shell.con commit cvsserver: cleanup extra slashes in filename arguments (1899cbc)
   1#include "cache.h"
   2#include "quote.h"
   3#include "exec_cmd.h"
   4#include "strbuf.h"
   5#include "run-command.h"
   6
   7#define COMMAND_DIR "git-shell-commands"
   8#define HELP_COMMAND COMMAND_DIR "/help"
   9
  10static int do_generic_cmd(const char *me, char *arg)
  11{
  12        const char *my_argv[4];
  13
  14        setup_path();
  15        if (!arg || !(arg = sq_dequote(arg)))
  16                die("bad argument");
  17        if (prefixcmp(me, "git-"))
  18                die("bad command");
  19
  20        my_argv[0] = me + 4;
  21        my_argv[1] = arg;
  22        my_argv[2] = NULL;
  23
  24        return execv_git_cmd(my_argv);
  25}
  26
  27static int do_cvs_cmd(const char *me, char *arg)
  28{
  29        const char *cvsserver_argv[3] = {
  30                "cvsserver", "server", NULL
  31        };
  32
  33        if (!arg || strcmp(arg, "server"))
  34                die("git-cvsserver only handles server: %s", arg);
  35
  36        setup_path();
  37        return execv_git_cmd(cvsserver_argv);
  38}
  39
  40static int is_valid_cmd_name(const char *cmd)
  41{
  42        /* Test command contains no . or / characters */
  43        return cmd[strcspn(cmd, "./")] == '\0';
  44}
  45
  46static char *make_cmd(const char *prog)
  47{
  48        char *prefix = xmalloc((strlen(prog) + strlen(COMMAND_DIR) + 2));
  49        strcpy(prefix, COMMAND_DIR);
  50        strcat(prefix, "/");
  51        strcat(prefix, prog);
  52        return prefix;
  53}
  54
  55static void cd_to_homedir(void)
  56{
  57        const char *home = getenv("HOME");
  58        if (!home)
  59                die("could not determine user's home directory; HOME is unset");
  60        if (chdir(home) == -1)
  61                die("could not chdir to user's home directory");
  62}
  63
  64static void run_shell(void)
  65{
  66        int done = 0;
  67        static const char *help_argv[] = { HELP_COMMAND, NULL };
  68        /* Print help if enabled */
  69        run_command_v_opt(help_argv, RUN_SILENT_EXEC_FAILURE);
  70
  71        do {
  72                struct strbuf line = STRBUF_INIT;
  73                const char *prog;
  74                char *full_cmd;
  75                char *rawargs;
  76                char *split_args;
  77                const char **argv;
  78                int code;
  79                int count;
  80
  81                fprintf(stderr, "git> ");
  82                if (strbuf_getline(&line, stdin, '\n') == EOF) {
  83                        fprintf(stderr, "\n");
  84                        strbuf_release(&line);
  85                        break;
  86                }
  87                strbuf_trim(&line);
  88                rawargs = strbuf_detach(&line, NULL);
  89                split_args = xstrdup(rawargs);
  90                count = split_cmdline(split_args, &argv);
  91                if (count < 0) {
  92                        fprintf(stderr, "invalid command format '%s': %s\n", rawargs,
  93                                split_cmdline_strerror(count));
  94                        free(split_args);
  95                        free(rawargs);
  96                        continue;
  97                }
  98
  99                prog = argv[0];
 100                if (!strcmp(prog, "")) {
 101                } else if (!strcmp(prog, "quit") || !strcmp(prog, "logout") ||
 102                           !strcmp(prog, "exit") || !strcmp(prog, "bye")) {
 103                        done = 1;
 104                } else if (is_valid_cmd_name(prog)) {
 105                        full_cmd = make_cmd(prog);
 106                        argv[0] = full_cmd;
 107                        code = run_command_v_opt(argv, RUN_SILENT_EXEC_FAILURE);
 108                        if (code == -1 && errno == ENOENT) {
 109                                fprintf(stderr, "unrecognized command '%s'\n", prog);
 110                        }
 111                        free(full_cmd);
 112                } else {
 113                        fprintf(stderr, "invalid command format '%s'\n", prog);
 114                }
 115
 116                free(argv);
 117                free(rawargs);
 118        } while (!done);
 119}
 120
 121static struct commands {
 122        const char *name;
 123        int (*exec)(const char *me, char *arg);
 124} cmd_list[] = {
 125        { "git-receive-pack", do_generic_cmd },
 126        { "git-upload-pack", do_generic_cmd },
 127        { "git-upload-archive", do_generic_cmd },
 128        { "cvs", do_cvs_cmd },
 129        { NULL },
 130};
 131
 132int main(int argc, char **argv)
 133{
 134        char *prog;
 135        const char **user_argv;
 136        struct commands *cmd;
 137        int devnull_fd;
 138        int count;
 139
 140        git_setup_gettext();
 141
 142        git_extract_argv0_path(argv[0]);
 143
 144        /*
 145         * Always open file descriptors 0/1/2 to avoid clobbering files
 146         * in die().  It also avoids not messing up when the pipes are
 147         * dup'ed onto stdin/stdout/stderr in the child processes we spawn.
 148         */
 149        devnull_fd = open("/dev/null", O_RDWR);
 150        while (devnull_fd >= 0 && devnull_fd <= 2)
 151                devnull_fd = dup(devnull_fd);
 152        if (devnull_fd == -1)
 153                die_errno("opening /dev/null failed");
 154        close (devnull_fd);
 155
 156        /*
 157         * Special hack to pretend to be a CVS server
 158         */
 159        if (argc == 2 && !strcmp(argv[1], "cvs server")) {
 160                argv--;
 161        } else if (argc == 1) {
 162                /* Allow the user to run an interactive shell */
 163                cd_to_homedir();
 164                if (access(COMMAND_DIR, R_OK | X_OK) == -1) {
 165                        die("Interactive git shell is not enabled.\n"
 166                            "hint: ~/" COMMAND_DIR " should exist "
 167                            "and have read and execute access.");
 168                }
 169                run_shell();
 170                exit(0);
 171        } else if (argc != 3 || strcmp(argv[1], "-c")) {
 172                /*
 173                 * We do not accept any other modes except "-c" followed by
 174                 * "cmd arg", where "cmd" is a very limited subset of git
 175                 * commands or a command in the COMMAND_DIR
 176                 */
 177                die("Run with no arguments or with -c cmd");
 178        }
 179
 180        prog = xstrdup(argv[2]);
 181        if (!strncmp(prog, "git", 3) && isspace(prog[3]))
 182                /* Accept "git foo" as if the caller said "git-foo". */
 183                prog[3] = '-';
 184
 185        for (cmd = cmd_list ; cmd->name ; cmd++) {
 186                int len = strlen(cmd->name);
 187                char *arg;
 188                if (strncmp(cmd->name, prog, len))
 189                        continue;
 190                arg = NULL;
 191                switch (prog[len]) {
 192                case '\0':
 193                        arg = NULL;
 194                        break;
 195                case ' ':
 196                        arg = prog + len + 1;
 197                        break;
 198                default:
 199                        continue;
 200                }
 201                exit(cmd->exec(cmd->name, arg));
 202        }
 203
 204        cd_to_homedir();
 205        count = split_cmdline(prog, &user_argv);
 206        if (count >= 0) {
 207                if (is_valid_cmd_name(user_argv[0])) {
 208                        prog = make_cmd(user_argv[0]);
 209                        user_argv[0] = prog;
 210                        execv(user_argv[0], (char *const *) user_argv);
 211                }
 212                free(prog);
 213                free(user_argv);
 214                die("unrecognized command '%s'", argv[2]);
 215        } else {
 216                free(prog);
 217                die("invalid command format '%s': %s", argv[2],
 218                    split_cmdline_strerror(count));
 219        }
 220}