@photostructure/fs-metadata 0.6.0 → 0.7.0

package/src/windows/drive_status.h

@@ -1,12 +1,17 @@
 // src/windows/drive_status.h
-
 #pragma once
 #include "../common/debug_log.h"
+#include "security_utils.h"
+#include "thread_pool.h"
+#include "windows_arch.h"
 #include <atomic>
-#include <memory>
+#include <chrono>
+#include <condition_variable>
+#include <future>
+#include <mutex>
 #include <string>
+#include <thread>
 #include <vector>
-#include <windows.h>
 
 namespace FSMeta {
 
@@ -33,212 +38,177 @@ inline std::string DriveStatusToString(DriveStatus status) {
   }
 }
 
-class IOOperation {
+class DriveStatusChecker {
 private:
-  HANDLE completionEvent;
-  std::atomic<DriveStatus> result;
-  std::string path;
-  DWORD threadId;
-  std::atomic<bool> shouldTerminate;
-  HANDLE threadHandle; // Store thread handle as member
-
-public:
-  IOOperation()
-      : result{DriveStatus::Unknown}, threadId(0), shouldTerminate{false},
-        threadHandle(NULL) {
-    completionEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
-  }
+  static DriveStatus MapErrorToDriveStatus(DWORD error) {
+    switch (error) {
+    case ERROR_SUCCESS:
+      return DriveStatus::Healthy;
 
-  ~IOOperation() {
-    if (completionEvent) {
-      CloseHandle(completionEvent);
-    }
-    CleanupThread();
-  }
+    case ERROR_FILE_NOT_FOUND:
+    case ERROR_PATH_NOT_FOUND:
+    case ERROR_ACCESS_DENIED:
+    case ERROR_LOGON_FAILURE:
+    case ERROR_SHARING_VIOLATION:
+      return DriveStatus::Inaccessible;
 
-  void CleanupThread() {
-    if (threadHandle) {
-      DEBUG_LOG("[IOOperation] Cleaning up thread %lu", threadId);
-      // Signal termination
-      shouldTerminate.store(true, std::memory_order_release);
-
-      // Wake up thread if it's waiting on something
-      SetEvent(completionEvent);
-
-      // Give thread chance to exit gracefully (increased timeout)
-      DWORD waitResult = WaitForSingleObject(threadHandle, 1000);
-      if (waitResult != WAIT_OBJECT_0) {
-        DEBUG_LOG("[IOOperation] WARNING: Thread %lu did not exit gracefully "
-                  "after 1000ms",
-                  threadId);
-        // NEVER use TerminateThread - it's extremely dangerous
-        // Instead, log the issue and abandon the thread
-        // The thread will eventually exit when the process terminates
-      }
+    case ERROR_BAD_NET_NAME:
+    case ERROR_NETWORK_UNREACHABLE:
+    case ERROR_NOT_CONNECTED:
+    case ERROR_NETWORK_ACCESS_DENIED:
+    case ERROR_BAD_NETPATH:
+    case ERROR_NO_NET_OR_BAD_PATH:
+      return DriveStatus::Disconnected;
 
-      CloseHandle(threadHandle);
-      threadHandle = NULL;
-      DEBUG_LOG("[IOOperation] Thread cleanup complete");
+    default:
+      return DriveStatus::Unknown;
     }
   }
 
-  static DWORD WINAPI WorkerThread(LPVOID param) {
-    IOOperation *self = static_cast<IOOperation *>(param);
-    std::string searchPath = self->path + "*";
-    HANDLE findHandle = INVALID_HANDLE_VALUE;
-    WIN32_FIND_DATAA findData;
+  static DriveStatus CheckDriveInternal(const std::string &path) {
+    DEBUG_LOG("[DriveStatusChecker] Checking drive: %s", path.c_str());
 
-    DEBUG_LOG("[WorkerThread] Starting search on path: %s", searchPath.c_str());
+    // Validate path
+    if (!SecurityUtils::IsPathSecure(path)) {
+      DEBUG_LOG("[DriveStatusChecker] Path failed security check: %s",
+                path.c_str());
+      return DriveStatus::Inaccessible;
+    }
 
-    // Check if we should terminate before starting work
-    if (self->shouldTerminate.load(std::memory_order_acquire)) {
-      DEBUG_LOG("[WorkerThread] Thread %lu terminating before work",
-                self->threadId);
-      return 0;
+    // Ensure path ends with backslash for FindFirstFileEx
+    std::string searchPath = path;
+    if (!searchPath.empty() && searchPath.back() != '\\') {
+      searchPath += '\\';
     }
+    searchPath += "*";
 
-    findHandle = FindFirstFileExA(
+    WIN32_FIND_DATAA findData;
+    HandleGuard findHandle(FindFirstFileExA(
         searchPath.c_str(), FindExInfoBasic, &findData, FindExSearchNameMatch,
-        NULL, FIND_FIRST_EX_LARGE_FETCH | FIND_FIRST_EX_ON_DISK_ENTRIES_ONLY);
-
-    if (findHandle == INVALID_HANDLE_VALUE) {
-      self->result.store(self->MapErrorToDriveStatus(GetLastError()),
-                         std::memory_order_release);
-      DEBUG_LOG("[WorkerThread] Search failed with error: %lu", GetLastError());
-    } else {
-      self->result.store(DriveStatus::Healthy, std::memory_order_release);
-      FindClose(findHandle);
-      DEBUG_LOG("[WorkerThread] Search completed successfully");
+        nullptr,
+        FIND_FIRST_EX_LARGE_FETCH | FIND_FIRST_EX_ON_DISK_ENTRIES_ONLY));
+
+    if (!findHandle) {
+      DWORD error = GetLastError();
+      DEBUG_LOG("[DriveStatusChecker] FindFirstFileEx failed for %s: %lu",
+                path.c_str(), error);
+      return MapErrorToDriveStatus(error);
     }
 
-    SetEvent(self->completionEvent);
-    DEBUG_LOG("[WorkerThread] Thread %lu exiting", self->threadId);
-    return 0;
+    // Successfully opened - drive is healthy
+    FindClose(findHandle.release());
+    DEBUG_LOG("[DriveStatusChecker] Drive %s is healthy", path.c_str());
+    return DriveStatus::Healthy;
   }
 
-  DriveStatus CheckDriveWithTimeout(const std::string &checkPath,
-                                    DWORD timeoutMs) {
-    DEBUG_LOG("[CheckDriveStatus] Starting check for: %s timeout: %lu ms",
-              checkPath.c_str(), timeoutMs);
+public:
+  static std::future<DriveStatus> CheckDriveAsync(const std::string &path,
+                                                  DWORD timeoutMs = 5000) {
+    auto promise = std::make_shared<std::promise<DriveStatus>>();
+    auto future = promise->get_future();
 
-    // Cleanup any previous thread
-    CleanupThread();
+    // Use a shared state for timeout handling
+    auto state = std::make_shared<std::atomic<bool>>(false);
 
-    path = checkPath;
-    ResetEvent(completionEvent);
-    shouldTerminate.store(false, std::memory_order_release);
+    GetGlobalThreadPool().Submit([path, promise, state, timeoutMs]() {
+      // Set up timeout
+      auto startTime = std::chrono::steady_clock::now();
 
-    threadHandle = CreateThread(NULL, 0, WorkerThread, this, 0, &threadId);
-    if (!threadHandle) {
-      DEBUG_LOG("[CheckDriveStatus] Failed to create thread");
-      return DriveStatus::Unknown;
-    }
+      // Perform the check
+      DriveStatus status = CheckDriveInternal(path);
 
-    DEBUG_LOG("[CheckDriveStatus] Created thread %lu", threadId);
-    DWORD waitResult = WaitForSingleObject(threadHandle, timeoutMs);
+      // Check if we've timed out
+      auto elapsed = std::chrono::steady_clock::now() - startTime;
+      if (elapsed > std::chrono::milliseconds(timeoutMs)) {
+        status = DriveStatus::Timeout;
+      }
 
-    if (waitResult == WAIT_TIMEOUT) {
-      DEBUG_LOG("[CheckDriveStatus] Thread %lu timed out after %lu ms",
-                threadId, timeoutMs);
-      CleanupThread();
-      return DriveStatus::Timeout;
+      // Only set the promise if we haven't been cancelled
+      if (!state->load()) {
+        promise->set_value(status);
+      }
+    });
+
+    // Handle timeout in the caller
+    if (timeoutMs != INFINITE) {
+      std::thread([promise, state, timeoutMs]() {
+        std::this_thread::sleep_for(std::chrono::milliseconds(timeoutMs));
+        if (!state->exchange(true)) {
+          try {
+            promise->set_value(DriveStatus::Timeout);
+          } catch (...) {
+            // Promise already satisfied
+          }
+        }
+      }).detach();
     }
 
-    DEBUG_LOG("[CheckDriveStatus] Thread %lu completed normally", threadId);
-    CloseHandle(threadHandle);
-    DEBUG_LOG("[CheckDriveStatus] CloseHandle %lu completed", threadId);
-    threadHandle = NULL;
-    return result.load(std::memory_order_acquire);
+    return future;
   }
 
-private:
-  DriveStatus MapErrorToDriveStatus(DWORD error) {
-    switch (error) {
-    case ERROR_FILE_NOT_FOUND:
-    case ERROR_PATH_NOT_FOUND:
-    case ERROR_ACCESS_DENIED:
-    case ERROR_LOGON_FAILURE:
-      return DriveStatus::Inaccessible;
+  static DriveStatus CheckDrive(const std::string &path,
+                                DWORD timeoutMs = 5000) {
+    try {
+      auto future = CheckDriveAsync(path, timeoutMs);
 
-    case ERROR_BAD_NET_NAME:
-    case ERROR_NETWORK_UNREACHABLE:
-    case ERROR_NOT_CONNECTED:
-    case ERROR_NETWORK_ACCESS_DENIED:
-    case ERROR_BAD_NETPATH:
-      return DriveStatus::Disconnected;
+      if (future.wait_for(std::chrono::milliseconds(timeoutMs)) ==
+          std::future_status::timeout) {
+        return DriveStatus::Timeout;
+      }
 
-    default:
+      return future.get();
+    } catch (...) {
+      DEBUG_LOG("[DriveStatusChecker] Exception checking drive %s",
+                path.c_str());
       return DriveStatus::Unknown;
     }
   }
-};
-
-class ParallelDriveStatus {
-private:
-  struct PendingCheck {
-    std::string path;
-    std::unique_ptr<IOOperation> op;
-    DWORD timeoutMs;
-    DriveStatus status;
-  };
 
-  std::vector<std::unique_ptr<PendingCheck>> pending_;
-
-public:
-  void Submit(const std::string &path, DWORD timeoutMs = 1000) {
-    auto check = std::make_unique<PendingCheck>();
-    check->path = path;
-    check->op = std::make_unique<IOOperation>();
-    check->timeoutMs = timeoutMs;
-    check->status = DriveStatus::Unknown;
-
-    DEBUG_LOG("[ParallelDriveStatus] Submitting check for: %s", path.c_str());
-    pending_.push_back(std::move(check));
-  }
+  static std::vector<DriveStatus>
+  CheckMultipleDrives(const std::vector<std::string> &paths,
+                      DWORD timeoutMs = 5000) {
 
-  std::vector<DriveStatus> WaitForResults() {
-    std::vector<DriveStatus> results;
-    results.reserve(pending_.size());
+    std::vector<std::future<DriveStatus>> futures;
+    futures.reserve(paths.size());
 
-    // Start all operations
-    for (auto &check : pending_) {
-      check->status =
-          check->op->CheckDriveWithTimeout(check->path, check->timeoutMs);
+    // Launch all checks concurrently
+    for (const auto &path : paths) {
+      futures.push_back(CheckDriveAsync(path, timeoutMs));
     }
 
-    // Collect results in original order
-    for (auto &check : pending_) {
-      DEBUG_LOG("[ParallelDriveStatus] Result for %s: %s", check->path.c_str(),
-                DriveStatusToString(check->status).c_str());
-      results.push_back(check->status);
+    // Collect results
+    std::vector<DriveStatus> results;
+    results.reserve(paths.size());
+
+    for (size_t i = 0; i < futures.size(); ++i) {
+      try {
+        if (futures[i].wait_for(std::chrono::milliseconds(timeoutMs)) ==
+            std::future_status::timeout) {
+          results.push_back(DriveStatus::Timeout);
+        } else {
+          results.push_back(futures[i].get());
+        }
+      } catch (...) {
+        DEBUG_LOG("[DriveStatusChecker] Exception getting result for drive %s",
+                  paths[i].c_str());
+        results.push_back(DriveStatus::Unknown);
+      }
     }
 
-    pending_.clear();
     return results;
   }
 };
 
-// Update CheckDriveStatus to support checking multiple paths
+// Compatibility wrapper for existing code
 inline std::vector<DriveStatus>
 CheckDriveStatus(const std::vector<std::string> &paths,
-                 DWORD timeoutMs = 1000) {
-  try {
-    ParallelDriveStatus checker;
-    for (const auto &path : paths) {
-      checker.Submit(path, timeoutMs);
-    }
-    return checker.WaitForResults();
-  } catch (...) {
-    DEBUG_LOG("[CheckDriveStatus] caught unexpected exception");
-    return std::vector<DriveStatus>(paths.size(), DriveStatus::Unknown);
-  }
+                 DWORD timeoutMs = 5000) {
+  return DriveStatusChecker::CheckMultipleDrives(paths, timeoutMs);
 }
 
-// Keep single path version for backwards compatibility
 inline DriveStatus CheckDriveStatus(const std::string &path,
-                                    DWORD timeoutMs = 1000) {
-  std::vector<std::string> paths{path};
-  return CheckDriveStatus(paths, timeoutMs)[0];
+                                    DWORD timeoutMs = 5000) {
+  return DriveStatusChecker::CheckDrive(path, timeoutMs);
 }
 
 } // namespace FSMeta

package/src/windows/error_utils.h

@@ -1,9 +1,10 @@
 // src/windows/error_utils.h
 #pragma once
+#include "../common/debug_log.h"
+#include "windows_arch.h"
 #include <sstream>
 #include <stdexcept>
 #include <string>
-#include <windows.h>
 
 namespace FSMeta {
 
@@ -16,27 +17,77 @@ public:
       : std::runtime_error(FormatWindowsError(operation, errorCode)) {}
 
 private:
+  // RAII wrapper for LocalFree - ensures cleanup even if exception thrown
+  // Prevents memory leaks when FormatMessageA allocates a buffer
+  struct LocalFreeGuard {
+    LPVOID ptr;
+
+    explicit LocalFreeGuard(LPVOID p) : ptr(p) {}
+
+    ~LocalFreeGuard() {
+      if (ptr) {
+        LocalFree(ptr);
+        DEBUG_LOG("[LocalFreeGuard] LocalFree called on FormatMessage buffer");
+      }
+    }
+
+    // Prevent copying to ensure single ownership
+    LocalFreeGuard(const LocalFreeGuard &) = delete;
+    LocalFreeGuard &operator=(const LocalFreeGuard &) = delete;
+
+    // Allow moving for flexibility
+    LocalFreeGuard(LocalFreeGuard &&other) noexcept : ptr(other.ptr) {
+      other.ptr = nullptr;
+    }
+
+    LocalFreeGuard &operator=(LocalFreeGuard &&other) noexcept {
+      if (this != &other) {
+        if (ptr) {
+          LocalFree(ptr);
+        }
+        ptr = other.ptr;
+        other.ptr = nullptr;
+      }
+      return *this;
+    }
+  };
+
   static std::string FormatWindowsError(const std::string &operation,
                                         DWORD error) {
     if (error == 0) {
       return operation + " failed with an unknown error";
     }
 
-    LPVOID messageBuffer;
+    LPVOID messageBuffer = nullptr;
     size_t size = FormatMessageA(
         FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM |
             FORMAT_MESSAGE_IGNORE_INSERTS,
         NULL, error, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
         (LPSTR)&messageBuffer, 0, NULL);
 
+    // RAII guard ensures LocalFree is called even if exception thrown
+    LocalFreeGuard guard(messageBuffer);
+
     if (size == 0 || !messageBuffer) {
+      DWORD formatError = GetLastError();
+      DEBUG_LOG("[FormatWindowsError] FormatMessageA failed for error %lu: "
+                "FormatMessage error=%lu, size=%zu",
+                error, formatError, size);
       return operation + " failed with error code: " + std::to_string(error);
     }
 
+    // Now safe: guard will free messageBuffer even if string construction
+    // throws
     std::string errorMessage((LPSTR)messageBuffer, size);
-    LocalFree(messageBuffer);
+
+    // Trim trailing newlines/carriage returns that Windows adds
+    while (!errorMessage.empty() &&
+           (errorMessage.back() == '\r' || errorMessage.back() == '\n')) {
+      errorMessage.pop_back();
+    }
 
     return operation + " failed: " + errorMessage;
+    // guard destructor automatically calls LocalFree here
   }
 };
 

package/src/windows/fs_meta.h

@@ -3,7 +3,7 @@
 #pragma once
 #include "../common/volume_metadata.h"
 #include "../common/volume_mount_points.h"
-#include <windows.h> // for MAX_PATH
+#include "windows_arch.h"
 
 namespace FSMeta {
 

package/src/windows/hidden.cpp

@@ -1,36 +1,12 @@
 // src/windows/hidden.cpp
 #include "hidden.h"
+#include "../common/debug_log.h"
 #include "error_utils.h"
-#include <windows.h>
+#include "security_utils.h"
 
 namespace FSMeta {
 
 namespace {
-// Utility class for path conversion
-class PathConverter {
-public:
-  static std::wstring ToWString(const std::string &path) {
-    if (path.empty()) {
-      return std::wstring();
-    }
-
-    // Pre-calculate required buffer size
-    int wlen = MultiByteToWideChar(CP_UTF8, 0, path.c_str(),
-                                   static_cast<int>(path.length()), nullptr, 0);
-    if (wlen == 0) {
-      throw FSException("Path conversion", GetLastError());
-    }
-
-    // Reserve exact size needed
-    std::wstring wpath(wlen, 0);
-    if (!MultiByteToWideChar(CP_UTF8, 0, path.c_str(),
-                             static_cast<int>(path.length()), &wpath[0],
-                             wlen)) {
-      throw FSException("Path conversion", GetLastError());
-    }
-    return wpath;
-  }
-};
 
 // RAII wrapper for file attributes
 class FileAttributeHandler {
@@ -48,8 +24,9 @@ public:
   bool isHidden() const { return (attributes & FILE_ATTRIBUTE_HIDDEN) != 0; }
 
   void setHidden(bool value) {
-    DWORD newAttrs = value ? (attributes | FILE_ATTRIBUTE_HIDDEN)
-                           : (attributes & ~FILE_ATTRIBUTE_HIDDEN);
+    DWORD newAttrs =
+        value ? (attributes | static_cast<DWORD>(FILE_ATTRIBUTE_HIDDEN))
+              : (attributes & ~static_cast<DWORD>(FILE_ATTRIBUTE_HIDDEN));
 
     if (!SetFileAttributesW(path.c_str(), newAttrs)) {
       throw FSException("SetFileAttributes", GetLastError());
@@ -61,7 +38,7 @@ public:
 
 class GetHiddenWorker : public Napi::AsyncWorker {
   const std::string path;
-  bool result;
+  bool result = false;
   Napi::Promise::Deferred deferred;
 
 public:
@@ -70,28 +47,68 @@ public:
 
   void Execute() override {
     try {
-      // Add path validation to prevent directory traversal
-      if (path.find("..") != std::string::npos) {
-        throw FSException("Invalid path containing '..'",
+      // Debug: Log the input path
+      DEBUG_LOG("[GetHiddenWorker] Checking path: %s", path.c_str());
+
+      // Enhanced security validation
+      if (!SecurityUtils::IsPathSecure(path)) {
+        DEBUG_LOG("[GetHiddenWorker] Path failed security check: %s",
+                  path.c_str());
+        throw FSException("Security validation failed: invalid path",
                           ERROR_INVALID_PARAMETER);
       }
 
-      auto wpath = PathConverter::ToWString(path);
-      FileAttributeHandler handler(wpath);
-      result = handler.isHidden();
+      DEBUG_LOG("[GetHiddenWorker] Path passed security check");
+
+      auto wpath = SecurityUtils::SafeStringToWide(path);
+      DEBUG_LOG("[GetHiddenWorker] Converted to wide string");
+
+      // Check if file exists before checking attributes
+      DWORD attributes = GetFileAttributesW(wpath.c_str());
+      if (attributes == INVALID_FILE_ATTRIBUTES) {
+        DWORD error = GetLastError();
+        if (error == ERROR_FILE_NOT_FOUND || error == ERROR_PATH_NOT_FOUND) {
+          DEBUG_LOG("[GetHiddenWorker] File not found: %s", path.c_str());
+          result = false; // Non-existent files are not hidden
+          return;
+        }
+        // Other errors should throw
+        throw FSException("GetFileAttributes", error);
+      }
+
+      // Check if it's a root directory
+      bool isRoot =
+          (wpath.length() == 3 && wpath[1] == L':' && wpath[2] == L'\\');
+      if (isRoot) {
+        DEBUG_LOG(
+            "[GetHiddenWorker] Root directory detected: %s, attributes: 0x%X",
+            path.c_str(), attributes);
+        // Windows may report root directories as hidden/system, but we'll
+        // report the actual state The tests will need to be updated to reflect
+        // actual Windows behavior
+      }
+
+      result = (attributes & FILE_ATTRIBUTE_HIDDEN) != 0;
+      DEBUG_LOG("[GetHiddenWorker] Result: %s",
+                result ? "hidden" : "not hidden");
     } catch (const FSException &e) {
+      DEBUG_LOG("[GetHiddenWorker] Caught FSException: %s", e.what());
       SetError(e.what());
     } catch (const std::exception &e) {
+      DEBUG_LOG("[GetHiddenWorker] Caught std::exception: %s", e.what());
       SetError(std::string("Unexpected error: ") + e.what());
     }
   }
 
   void OnOK() override {
+    DEBUG_LOG("[GetHiddenWorker] OnOK called, result=%s",
+              result ? "true" : "false");
     Napi::HandleScope scope(Env());
     deferred.Resolve(Napi::Boolean::New(Env(), result));
   }
 
   void OnError(const Napi::Error &e) override {
+    DEBUG_LOG("[GetHiddenWorker] OnError called with: %s", e.Message().c_str());
     Napi::HandleScope scope(Env());
     deferred.Reject(e.Value());
   }
@@ -109,13 +126,13 @@ public:
 
   void Execute() override {
     try {
-      // Add path validation to prevent directory traversal
-      if (path.find("..") != std::string::npos) {
-        throw FSException("Invalid path containing '..'",
+      // Enhanced security validation
+      if (!SecurityUtils::IsPathSecure(path)) {
+        throw FSException("Security validation failed: invalid path",
                           ERROR_INVALID_PARAMETER);
       }
 
-      auto wpath = PathConverter::ToWString(path);
+      auto wpath = SecurityUtils::SafeStringToWide(path);
       FileAttributeHandler handler(wpath);
       handler.setHidden(value);
     } catch (const FSException &e) {
@@ -145,8 +162,8 @@ Napi::Promise GetHiddenAttribute(const Napi::CallbackInfo &info) {
       throw Napi::TypeError::New(env, "String path expected");
     }
 
-    std::string path = info[0].As<Napi::String>();
-    auto *worker = new GetHiddenWorker(env, std::move(path), deferred);
+    auto *worker = new GetHiddenWorker(
+        env, info[0].As<Napi::String>().Utf8Value(), deferred);
     worker->Queue();
 
     return deferred.Promise();
@@ -165,10 +182,10 @@ Napi::Promise SetHiddenAttribute(const Napi::CallbackInfo &info) {
       throw Napi::TypeError::New(env, "String path and boolean value expected");
     }
 
-    std::string path = info[0].As<Napi::String>();
     bool value = info[1].As<Napi::Boolean>();
 
-    auto *worker = new SetHiddenWorker(env, std::move(path), value, deferred);
+    auto *worker = new SetHiddenWorker(
+        env, info[0].As<Napi::String>().Utf8Value(), value, deferred);
     worker->Queue();
 
     return deferred.Promise();