- don't free user-supplied string (via -e)

[oweals/busybox.git] / util-linux / switch_root.c

diff --git a/util-linux/switch_root.c b/util-linux/switch_root.c
index 1f6ec2dc76bc99bdd0487e070aa3ebc3a1a948ee..21cc99229752368d41db367976997411f8ba49dd 100644 (file)
--- a/util-linux/switch_root.c
+++ b/util-linux/switch_root.c
@@ -9,9 +9,7 @@
 #include "libbb.h"
 #include <sys/vfs.h>
 
-
 // Make up for header deficiencies.
-
 #ifndef RAMFS_MAGIC
 #define RAMFS_MAGIC ((unsigned)0x858458f6)
 #endif
@@ -24,18 +22,16 @@
 #define MS_MOVE     8192
 #endif
 
-static dev_t rootdev;
-
 // Recursively delete contents of rootfs.
-
-static void delete_contents(const char *directory)
+static void delete_contents(const char *directory, dev_t rootdev)
 {
        DIR *dir;
        struct dirent *d;
        struct stat st;
 
        // Don't descend into other filesystems
-       if (lstat(directory, &st) || st.st_dev != rootdev) return;
+       if (lstat(directory, &st) || st.st_dev != rootdev)
+               return;
 
        // Recursively delete the contents of directories.
        if (S_ISDIR(st.st_mode)) {
@@ -45,13 +41,13 @@ static void delete_contents(const char *directory)
                                char *newdir = d->d_name;
 
                                // Skip . and ..
-                               if (*newdir=='.' && (!newdir[1] || (newdir[1]=='.' && !newdir[2])))
+                               if (DOT_OR_DOTDOT(newdir))
                                        continue;
 
                                // Recurse to delete contents
-                               newdir = alloca(strlen(directory) + strlen(d->d_name) + 2);
-                               sprintf(newdir, "%s/%s", directory, d->d_name);
-                               delete_contents(newdir);
+                               newdir = concat_path_file(directory, newdir);
+                               delete_contents(newdir, rootdev);
+                               free(newdir);
                        }
                        closedir(dir);
 
@@ -60,7 +56,6 @@ static void delete_contents(const char *directory)
                }
 
        // It wasn't a directory.  Zap it.
-
        } else unlink(directory);
 }
 
@@ -70,15 +65,14 @@ int switch_root_main(int argc UNUSED_PARAM, char **argv)
        char *newroot, *console = NULL;
        struct stat st1, st2;
        struct statfs stfs;
+       dev_t rootdev;
 
        // Parse args (-c console)
-
        opt_complementary = "-2"; // minimum 2 params
        getopt32(argv, "+c:", &console); // '+': stop parsing at first non-option
        argv += optind;
 
        // Change to new root directory and verify it's a different fs.
-
        newroot = *argv++;
 
        xchdir(newroot);
@@ -90,7 +84,6 @@ int switch_root_main(int argc UNUSED_PARAM, char **argv)
        // Additional sanity checks: we're about to rm -rf /,  so be REALLY SURE
        // we mean it.  (I could make this a CONFIG option, but I would get email
        // from all the people who WILL eat their filesystems.)
-
        if (lstat("/init", &st1) || !S_ISREG(st1.st_mode) || statfs("/", &stfs)
         || (((unsigned)stfs.f_type != RAMFS_MAGIC) && ((unsigned)stfs.f_type != TMPFS_MAGIC))
         || (getpid() != 1)
@@ -99,24 +92,21 @@ int switch_root_main(int argc UNUSED_PARAM, char **argv)
        }
 
        // Zap everything out of rootdev
-
-       delete_contents("/");
+       delete_contents("/", rootdev);
 
        // Overmount / with newdir and chroot into it.  The chdir is needed to
        // recalculate "." and ".." links.
-
        if (mount(".", "/", NULL, MS_MOVE, NULL))
                bb_error_msg_and_die("error moving root");
        xchroot(".");
        xchdir("/");
 
        // If a new console specified, redirect stdin/stdout/stderr to that.
-
        if (console) {
                close(0);
                xopen(console, O_RDWR);
-               dup2(0, 1);
-               dup2(0, 2);
+               xdup2(0, 1);
+               xdup2(0, 2);
        }
 
        // Exec real init.  (This is why we must be pid 1.)