Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Windows: Use FindFirstFileW for getting the metadata of locked system files #98916

Merged
merged 5 commits into from
Jul 20, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 17 additions & 0 deletions library/std/src/fs/tests.rs
Original file line number Diff line number Diff line change
Expand Up @@ -1534,3 +1534,20 @@ fn read_large_dir() {
entry.unwrap();
}
}

/// Test the fallback for getting the metadata of files like hiberfil.sys that
/// Windows holds a special lock on, preventing normal means of querying
/// metadata. See #96980.
///
/// Note this fails in CI because `hiberfil.sys` does not actually exist there.
/// Therefore it's marked as ignored.
#[test]
#[ignore]
#[cfg(windows)]
fn hiberfil_sys() {
ChrisDenton marked this conversation as resolved.
Show resolved Hide resolved
let hiberfil = Path::new(r"C:\hiberfil.sys");
assert_eq!(true, hiberfil.try_exists().unwrap());
fs::symlink_metadata(hiberfil).unwrap();
fs::metadata(hiberfil).unwrap();
assert_eq!(true, hiberfil.exists());
}
108 changes: 82 additions & 26 deletions library/std/src/sys/windows/fs.rs
Original file line number Diff line number Diff line change
Expand Up @@ -155,22 +155,7 @@ impl DirEntry {
}

pub fn metadata(&self) -> io::Result<FileAttr> {
Ok(FileAttr {
attributes: self.data.dwFileAttributes,
creation_time: self.data.ftCreationTime,
last_access_time: self.data.ftLastAccessTime,
last_write_time: self.data.ftLastWriteTime,
file_size: ((self.data.nFileSizeHigh as u64) << 32) | (self.data.nFileSizeLow as u64),
reparse_tag: if self.data.dwFileAttributes & c::FILE_ATTRIBUTE_REPARSE_POINT != 0 {
// reserved unless this is a reparse point
self.data.dwReserved0
} else {
0
},
volume_serial_number: None,
number_of_links: None,
file_index: None,
})
Ok(self.data.into())
}
}

Expand Down Expand Up @@ -879,6 +864,26 @@ impl FileAttr {
self.file_index
}
}
impl From<c::WIN32_FIND_DATAW> for FileAttr {
fn from(wfd: c::WIN32_FIND_DATAW) -> Self {
FileAttr {
attributes: wfd.dwFileAttributes,
creation_time: wfd.ftCreationTime,
last_access_time: wfd.ftLastAccessTime,
last_write_time: wfd.ftLastWriteTime,
file_size: ((wfd.nFileSizeHigh as u64) << 32) | (wfd.nFileSizeLow as u64),
reparse_tag: if wfd.dwFileAttributes & c::FILE_ATTRIBUTE_REPARSE_POINT != 0 {
// reserved unless this is a reparse point
wfd.dwReserved0
} else {
0
},
volume_serial_number: None,
number_of_links: None,
file_index: None,
}
}
}

fn to_u64(ft: &c::FILETIME) -> u64 {
(ft.dwLowDateTime as u64) | ((ft.dwHighDateTime as u64) << 32)
Expand Down Expand Up @@ -1145,22 +1150,73 @@ pub fn link(_original: &Path, _link: &Path) -> io::Result<()> {
}

pub fn stat(path: &Path) -> io::Result<FileAttr> {
let mut opts = OpenOptions::new();
// No read or write permissions are necessary
opts.access_mode(0);
// This flag is so we can open directories too
opts.custom_flags(c::FILE_FLAG_BACKUP_SEMANTICS);
let file = File::open(path, &opts)?;
file.file_attr()
metadata(path, ReparsePoint::Follow)
}

pub fn lstat(path: &Path) -> io::Result<FileAttr> {
metadata(path, ReparsePoint::Open)
}

#[repr(u32)]
#[derive(Clone, Copy, PartialEq, Eq)]
enum ReparsePoint {
Follow = 0,
Open = c::FILE_FLAG_OPEN_REPARSE_POINT,
}
impl ReparsePoint {
fn as_flag(self) -> u32 {
self as u32
}
}

fn metadata(path: &Path, reparse: ReparsePoint) -> io::Result<FileAttr> {
let mut opts = OpenOptions::new();
// No read or write permissions are necessary
opts.access_mode(0);
opts.custom_flags(c::FILE_FLAG_BACKUP_SEMANTICS | c::FILE_FLAG_OPEN_REPARSE_POINT);
let file = File::open(path, &opts)?;
file.file_attr()
opts.custom_flags(c::FILE_FLAG_BACKUP_SEMANTICS | reparse.as_flag());

// Attempt to open the file normally.
// If that fails with `ERROR_SHARING_VIOLATION` then retry using `FindFirstFileW`.
// If the fallback fails for any reason we return the original error.
match File::open(path, &opts) {
Ok(file) => file.file_attr(),
Err(e) if e.raw_os_error() == Some(c::ERROR_SHARING_VIOLATION as _) => {
// `ERROR_SHARING_VIOLATION` will almost never be returned.
// Usually if a file is locked you can still read some metadata.
// However, there are special system files, such as
// `C:\hiberfil.sys`, that are locked in a way that denies even that.
unsafe {
let path = maybe_verbatim(path)?;

// `FindFirstFileW` accepts wildcard file names.
// Fortunately wildcards are not valid file names and
// `ERROR_SHARING_VIOLATION` means the file exists (but is locked)
// therefore it's safe to assume the file name given does not
// include wildcards.
let mut wfd = mem::zeroed();
let handle = c::FindFirstFileW(path.as_ptr(), &mut wfd);

if handle == c::INVALID_HANDLE_VALUE {
// This can fail if the user does not have read access to the
// directory.
Err(e)
} else {
// We no longer need the find handle.
c::FindClose(handle);

// `FindFirstFileW` reads the cached file information from the
// directory. The downside is that this metadata may be outdated.
let attrs = FileAttr::from(wfd);
if reparse == ReparsePoint::Follow && attrs.file_type().is_symlink() {
Err(e)
} else {
Ok(attrs)
}
}
}
}
Err(e) => Err(e),
}
}

pub fn set_perm(p: &Path, perm: FilePermissions) -> io::Result<()> {
Expand Down