brush-core 0.5.0

Reusable core of a POSIX/bash shell (used by brush-shell)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413

//! Filesystem utilities.

use std::os::unix::ffi::OsStringExt;
use std::os::unix::fs::FileTypeExt;
use std::path::{Path, PathBuf};

use crate::error;

pub use std::os::unix::fs::MetadataExt;

#[cfg(target_os = "android")]
// _PATH_DEFPATH in https://android.googlesource.com/platform/bionic/+/refs/heads/main/libc/include/paths.h
const ANDROID_DEFPATH: &str = "/product/bin:/apex/com.android.runtime/bin:/apex/com.android.art/bin:/apex/com.android.virt/bin:/system_ext/bin:/system/bin:/system/xbin:/odm/bin:/vendor/bin:/vendor/xbin";

impl crate::sys::fs::PathExt for Path {
    fn readable(&self) -> bool {
        nix::unistd::access(self, nix::unistd::AccessFlags::R_OK).is_ok()
    }

    fn writable(&self) -> bool {
        nix::unistd::access(self, nix::unistd::AccessFlags::W_OK).is_ok()
    }

    fn executable(&self) -> bool {
        nix::unistd::access(self, nix::unistd::AccessFlags::X_OK).is_ok()
    }

    fn exists_and_is_block_device(&self) -> bool {
        try_get_file_type(self).is_some_and(|ft| ft.is_block_device())
    }

    fn exists_and_is_char_device(&self) -> bool {
        try_get_file_type(self).is_some_and(|ft| ft.is_char_device())
    }

    fn exists_and_is_fifo(&self) -> bool {
        try_get_file_type(self).is_some_and(|ft: std::fs::FileType| ft.is_fifo())
    }

    fn exists_and_is_socket(&self) -> bool {
        try_get_file_type(self).is_some_and(|ft| ft.is_socket())
    }

    fn exists_and_is_setgid(&self) -> bool {
        const S_ISGID: u32 = 0o2000;
        let file_mode = try_get_file_mode(self);
        file_mode.is_some_and(|mode| mode & S_ISGID != 0)
    }

    fn exists_and_is_setuid(&self) -> bool {
        const S_ISUID: u32 = 0o4000;
        let file_mode = try_get_file_mode(self);
        file_mode.is_some_and(|mode| mode & S_ISUID != 0)
    }

    fn exists_and_is_sticky_bit(&self) -> bool {
        const S_ISVTX: u32 = 0o1000;
        let file_mode = try_get_file_mode(self);
        file_mode.is_some_and(|mode| mode & S_ISVTX != 0)
    }

    fn get_device_and_inode(&self) -> Result<(u64, u64), crate::error::Error> {
        let metadata = self.metadata()?;
        Ok((metadata.dev(), metadata.ino()))
    }
}

fn try_get_file_type(path: &Path) -> Option<std::fs::FileType> {
    path.metadata().map(|metadata| metadata.file_type()).ok()
}

fn try_get_file_mode(path: &Path) -> Option<u32> {
    path.metadata().map(|metadata| metadata.mode()).ok()
}

/// Splits a platform-specific PATH-like value into individual paths.
///
/// On Unix, this delegates to [`std::env::split_paths`].
pub fn split_paths<T: AsRef<std::ffi::OsStr> + ?Sized>(s: &T) -> std::env::SplitPaths<'_> {
    std::env::split_paths(s)
}

pub(crate) fn get_default_executable_search_paths() -> Vec<PathBuf> {
    #[cfg(target_os = "android")]
    {
        std::env::split_paths(ANDROID_DEFPATH).collect()
    }
    #[cfg(not(target_os = "android"))]
    {
        // standard hard-coded defaults for executable search path
        vec![
            "/usr/local/sbin".into(),
            "/usr/local/bin".into(),
            "/usr/sbin".into(),
            "/usr/bin".into(),
            "/sbin".into(),
            "/bin".into(),
        ]
    }
}

/// Retrieves the platform-specific set of paths that should contain standard system
/// utilities. Used by `command -p`, for example.
pub fn get_default_standard_utils_paths() -> Vec<PathBuf> {
    //
    // Try to call confstr(_CS_PATH). If that fails, can't find a string value, or
    // finds an empty string, then we'll fall back to hard-coded defaults.
    //

    if let Ok(Some(cs_path)) = confstr_cs_path()
        && !cs_path.as_os_str().is_empty()
    {
        return split_paths(&cs_path).collect();
    }

    #[cfg(target_os = "android")]
    {
        std::env::split_paths(ANDROID_DEFPATH).collect()
    }
    #[cfg(not(target_os = "android"))]
    {
        // standard hard-coded defaults
        vec![
            "/bin".into(),
            "/usr/bin".into(),
            "/sbin".into(),
            "/usr/sbin".into(),
            "/etc".into(),
            "/usr/etc".into(),
        ]
    }
}

#[allow(clippy::unnecessary_wraps)]
fn confstr_cs_path() -> Result<Option<PathBuf>, std::io::Error> {
    #[cfg(target_os = "android")]
    {
        Ok(Some(PathBuf::from(ANDROID_DEFPATH)))
    }
    #[cfg(not(target_os = "android"))]
    {
        let value = confstr(nix::libc::_CS_PATH)?;

        if let Some(value) = value {
            let value_str = PathBuf::from(value);
            Ok(Some(value_str))
        } else {
            Ok(None)
        }
    }
}

/// A wrapper for [`nix::libc::confstr`]. Returns a value for the default PATH variable which
/// indicates where all the POSIX.2 standard utilities can be found.
///
/// N.B. We would strongly prefer to use a safe API exposed (in an idiomatic way) by nix
/// or similar. Until that exists, we accept the need to make the unsafe call directly.
#[cfg(not(target_os = "android"))]
fn confstr(name: nix::libc::c_int) -> Result<Option<std::ffi::OsString>, std::io::Error> {
    // SAFETY:
    // Calling `confstr` with a null pointer and size 0 is a documented way to query
    // the required size of the buffer to hold the value associated with `name`. It
    // should not end up causing any undefined behavior.
    let required_size = unsafe { nix::libc::confstr(name, std::ptr::null_mut(), 0) };

    // When confstr returns 0, it either means there's no value associated with _CS_PATH, or
    // _CS_PATH is considered invalid (and not present) on this platform. In both cases, we
    // treat it as a non-existent value and return None.
    if required_size == 0 {
        return Ok(None);
    }

    let mut buffer = Vec::<u8>::with_capacity(required_size);

    // SAFETY:
    // We are calling `confstr` with a valid pointer and size that we obtained from the
    // allocated buffer. Writing `c_char` (i8 or u8 depending on the platform) into
    // `Vec<u8>` is fine, as i8 and u8 have compatible representations, and Rust does
    // not support platforms where `c_char` is not 8-bit wide.
    let final_size =
        unsafe { nix::libc::confstr(name, buffer.as_mut_ptr().cast(), buffer.capacity()) };

    if final_size == 0 {
        return Err(std::io::Error::last_os_error());
    }

    // Per the docs on `confstr`, it *may* return a size larger than the provided buffer.
    // In our usage we wouldn't expect to see this, as we've first queried the required size.
    // However, we defensively check for this case and return an error if it happens.
    if final_size > buffer.capacity() {
        return Err(std::io::Error::other(
            "confstr needed more space than advertised",
        ));
    }

    // SAFETY:
    // We are trusting `confstr` to have written exactly `final_size` bytes into the buffer.
    // We have checked above that it didn't return a value *larger* than the capacity of
    // the buffer, and also checked for known error cases. Note that the returned length
    // should include the null terminator.
    unsafe { buffer.set_len(final_size) };

    // The last byte is a null terminator. We assert that it is.
    if !matches!(buffer.pop(), Some(0)) {
        return Err(std::io::Error::other(
            "confstr did not null-terminate the returned string",
        ));
    }

    Ok(Some(std::ffi::OsString::from_vec(buffer)))
}

/// Opens a null file that will discard all I/O.
pub fn open_null_file() -> Result<std::fs::File, error::Error> {
    let f = std::fs::File::options()
        .read(true)
        .write(true)
        .open("/dev/null")?;

    Ok(f)
}

/// Gives the platform an opportunity to handle a special file path (e.g. `/dev/null`).
pub const fn try_open_special_file(_path: &Path) -> Option<Result<std::fs::File, std::io::Error>> {
    None
}

/// Returns the path to the system-wide shell profile script.
pub fn get_system_profile_path() -> Option<&'static Path> {
    Some(Path::new("/etc/profile"))
}

/// Returns the path to the system-wide shell rc script.
pub fn get_system_rc_path() -> Option<&'static Path> {
    Some(Path::new("/etc/bash.bashrc"))
}

/// Returns true if the string contains a path separator character.
///
/// On Unix, only `/` is considered a path separator.
pub fn contains_path_separator(s: &str) -> bool {
    s.contains('/')
}

/// Returns true if the string ends with a path separator character.
///
/// On Unix, only `/` is considered a path separator.
pub fn ends_with_path_separator(s: &str) -> bool {
    s.ends_with('/')
}

/// Returns the string with a trailing path separator removed, if present.
///
/// On Unix, only `/` is considered a path separator.
pub fn strip_path_separator_suffix(s: &str) -> &str {
    s.strip_suffix('/').unwrap_or(s)
}

/// Returns the platform default for case-insensitive pathname expansion.
///
/// On Unix, filesystems are typically case-sensitive, so this returns `false`.
pub const fn default_case_insensitive_path_expansion() -> bool {
    false
}

/// Finds the byte index of the last path separator in the string.
///
/// On Unix, only `/` is considered a path separator.
pub fn rfind_path_separator(s: &str) -> Option<usize> {
    s.rfind('/')
}

/// Splits a string on path separator characters, returning an iterator of components.
///
/// On Unix, only `/` is used as a separator.
pub fn split_path_for_pattern(s: &str) -> impl Iterator<Item = &str> {
    s.split('/')
}

/// Returns the root path for an absolute pattern, if the first component indicates one.
///
/// On Unix, an empty first component (from splitting a path like `/foo`) indicates
/// an absolute path rooted at `/`.
pub fn pattern_path_root(first_component: &str) -> Option<PathBuf> {
    if first_component.is_empty() {
        Some(PathBuf::from("/"))
    } else {
        None
    }
}

/// Pushes a component onto a path for pattern expansion.
///
/// On Unix, this delegates directly to `PathBuf::push`.
pub fn push_path_for_pattern(path: &mut std::path::PathBuf, component: &str) {
    path.push(component);
}

/// Normalizes path separators for shell output.
///
/// On Unix, this is a no-op since paths already use `/`.
pub const fn normalize_path_separators(s: &str) -> std::borrow::Cow<'_, str> {
    std::borrow::Cow::Borrowed(s)
}

/// Resolves an owned path to the actual on-disk executable file, if any.
///
/// On Unix this is a straight passthrough: if the path is executable, the
/// path is returned unchanged (no clone). This keeps `pathsearch::next`
/// allocation-free on the happy path.
///
/// On Windows this function may append a `PATHEXT` extension and return a
/// possibly-different `PathBuf`.
pub fn resolve_executable(path: PathBuf) -> Option<PathBuf> {
    use crate::sys::fs::PathExt;
    if path.as_path().executable() {
        Some(path)
    } else {
        None
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn path_separator_helpers() {
        assert!(contains_path_separator("foo/bar"));
        assert!(!contains_path_separator("foobar"));
        // Backslashes are not separators on Unix.
        assert!(!contains_path_separator(r"foo\bar"));

        assert!(ends_with_path_separator("foo/"));
        assert!(!ends_with_path_separator("foo"));
        assert!(!ends_with_path_separator(r"foo\"));

        assert_eq!(strip_path_separator_suffix("foo/"), "foo");
        assert_eq!(strip_path_separator_suffix("foo"), "foo");
        assert_eq!(strip_path_separator_suffix(r"foo\"), r"foo\");

        assert_eq!(rfind_path_separator("a/b/c"), Some(3));
        assert_eq!(rfind_path_separator("abc"), None);
    }

    #[test]
    fn split_path_for_pattern_basic() {
        let parts: Vec<_> = split_path_for_pattern("a/b/c").collect();
        assert_eq!(parts, vec!["a", "b", "c"]);

        let parts: Vec<_> = split_path_for_pattern("/a/b").collect();
        assert_eq!(parts, vec!["", "a", "b"]);

        // Backslashes are not split on Unix.
        let parts: Vec<_> = split_path_for_pattern(r"a\b").collect();
        assert_eq!(parts, vec![r"a\b"]);
    }

    #[test]
    fn pattern_path_root_absolute() {
        assert_eq!(pattern_path_root(""), Some(PathBuf::from("/")));
    }

    #[test]
    fn pattern_path_root_relative() {
        assert_eq!(pattern_path_root("foo"), None);
        // Drive-letter syntax is not recognized on Unix.
        assert_eq!(pattern_path_root("c:"), None);
    }

    #[test]
    fn push_path_for_pattern_appends_child() {
        let mut p = PathBuf::from("/home/reuben");
        push_path_for_pattern(&mut p, "foo");
        assert_eq!(p, PathBuf::from("/home/reuben/foo"));
    }

    #[test]
    fn normalize_path_separators_is_noop() {
        use std::borrow::Cow;
        assert!(matches!(
            normalize_path_separators("/foo/bar"),
            Cow::Borrowed("/foo/bar")
        ));
    }

    #[test]
    fn default_case_insensitive_is_false() {
        assert!(!default_case_insensitive_path_expansion());
    }

    #[test]
    fn resolve_executable_returns_input_unchanged() {
        // /bin/sh exists and is executable on every supported Unix host.
        let path = PathBuf::from("/bin/sh");
        let resolved = resolve_executable(path.clone());
        assert_eq!(resolved.as_deref(), Some(path.as_path()));
    }

    #[test]
    fn resolve_executable_returns_none_for_nonexistent() {
        let path = PathBuf::from("/this/path/should/not/exist/brush-test");
        assert!(resolve_executable(path).is_none());
    }

    #[test]
    fn resolve_executable_returns_none_for_non_executable() {
        // /etc/hostname (or similar) is a regular file but not executable.
        // Use /etc/passwd which is universally present and not executable.
        let path = PathBuf::from("/etc/passwd");
        assert!(resolve_executable(path).is_none());
    }
}