setup.con commit receive-pack: allow using --strict mode for unpacking objects (20dc001)
   1#include "cache.h"
   2#include "dir.h"
   3
   4static int inside_git_dir = -1;
   5static int inside_work_tree = -1;
   6
   7static int sanitary_path_copy(char *dst, const char *src)
   8{
   9        char *dst0 = dst;
  10
  11        if (*src == '/') {
  12                *dst++ = '/';
  13                while (*src == '/')
  14                        src++;
  15        }
  16
  17        for (;;) {
  18                char c = *src;
  19
  20                /*
  21                 * A path component that begins with . could be
  22                 * special:
  23                 * (1) "." and ends   -- ignore and terminate.
  24                 * (2) "./"           -- ignore them, eat slash and continue.
  25                 * (3) ".." and ends  -- strip one and terminate.
  26                 * (4) "../"          -- strip one, eat slash and continue.
  27                 */
  28                if (c == '.') {
  29                        switch (src[1]) {
  30                        case '\0':
  31                                /* (1) */
  32                                src++;
  33                                break;
  34                        case '/':
  35                                /* (2) */
  36                                src += 2;
  37                                while (*src == '/')
  38                                        src++;
  39                                continue;
  40                        case '.':
  41                                switch (src[2]) {
  42                                case '\0':
  43                                        /* (3) */
  44                                        src += 2;
  45                                        goto up_one;
  46                                case '/':
  47                                        /* (4) */
  48                                        src += 3;
  49                                        while (*src == '/')
  50                                                src++;
  51                                        goto up_one;
  52                                }
  53                        }
  54                }
  55
  56                /* copy up to the next '/', and eat all '/' */
  57                while ((c = *src++) != '\0' && c != '/')
  58                        *dst++ = c;
  59                if (c == '/') {
  60                        *dst++ = c;
  61                        while (c == '/')
  62                                c = *src++;
  63                        src--;
  64                } else if (!c)
  65                        break;
  66                continue;
  67
  68        up_one:
  69                /*
  70                 * dst0..dst is prefix portion, and dst[-1] is '/';
  71                 * go up one level.
  72                 */
  73                dst -= 2; /* go past trailing '/' if any */
  74                if (dst < dst0)
  75                        return -1;
  76                while (1) {
  77                        if (dst <= dst0)
  78                                break;
  79                        c = *dst--;
  80                        if (c == '/') {
  81                                dst += 2;
  82                                break;
  83                        }
  84                }
  85        }
  86        *dst = '\0';
  87        return 0;
  88}
  89
  90const char *prefix_path(const char *prefix, int len, const char *path)
  91{
  92        const char *orig = path;
  93        char *sanitized = xmalloc(len + strlen(path) + 1);
  94        if (is_absolute_path(orig))
  95                strcpy(sanitized, path);
  96        else {
  97                if (len)
  98                        memcpy(sanitized, prefix, len);
  99                strcpy(sanitized + len, path);
 100        }
 101        if (sanitary_path_copy(sanitized, sanitized))
 102                goto error_out;
 103        if (is_absolute_path(orig)) {
 104                const char *work_tree = get_git_work_tree();
 105                size_t len = strlen(work_tree);
 106                size_t total = strlen(sanitized) + 1;
 107                if (strncmp(sanitized, work_tree, len) ||
 108                    (sanitized[len] != '\0' && sanitized[len] != '/')) {
 109                error_out:
 110                        error("'%s' is outside repository", orig);
 111                        free(sanitized);
 112                        return NULL;
 113                }
 114                if (sanitized[len] == '/')
 115                        len++;
 116                memmove(sanitized, sanitized + len, total - len);
 117        }
 118        return sanitized;
 119}
 120
 121/*
 122 * Unlike prefix_path, this should be used if the named file does
 123 * not have to interact with index entry; i.e. name of a random file
 124 * on the filesystem.
 125 */
 126const char *prefix_filename(const char *pfx, int pfx_len, const char *arg)
 127{
 128        static char path[PATH_MAX];
 129        if (!pfx || !*pfx || is_absolute_path(arg))
 130                return arg;
 131        memcpy(path, pfx, pfx_len);
 132        strcpy(path + pfx_len, arg);
 133        return path;
 134}
 135
 136/*
 137 * Verify a filename that we got as an argument for a pathspec
 138 * entry. Note that a filename that begins with "-" never verifies
 139 * as true, because even if such a filename were to exist, we want
 140 * it to be preceded by the "--" marker (or we want the user to
 141 * use a format like "./-filename")
 142 */
 143void verify_filename(const char *prefix, const char *arg)
 144{
 145        const char *name;
 146        struct stat st;
 147
 148        if (*arg == '-')
 149                die("bad flag '%s' used after filename", arg);
 150        name = prefix ? prefix_filename(prefix, strlen(prefix), arg) : arg;
 151        if (!lstat(name, &st))
 152                return;
 153        if (errno == ENOENT)
 154                die("ambiguous argument '%s': unknown revision or path not in the working tree.\n"
 155                    "Use '--' to separate paths from revisions", arg);
 156        die("'%s': %s", arg, strerror(errno));
 157}
 158
 159/*
 160 * Opposite of the above: the command line did not have -- marker
 161 * and we parsed the arg as a refname.  It should not be interpretable
 162 * as a filename.
 163 */
 164void verify_non_filename(const char *prefix, const char *arg)
 165{
 166        const char *name;
 167        struct stat st;
 168
 169        if (!is_inside_work_tree() || is_inside_git_dir())
 170                return;
 171        if (*arg == '-')
 172                return; /* flag */
 173        name = prefix ? prefix_filename(prefix, strlen(prefix), arg) : arg;
 174        if (!lstat(name, &st))
 175                die("ambiguous argument '%s': both revision and filename\n"
 176                    "Use '--' to separate filenames from revisions", arg);
 177        if (errno != ENOENT && errno != ENOTDIR)
 178                die("'%s': %s", arg, strerror(errno));
 179}
 180
 181const char **get_pathspec(const char *prefix, const char **pathspec)
 182{
 183        const char *entry = *pathspec;
 184        const char **src, **dst;
 185        int prefixlen;
 186
 187        if (!prefix && !entry)
 188                return NULL;
 189
 190        if (!entry) {
 191                static const char *spec[2];
 192                spec[0] = prefix;
 193                spec[1] = NULL;
 194                return spec;
 195        }
 196
 197        /* Otherwise we have to re-write the entries.. */
 198        src = pathspec;
 199        dst = pathspec;
 200        prefixlen = prefix ? strlen(prefix) : 0;
 201        while (*src) {
 202                const char *p = prefix_path(prefix, prefixlen, *src);
 203                if (p)
 204                        *(dst++) = p;
 205                src++;
 206        }
 207        *dst = NULL;
 208        if (!*pathspec)
 209                return NULL;
 210        return pathspec;
 211}
 212
 213/*
 214 * Test if it looks like we're at a git directory.
 215 * We want to see:
 216 *
 217 *  - either an objects/ directory _or_ the proper
 218 *    GIT_OBJECT_DIRECTORY environment variable
 219 *  - a refs/ directory
 220 *  - either a HEAD symlink or a HEAD file that is formatted as
 221 *    a proper "ref:", or a regular file HEAD that has a properly
 222 *    formatted sha1 object name.
 223 */
 224static int is_git_directory(const char *suspect)
 225{
 226        char path[PATH_MAX];
 227        size_t len = strlen(suspect);
 228
 229        strcpy(path, suspect);
 230        if (getenv(DB_ENVIRONMENT)) {
 231                if (access(getenv(DB_ENVIRONMENT), X_OK))
 232                        return 0;
 233        }
 234        else {
 235                strcpy(path + len, "/objects");
 236                if (access(path, X_OK))
 237                        return 0;
 238        }
 239
 240        strcpy(path + len, "/refs");
 241        if (access(path, X_OK))
 242                return 0;
 243
 244        strcpy(path + len, "/HEAD");
 245        if (validate_headref(path))
 246                return 0;
 247
 248        return 1;
 249}
 250
 251int is_inside_git_dir(void)
 252{
 253        if (inside_git_dir < 0)
 254                inside_git_dir = is_inside_dir(get_git_dir());
 255        return inside_git_dir;
 256}
 257
 258int is_inside_work_tree(void)
 259{
 260        if (inside_work_tree < 0)
 261                inside_work_tree = is_inside_dir(get_git_work_tree());
 262        return inside_work_tree;
 263}
 264
 265/*
 266 * set_work_tree() is only ever called if you set GIT_DIR explicitely.
 267 * The old behaviour (which we retain here) is to set the work tree root
 268 * to the cwd, unless overridden by the config, the command line, or
 269 * GIT_WORK_TREE.
 270 */
 271static const char *set_work_tree(const char *dir)
 272{
 273        char buffer[PATH_MAX + 1];
 274
 275        if (!getcwd(buffer, sizeof(buffer)))
 276                die ("Could not get the current working directory");
 277        git_work_tree_cfg = xstrdup(buffer);
 278        inside_work_tree = 1;
 279
 280        return NULL;
 281}
 282
 283void setup_work_tree(void)
 284{
 285        const char *work_tree, *git_dir;
 286        static int initialized = 0;
 287
 288        if (initialized)
 289                return;
 290        work_tree = get_git_work_tree();
 291        git_dir = get_git_dir();
 292        if (!is_absolute_path(git_dir))
 293                set_git_dir(make_absolute_path(git_dir));
 294        if (!work_tree || chdir(work_tree))
 295                die("This operation must be run in a work tree");
 296        initialized = 1;
 297}
 298
 299static int check_repository_format_gently(int *nongit_ok)
 300{
 301        git_config(check_repository_format_version);
 302        if (GIT_REPO_VERSION < repository_format_version) {
 303                if (!nongit_ok)
 304                        die ("Expected git repo version <= %d, found %d",
 305                             GIT_REPO_VERSION, repository_format_version);
 306                warning("Expected git repo version <= %d, found %d",
 307                        GIT_REPO_VERSION, repository_format_version);
 308                warning("Please upgrade Git");
 309                *nongit_ok = -1;
 310                return -1;
 311        }
 312        return 0;
 313}
 314
 315/*
 316 * We cannot decide in this function whether we are in the work tree or
 317 * not, since the config can only be read _after_ this function was called.
 318 */
 319const char *setup_git_directory_gently(int *nongit_ok)
 320{
 321        const char *work_tree_env = getenv(GIT_WORK_TREE_ENVIRONMENT);
 322        static char cwd[PATH_MAX+1];
 323        const char *gitdirenv;
 324        int len, offset;
 325
 326        /*
 327         * If GIT_DIR is set explicitly, we're not going
 328         * to do any discovery, but we still do repository
 329         * validation.
 330         */
 331        gitdirenv = getenv(GIT_DIR_ENVIRONMENT);
 332        if (gitdirenv) {
 333                if (PATH_MAX - 40 < strlen(gitdirenv))
 334                        die("'$%s' too big", GIT_DIR_ENVIRONMENT);
 335                if (is_git_directory(gitdirenv)) {
 336                        static char buffer[1024 + 1];
 337                        const char *retval;
 338
 339                        if (!work_tree_env) {
 340                                retval = set_work_tree(gitdirenv);
 341                                /* config may override worktree */
 342                                if (check_repository_format_gently(nongit_ok))
 343                                        return NULL;
 344                                return retval;
 345                        }
 346                        if (check_repository_format_gently(nongit_ok))
 347                                return NULL;
 348                        retval = get_relative_cwd(buffer, sizeof(buffer) - 1,
 349                                        get_git_work_tree());
 350                        if (!retval || !*retval)
 351                                return NULL;
 352                        set_git_dir(make_absolute_path(gitdirenv));
 353                        if (chdir(work_tree_env) < 0)
 354                                die ("Could not chdir to %s", work_tree_env);
 355                        strcat(buffer, "/");
 356                        return retval;
 357                }
 358                if (nongit_ok) {
 359                        *nongit_ok = 1;
 360                        return NULL;
 361                }
 362                die("Not a git repository: '%s'", gitdirenv);
 363        }
 364
 365        if (!getcwd(cwd, sizeof(cwd)-1))
 366                die("Unable to read current working directory");
 367
 368        /*
 369         * Test in the following order (relative to the cwd):
 370         * - .git/
 371         * - ./ (bare)
 372         * - ../.git/
 373         * - ../ (bare)
 374         * - ../../.git/
 375         *   etc.
 376         */
 377        offset = len = strlen(cwd);
 378        for (;;) {
 379                if (is_git_directory(DEFAULT_GIT_DIR_ENVIRONMENT))
 380                        break;
 381                if (is_git_directory(".")) {
 382                        inside_git_dir = 1;
 383                        if (!work_tree_env)
 384                                inside_work_tree = 0;
 385                        setenv(GIT_DIR_ENVIRONMENT, ".", 1);
 386                        check_repository_format_gently(nongit_ok);
 387                        return NULL;
 388                }
 389                chdir("..");
 390                do {
 391                        if (!offset) {
 392                                if (nongit_ok) {
 393                                        if (chdir(cwd))
 394                                                die("Cannot come back to cwd");
 395                                        *nongit_ok = 1;
 396                                        return NULL;
 397                                }
 398                                die("Not a git repository");
 399                        }
 400                } while (cwd[--offset] != '/');
 401        }
 402
 403        inside_git_dir = 0;
 404        if (!work_tree_env)
 405                inside_work_tree = 1;
 406        git_work_tree_cfg = xstrndup(cwd, offset);
 407        if (check_repository_format_gently(nongit_ok))
 408                return NULL;
 409        if (offset == len)
 410                return NULL;
 411
 412        /* Make "offset" point to past the '/', and add a '/' at the end */
 413        offset++;
 414        cwd[len++] = '/';
 415        cwd[len] = 0;
 416        return cwd + offset;
 417}
 418
 419int git_config_perm(const char *var, const char *value)
 420{
 421        if (value) {
 422                int i;
 423                if (!strcmp(value, "umask"))
 424                        return PERM_UMASK;
 425                if (!strcmp(value, "group"))
 426                        return PERM_GROUP;
 427                if (!strcmp(value, "all") ||
 428                    !strcmp(value, "world") ||
 429                    !strcmp(value, "everybody"))
 430                        return PERM_EVERYBODY;
 431                i = atoi(value);
 432                if (i > 1)
 433                        return i;
 434        }
 435        return git_config_bool(var, value);
 436}
 437
 438int check_repository_format_version(const char *var, const char *value)
 439{
 440        if (strcmp(var, "core.repositoryformatversion") == 0)
 441                repository_format_version = git_config_int(var, value);
 442        else if (strcmp(var, "core.sharedrepository") == 0)
 443                shared_repository = git_config_perm(var, value);
 444        else if (strcmp(var, "core.bare") == 0) {
 445                is_bare_repository_cfg = git_config_bool(var, value);
 446                if (is_bare_repository_cfg == 1)
 447                        inside_work_tree = -1;
 448        } else if (strcmp(var, "core.worktree") == 0) {
 449                if (!value)
 450                        return config_error_nonbool(var);
 451                free(git_work_tree_cfg);
 452                git_work_tree_cfg = xstrdup(value);
 453                inside_work_tree = -1;
 454        }
 455        return 0;
 456}
 457
 458int check_repository_format(void)
 459{
 460        return check_repository_format_gently(NULL);
 461}
 462
 463const char *setup_git_directory(void)
 464{
 465        const char *retval = setup_git_directory_gently(NULL);
 466
 467        /* If the work tree is not the default one, recompute prefix */
 468        if (inside_work_tree < 0) {
 469                static char buffer[PATH_MAX + 1];
 470                char *rel;
 471                if (retval && chdir(retval))
 472                        die ("Could not jump back into original cwd");
 473                rel = get_relative_cwd(buffer, PATH_MAX, get_git_work_tree());
 474                return rel && *rel ? strcat(rel, "/") : NULL;
 475        }
 476
 477        return retval;
 478}