scores (filename, scores, count) |
cf398788 CW |
424 | const char *filename; |
425 | const struct score_entry * scores; | |
177c0ea7 | 426 | int count; |
2f1de3dd | 427 | { |
177c0ea7 | 428 | FILE *f; |
2f1de3dd | 429 | int i; |
a5d107f3 | 430 | char *tempfile = malloc (strlen (filename) + strlen (".tempXXXXXX") + 1); |
2f1de3dd CW |
431 | if (!tempfile) |
432 | return -1; | |
a5d107f3 RS |
433 | strcpy (tempfile, filename); |
434 | strcat (tempfile, ".tempXXXXXX"); | |
8eec804f | 435 | #ifdef HAVE_MKSTEMP |
a5d107f3 | 436 | if (mkstemp (tempfile) < 0 |
8eec804f | 437 | #else |
a5d107f3 | 438 | if (mktemp (tempfile) != tempfile |
8eec804f | 439 | #endif |
a5d107f3 | 440 | || !(f = fopen (tempfile, "w"))) |
2f1de3dd CW |
441 | return -1; |
442 | for (i = 0; i < count; i++) | |
a5d107f3 | 443 | if (fprintf (f, "%ld %s %s\n", scores[i].score, scores[i].username, |
cd553ffb | 444 | scores[i].data) < 0) |
2f1de3dd | 445 | return -1; |
a5d107f3 RS |
446 | fclose (f); |
447 | if (rename (tempfile, filename) < 0) | |
2f1de3dd | 448 | return -1; |
a5d107f3 | 449 | if (chmod (filename, 0644) < 0) |
2f1de3dd | 450 | return -1; |
8eec804f | 451 | return 0; |
2f1de3dd | 452 | } |
177c0ea7 | 453 | |
2f1de3dd | 454 | int |
a5d107f3 | 455 | lock_file (filename, state) |
cf398788 CW |
456 | const char *filename; |
457 | void **state; | |
2f1de3dd CW |
458 | { |
459 | int fd; | |
7c4f6873 | 460 | struct stat buf; |
2f1de3dd CW |
461 | int attempts = 0; |
462 | char *lockext = ".lockfile"; | |
a5d107f3 | 463 | char *lockpath = malloc (strlen (filename) + strlen (lockext) + 60); |
2f1de3dd CW |
464 | if (!lockpath) |
465 | return -1; | |
a5d107f3 RS |
466 | strcpy (lockpath, filename); |
467 | strcat (lockpath, lockext); | |
2f1de3dd CW |
468 | *state = lockpath; |
469 | trylock: | |
470 | attempts++; | |
7c4f6873 | 471 | /* If the lock is over an hour old, delete it. */ |
a5d107f3 RS |
472 | if (stat (lockpath, &buf) == 0 |
473 | && (difftime (buf.st_ctime, time (NULL) > 60*60))) | |
474 | unlink (lockpath); | |
00a7e408 RS |
475 | fd = open (lockpath, O_CREAT | O_EXCL, 0600); |
476 | if (fd < 0) | |
2f1de3dd CW |
477 | { |
478 | if (errno == EEXIST) | |
479 | { | |
480 | /* Break the lock; we won't corrupt the file, but we might | |
481 | lose some scores. */ | |
482 | if (attempts > MAX_ATTEMPTS) | |
7c4f6873 | 483 | { |
a5d107f3 | 484 | unlink (lockpath); |
7c4f6873 CW |
485 | attempts = 0; |
486 | } | |
a5d107f3 | 487 | sleep ((rand () % 2)+1); |
2f1de3dd CW |
488 | goto trylock; |
489 | } | |
490 | else | |
491 | return -1; | |
492 | } | |
a5d107f3 | 493 | close (fd); |
2f1de3dd CW |
494 | return 0; |
495 | } | |
177c0ea7 | 496 | |
2f1de3dd | 497 | int |
a5d107f3 | 498 | unlock_file (filename, state) |
cf398788 CW |
499 | const char *filename; |
500 | void *state; | |
2f1de3dd CW |
501 | { |
502 | char *lockpath = (char *) state; | |
a5d107f3 | 503 | int ret = unlink (lockpath); |
2f1de3dd | 504 | int saved_errno = errno; |
a5d107f3 | 505 | free (lockpath); |
2f1de3dd CW |
506 | errno = saved_errno; |
507 | return ret; | |
508 | } |