[PATCH 2/2] Cygwin: introduce isabspath_strict macro

corinna-cygwin@cygwin.com corinna-cygwin@cygwin.com
Wed Nov 10 20:32:53 GMT 2021

From: Corinna Vinschen <corinna@vinschen.de>

isabspath handles a path "X:", without trailing slas or backslash,
as absolute path.  This breaks some scenarios with relative paths
starting with "X:".  For instance, fstatat will mishandle a call
with valid dirfd and "c:" as path.

The reason is that gen_full_path_at() will check for isabspath("C:")
which returns true.  So the path will be used verbatim in fstatat,
rather than being converted to a path "<dirfd-path>/c:".

So, introduce isabspath_strict, which returns true for paths starting
with "X:" only if the next char is actually a slash or backslash.
Use it from gen_full_path_at().

This still fixes only half the problem.  The right thing would have been
to disallow using DOS paths in the first place.  Unfortunately it's much
too late for that.

Addresses: https://cygwin.com/pipermail/cygwin/2021-November/249837.html
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
 winsup/cygwin/syscalls.cc | 2 +-
 winsup/cygwin/winsup.h    | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/winsup/cygwin/syscalls.cc b/winsup/cygwin/syscalls.cc
index 7a48e422e8f4..661c143479e4 100644
--- a/winsup/cygwin/syscalls.cc
+++ b/winsup/cygwin/syscalls.cc
@@ -4714,7 +4714,7 @@ gen_full_path_at (char *path_ret, int dirfd, const char *pathname,
 	  return -1;
-  if (pathname && isabspath (pathname))
+  if (pathname && isabspath_strict (pathname))
     stpcpy (path_ret, pathname);
diff --git a/winsup/cygwin/winsup.h b/winsup/cygwin/winsup.h
index f6fea6313d56..1f265ec28934 100644
--- a/winsup/cygwin/winsup.h
+++ b/winsup/cygwin/winsup.h
@@ -139,9 +139,17 @@ extern int cygserver_running;
 #undef issep
 #define issep(ch) (strchr (" \t\n\r", (ch)) != NULL)
+/* Treats "X:" as absolute path.
+   FIXME: We should drop the notion that "X:" is a valid absolute path.
+   Only "X:/" and "X:\\" should be (see isabspath_strict below).  The
+   problem is to find out if we have code depending on this behaviour. */
 #define isabspath(p) \
   (isdirsep (*(p)) || (isalpha (*(p)) && (p)[1] == ':' && (!(p)[2] || isdirsep ((p)[2]))))
+/* Treats "X:/" and "X:\\" as absolute paths, but not "X:" */
+#define isabspath_strict(p) \
+  (isdirsep (*(p)) || (isalpha (*(p)) && (p)[1] == ':' && isdirsep ((p)[2])))
 /******************** Initialization/Termination **********************/
 class per_process;

