logger_system/file__utils_8h_source.html

// BSD 3-Clause License

// Copyright (c) 2025, 🍀☀🌕🌥 🌊

// See the LICENSE file in the project root for full license information.


#pragma once


#include <kcenon/logger/core/error_codes.h>

#include <filesystem>

#include <string>

#include <algorithm>


namespace kcenon::logger::utils {


class file_utils {

public:


    static common::VoidResult validate_log_path(

        const std::filesystem::path& path,

        const std::filesystem::path& allowed_base = ""

    ) {

        try {

            // Check for obviously suspicious patterns

            std::string path_str = path.string();


            // Detect path traversal attempts

            if (path_str.find("..") != std::string::npos) {

                return make_logger_void_result(

                    logger_error_code::sanitization_failed,

                    "Path contains '..' (path traversal attempt)"

                );

            }


            // If allowed_base is specified, ensure path is within it

            if (!allowed_base.empty()) {

                // Convert both paths to canonical form (resolves symlinks)

                std::filesystem::path canonical_path;

                std::filesystem::path canonical_base;


                // Get canonical base (must exist)

                if (std::filesystem::exists(allowed_base)) {

                    canonical_base = std::filesystem::canonical(allowed_base);

                } else {

                    canonical_base = std::filesystem::absolute(allowed_base);

                }


                // Get canonical path (may not exist yet for new files)

                std::filesystem::path parent = path.parent_path();

                if (!parent.empty() && std::filesystem::exists(parent)) {

                    canonical_path = std::filesystem::canonical(parent) / path.filename();

                } else {

                    canonical_path = std::filesystem::absolute(path);

                }


                // Check if canonical_path starts with canonical_base

                auto [base_end, path_end] = std::mismatch(

                    canonical_base.begin(), canonical_base.end(),

                    canonical_path.begin(), canonical_path.end()

                );


                if (base_end != canonical_base.end()) {

                    return make_logger_void_result(

                        logger_error_code::sanitization_failed,

                        "Path is outside allowed directory: " + path_str

                    );

                }

            }


            return common::ok();  // Valid path

        } catch (const std::filesystem::filesystem_error& e) {

            return make_logger_void_result(

                logger_error_code::file_permission_denied,

                std::string("Path validation failed: ") + e.what()

            );

        }

    }


    static std::string sanitize_filename(const std::string& filename) {

        if (filename.empty()) {

            return "unnamed.log";

        }


        std::string result;

        result.reserve(filename.size());


        for (char c : filename) {

            // Remove path separators

            if (c == '/' || c == '\\') {

                continue;

            }


            // Remove null bytes

            if (c == '\0') {

                continue;

            }


            // Replace control characters with underscore

            if (c < 32 || c == 127) {

                result += '_';

                continue;

            }


            // Remove potentially dangerous characters

            if (c == ':' || c == '*' || c == '?' || c == '"' ||

                c == '<' || c == '>' || c == '|') {

                result += '_';

                continue;

            }


            result += c;

        }


        // Truncate to safe length (255 is common filesystem limit)

        if (result.size() > 255) {

            // Try to preserve extension

            size_t ext_pos = result.find_last_of('.');

            if (ext_pos != std::string::npos && ext_pos > 250) {

                // Extension is reasonable, keep it

                std::string ext = result.substr(ext_pos);

                result = result.substr(0, 255 - ext.size()) + ext;

            } else {

                result = result.substr(0, 255);

            }

        }


        // Ensure result is not empty

        if (result.empty()) {

            return "unnamed.log";

        }


        return result;

    }


    static common::VoidResult set_file_permissions(

        const std::filesystem::path& file,

        std::filesystem::perms perms = std::filesystem::perms::owner_read |

                                        std::filesystem::perms::owner_write

    ) {

        try {

            if (!std::filesystem::exists(file)) {

                return make_logger_void_result(

                    logger_error_code::file_open_failed,

                    "File does not exist: " + file.string()

                );

            }


            std::filesystem::permissions(file, perms);

            return common::ok();

        } catch (const std::filesystem::filesystem_error& e) {

            return make_logger_void_result(

                logger_error_code::file_permission_denied,

                std::string("Failed to set file permissions: ") + e.what()

            );

        }

    }


    static bool is_absolute(const std::filesystem::path& path) {

        return path.is_absolute();

    }


    static std::size_t get_file_size(const std::filesystem::path& path) {

        std::error_code ec;

        auto size = std::filesystem::file_size(path, ec);

        if (ec) {

            return 0;

        }

        return static_cast<std::size_t>(size);

    }


    static bool is_writable(const std::filesystem::path& path) {

        std::error_code ec;


        // If file doesn't exist, check if parent directory is writable

        if (!std::filesystem::exists(path, ec)) {

            auto parent = path.parent_path();

            if (parent.empty()) {

                parent = ".";

            }

            return std::filesystem::exists(parent, ec) &&

                   !ec;  // Basic existence check

        }


        // File exists, check status

        auto status = std::filesystem::status(path, ec);

        if (ec) {

            return false;

        }


        // Check if we have write permissions

        auto perms = status.permissions();

        return (perms & std::filesystem::perms::owner_write) != std::filesystem::perms::none;

    }


    static std::string generate_temp_filename(

        const std::string& prefix = "temp",

        const std::string& extension = ".tmp"

    ) {

        auto now = std::chrono::system_clock::now();

        auto time_t = std::chrono::system_clock::to_time_t(now);


        std::tm tm_buf{};

#ifdef _WIN32

        localtime_s(&tm_buf, &time_t);

#else

        localtime_r(&time_t, &tm_buf);

#endif


        // Format: prefix_YYYYMMDDHHMMSS_random.ext

        char buffer[64];

        std::snprintf(buffer, sizeof(buffer),

                     "%s_%04d%02d%02d%02d%02d%02d_%d%s",

                     sanitize_filename(prefix).c_str(),

                     tm_buf.tm_year + 1900,

                     tm_buf.tm_mon + 1,

                     tm_buf.tm_mday,

                     tm_buf.tm_hour,

                     tm_buf.tm_min,

                     tm_buf.tm_sec,

                     static_cast<int>(std::chrono::steady_clock::now().time_since_epoch().count() % 10000),

                     extension.c_str());


        return std::string(buffer);

    }


};


} // namespace kcenon::logger::utils

kcenon::common::VoidResult
Definition error_codes.h:116

kcenon::logger::result
Definition error_codes.h:436

kcenon::logger::utils::file_utils
File utility functions for path validation and sanitization.
Definition file_utils.h:28

kcenon::logger::utils::file_utils::get_file_size
static std::size_t get_file_size(const std::filesystem::path &path)
Get file size.
Definition file_utils.h:260

kcenon::logger::utils::file_utils::sanitize_filename
static std::string sanitize_filename(const std::string &filename)
Sanitize filename by removing/replacing dangerous characters.
Definition file_utils.h:138

kcenon::logger::utils::file_utils::is_writable
static bool is_writable(const std::filesystem::path &path)
Check if file exists and is writable.
Definition file_utils.h:276

kcenon::logger::utils::file_utils::is_absolute
static bool is_absolute(const std::filesystem::path &path)
Check if path is absolute.
Definition file_utils.h:248

kcenon::logger::utils::file_utils::validate_log_path
static common::VoidResult validate_log_path(const std::filesystem::path &path, const std::filesystem::path &allowed_base="")
Validate log file path against path traversal attacks.
Definition file_utils.h:56

kcenon::logger::utils::file_utils::generate_temp_filename
static std::string generate_temp_filename(const std::string &prefix="temp", const std::string &extension=".tmp")
Generate safe temporary filename.
Definition file_utils.h:311

kcenon::logger::utils::file_utils::set_file_permissions
static common::VoidResult set_file_permissions(const std::filesystem::path &file, std::filesystem::perms perms=std::filesystem::perms::owner_read|std::filesystem::perms::owner_write)
Set file permissions (Unix/POSIX systems)
Definition file_utils.h:218

error_codes.h
Error codes specific to the logger system.

kcenon::common::ok
VoidResult ok()
Definition error_codes.h:149

kcenon::logger::utils
Definition forward.h:48

kcenon::logger::logger_error_code::sanitization_failed
@ sanitization_failed

kcenon::logger::logger_error_code::file_permission_denied
@ file_permission_denied

kcenon::logger::logger_error_code::file_open_failed
@ file_open_failed

kcenon::logger::make_logger_void_result
common::VoidResult make_logger_void_result(logger_error_code code, const std::string &message="")
Definition error_codes.h:506

kcenon::logger::rotation_type::size
@ size
Rotate based on file size only.