vcs-svn / svndump.con commit upload-pack: simplify request validation (3f1da57)
   1/*
   2 * Parse and rearrange a svnadmin dump.
   3 * Create the dump with:
   4 * svnadmin dump --incremental -r<startrev>:<endrev> <repository> >outfile
   5 *
   6 * Licensed under a two-clause BSD-style license.
   7 * See LICENSE for details.
   8 */
   9
  10#include "cache.h"
  11#include "repo_tree.h"
  12#include "fast_export.h"
  13#include "line_buffer.h"
  14#include "strbuf.h"
  15#include "svndump.h"
  16
  17/*
  18 * Compare start of string to literal of equal length;
  19 * must be guarded by length test.
  20 */
  21#define constcmp(s, ref) memcmp(s, ref, sizeof(ref) - 1)
  22
  23#define REPORT_FILENO 3
  24
  25#define NODEACT_REPLACE 4
  26#define NODEACT_DELETE 3
  27#define NODEACT_ADD 2
  28#define NODEACT_CHANGE 1
  29#define NODEACT_UNKNOWN 0
  30
  31/* States: */
  32#define DUMP_CTX 0      /* dump metadata */
  33#define REV_CTX  1      /* revision metadata */
  34#define NODE_CTX 2      /* node metadata */
  35#define INTERNODE_CTX 3 /* between nodes */
  36
  37#define DATE_RFC2822_LEN 31
  38
  39static struct line_buffer input = LINE_BUFFER_INIT;
  40
  41static struct {
  42        uint32_t action, srcRev, type;
  43        off_t prop_length, text_length;
  44        struct strbuf src, dst;
  45        uint32_t text_delta, prop_delta;
  46} node_ctx;
  47
  48static struct {
  49        uint32_t revision;
  50        unsigned long timestamp;
  51        struct strbuf log, author, note;
  52} rev_ctx;
  53
  54static struct {
  55        uint32_t version;
  56        struct strbuf uuid, url;
  57} dump_ctx;
  58
  59static void reset_node_ctx(char *fname)
  60{
  61        node_ctx.type = 0;
  62        node_ctx.action = NODEACT_UNKNOWN;
  63        node_ctx.prop_length = -1;
  64        node_ctx.text_length = -1;
  65        strbuf_reset(&node_ctx.src);
  66        node_ctx.srcRev = 0;
  67        strbuf_reset(&node_ctx.dst);
  68        if (fname)
  69                strbuf_addstr(&node_ctx.dst, fname);
  70        node_ctx.text_delta = 0;
  71        node_ctx.prop_delta = 0;
  72}
  73
  74static void reset_rev_ctx(uint32_t revision)
  75{
  76        rev_ctx.revision = revision;
  77        rev_ctx.timestamp = 0;
  78        strbuf_reset(&rev_ctx.log);
  79        strbuf_reset(&rev_ctx.author);
  80        strbuf_reset(&rev_ctx.note);
  81}
  82
  83static void reset_dump_ctx(const char *url)
  84{
  85        strbuf_reset(&dump_ctx.url);
  86        if (url)
  87                strbuf_addstr(&dump_ctx.url, url);
  88        dump_ctx.version = 1;
  89        strbuf_reset(&dump_ctx.uuid);
  90}
  91
  92static void handle_property(const struct strbuf *key_buf,
  93                                struct strbuf *val,
  94                                uint32_t *type_set)
  95{
  96        const char *key = key_buf->buf;
  97        size_t keylen = key_buf->len;
  98
  99        switch (keylen + 1) {
 100        case sizeof("svn:log"):
 101                if (constcmp(key, "svn:log"))
 102                        break;
 103                if (!val)
 104                        die("invalid dump: unsets svn:log");
 105                strbuf_swap(&rev_ctx.log, val);
 106                break;
 107        case sizeof("svn:author"):
 108                if (constcmp(key, "svn:author"))
 109                        break;
 110                if (!val)
 111                        strbuf_reset(&rev_ctx.author);
 112                else
 113                        strbuf_swap(&rev_ctx.author, val);
 114                break;
 115        case sizeof("svn:date"):
 116                if (constcmp(key, "svn:date"))
 117                        break;
 118                if (!val)
 119                        die("invalid dump: unsets svn:date");
 120                if (parse_date_basic(val->buf, &rev_ctx.timestamp, NULL))
 121                        warning("invalid timestamp: %s", val->buf);
 122                break;
 123        case sizeof("svn:executable"):
 124        case sizeof("svn:special"):
 125                if (keylen == strlen("svn:executable") &&
 126                    constcmp(key, "svn:executable"))
 127                        break;
 128                if (keylen == strlen("svn:special") &&
 129                    constcmp(key, "svn:special"))
 130                        break;
 131                if (*type_set) {
 132                        if (!val)
 133                                return;
 134                        die("invalid dump: sets type twice");
 135                }
 136                if (!val) {
 137                        node_ctx.type = REPO_MODE_BLB;
 138                        return;
 139                }
 140                *type_set = 1;
 141                node_ctx.type = keylen == strlen("svn:executable") ?
 142                                REPO_MODE_EXE :
 143                                REPO_MODE_LNK;
 144        }
 145}
 146
 147static void die_short_read(void)
 148{
 149        if (buffer_ferror(&input))
 150                die_errno("error reading dump file");
 151        die("invalid dump: unexpected end of file");
 152}
 153
 154static void read_props(void)
 155{
 156        static struct strbuf key = STRBUF_INIT;
 157        static struct strbuf val = STRBUF_INIT;
 158        const char *t;
 159        /*
 160         * NEEDSWORK: to support simple mode changes like
 161         *      K 11
 162         *      svn:special
 163         *      V 1
 164         *      *
 165         *      D 14
 166         *      svn:executable
 167         * we keep track of whether a mode has been set and reset to
 168         * plain file only if not.  We should be keeping track of the
 169         * symlink and executable bits separately instead.
 170         */
 171        uint32_t type_set = 0;
 172        while ((t = buffer_read_line(&input)) && strcmp(t, "PROPS-END")) {
 173                uint32_t len;
 174                const char type = t[0];
 175                int ch;
 176
 177                if (!type || t[1] != ' ')
 178                        die("invalid property line: %s", t);
 179                len = atoi(&t[2]);
 180                strbuf_reset(&val);
 181                buffer_read_binary(&input, &val, len);
 182                if (val.len < len)
 183                        die_short_read();
 184
 185                /* Discard trailing newline. */
 186                ch = buffer_read_char(&input);
 187                if (ch == EOF)
 188                        die_short_read();
 189                if (ch != '\n')
 190                        die("invalid dump: expected newline after %s", val.buf);
 191
 192                switch (type) {
 193                case 'K':
 194                        strbuf_swap(&key, &val);
 195                        continue;
 196                case 'D':
 197                        handle_property(&val, NULL, &type_set);
 198                        continue;
 199                case 'V':
 200                        handle_property(&key, &val, &type_set);
 201                        strbuf_reset(&key);
 202                        continue;
 203                default:
 204                        die("invalid property line: %s", t);
 205                }
 206        }
 207}
 208
 209static void handle_node(void)
 210{
 211        const uint32_t type = node_ctx.type;
 212        const int have_props = node_ctx.prop_length != -1;
 213        const int have_text = node_ctx.text_length != -1;
 214        /*
 215         * Old text for this node:
 216         *  NULL        - directory or bug
 217         *  empty_blob  - empty
 218         *  "<dataref>" - data retrievable from fast-import
 219         */
 220        static const char *const empty_blob = "::empty::";
 221        const char *old_data = NULL;
 222        uint32_t old_mode = REPO_MODE_BLB;
 223
 224        if (node_ctx.action == NODEACT_DELETE) {
 225                if (have_text || have_props || node_ctx.srcRev)
 226                        die("invalid dump: deletion node has "
 227                                "copyfrom info, text, or properties");
 228                repo_delete(node_ctx.dst.buf);
 229                return;
 230        }
 231        if (node_ctx.action == NODEACT_REPLACE) {
 232                repo_delete(node_ctx.dst.buf);
 233                node_ctx.action = NODEACT_ADD;
 234        }
 235        if (node_ctx.srcRev) {
 236                repo_copy(node_ctx.srcRev, node_ctx.src.buf, node_ctx.dst.buf);
 237                if (node_ctx.action == NODEACT_ADD)
 238                        node_ctx.action = NODEACT_CHANGE;
 239        }
 240        if (have_text && type == REPO_MODE_DIR)
 241                die("invalid dump: directories cannot have text attached");
 242
 243        /*
 244         * Find old content (old_data) and decide on the new mode.
 245         */
 246        if (node_ctx.action == NODEACT_CHANGE && !*node_ctx.dst.buf) {
 247                if (type != REPO_MODE_DIR)
 248                        die("invalid dump: root of tree is not a regular file");
 249                old_data = NULL;
 250        } else if (node_ctx.action == NODEACT_CHANGE) {
 251                uint32_t mode;
 252                old_data = repo_read_path(node_ctx.dst.buf, &mode);
 253                if (mode == REPO_MODE_DIR && type != REPO_MODE_DIR)
 254                        die("invalid dump: cannot modify a directory into a file");
 255                if (mode != REPO_MODE_DIR && type == REPO_MODE_DIR)
 256                        die("invalid dump: cannot modify a file into a directory");
 257                node_ctx.type = mode;
 258                old_mode = mode;
 259        } else if (node_ctx.action == NODEACT_ADD) {
 260                if (type == REPO_MODE_DIR)
 261                        old_data = NULL;
 262                else if (have_text)
 263                        old_data = empty_blob;
 264                else
 265                        die("invalid dump: adds node without text");
 266        } else {
 267                die("invalid dump: Node-path block lacks Node-action");
 268        }
 269
 270        /*
 271         * Adjust mode to reflect properties.
 272         */
 273        if (have_props) {
 274                if (!node_ctx.prop_delta)
 275                        node_ctx.type = type;
 276                if (node_ctx.prop_length)
 277                        read_props();
 278        }
 279
 280        /*
 281         * Save the result.
 282         */
 283        if (type == REPO_MODE_DIR)      /* directories are not tracked. */
 284                return;
 285        assert(old_data);
 286        if (old_data == empty_blob)
 287                /* For the fast_export_* functions, NULL means empty. */
 288                old_data = NULL;
 289        if (!have_text) {
 290                fast_export_modify(node_ctx.dst.buf, node_ctx.type, old_data);
 291                return;
 292        }
 293        if (!node_ctx.text_delta) {
 294                fast_export_modify(node_ctx.dst.buf, node_ctx.type, "inline");
 295                fast_export_data(node_ctx.type, node_ctx.text_length, &input);
 296                return;
 297        }
 298        fast_export_modify(node_ctx.dst.buf, node_ctx.type, "inline");
 299        fast_export_blob_delta(node_ctx.type, old_mode, old_data,
 300                                node_ctx.text_length, &input);
 301}
 302
 303static void begin_revision(const char *remote_ref)
 304{
 305        if (!rev_ctx.revision)  /* revision 0 gets no git commit. */
 306                return;
 307        fast_export_begin_commit(rev_ctx.revision, rev_ctx.author.buf,
 308                &rev_ctx.log, dump_ctx.uuid.buf, dump_ctx.url.buf,
 309                rev_ctx.timestamp, remote_ref);
 310}
 311
 312static void end_revision(const char *note_ref)
 313{
 314        struct strbuf mark = STRBUF_INIT;
 315        if (rev_ctx.revision) {
 316                fast_export_end_commit(rev_ctx.revision);
 317                fast_export_begin_note(rev_ctx.revision, "remote-svn",
 318                                "Note created by remote-svn.", rev_ctx.timestamp, note_ref);
 319                strbuf_addf(&mark, ":%"PRIu32, rev_ctx.revision);
 320                fast_export_note(mark.buf, "inline");
 321                fast_export_buf_to_data(&rev_ctx.note);
 322        }
 323}
 324
 325void svndump_read(const char *url, const char *local_ref, const char *notes_ref)
 326{
 327        char *val;
 328        char *t;
 329        uint32_t active_ctx = DUMP_CTX;
 330        uint32_t len;
 331
 332        reset_dump_ctx(url);
 333        while ((t = buffer_read_line(&input))) {
 334                val = strchr(t, ':');
 335                if (!val)
 336                        continue;
 337                val++;
 338                if (*val != ' ')
 339                        continue;
 340                val++;
 341
 342                /* strlen(key) + 1 */
 343                switch (val - t - 1) {
 344                case sizeof("SVN-fs-dump-format-version"):
 345                        if (constcmp(t, "SVN-fs-dump-format-version"))
 346                                continue;
 347                        dump_ctx.version = atoi(val);
 348                        if (dump_ctx.version > 3)
 349                                die("expected svn dump format version <= 3, found %"PRIu32,
 350                                    dump_ctx.version);
 351                        break;
 352                case sizeof("UUID"):
 353                        if (constcmp(t, "UUID"))
 354                                continue;
 355                        strbuf_reset(&dump_ctx.uuid);
 356                        strbuf_addstr(&dump_ctx.uuid, val);
 357                        break;
 358                case sizeof("Revision-number"):
 359                        if (constcmp(t, "Revision-number"))
 360                                continue;
 361                        if (active_ctx == NODE_CTX)
 362                                handle_node();
 363                        if (active_ctx == REV_CTX)
 364                                begin_revision(local_ref);
 365                        if (active_ctx != DUMP_CTX)
 366                                end_revision(notes_ref);
 367                        active_ctx = REV_CTX;
 368                        reset_rev_ctx(atoi(val));
 369                        strbuf_addf(&rev_ctx.note, "%s\n", t);
 370                        break;
 371                case sizeof("Node-path"):
 372                        if (constcmp(t, "Node-"))
 373                                continue;
 374                        if (!constcmp(t + strlen("Node-"), "path")) {
 375                                if (active_ctx == NODE_CTX)
 376                                        handle_node();
 377                                if (active_ctx == REV_CTX)
 378                                        begin_revision(local_ref);
 379                                active_ctx = NODE_CTX;
 380                                reset_node_ctx(val);
 381                                strbuf_addf(&rev_ctx.note, "%s\n", t);
 382                                break;
 383                        }
 384                        if (constcmp(t + strlen("Node-"), "kind"))
 385                                continue;
 386                        strbuf_addf(&rev_ctx.note, "%s\n", t);
 387                        if (!strcmp(val, "dir"))
 388                                node_ctx.type = REPO_MODE_DIR;
 389                        else if (!strcmp(val, "file"))
 390                                node_ctx.type = REPO_MODE_BLB;
 391                        else
 392                                fprintf(stderr, "Unknown node-kind: %s\n", val);
 393                        break;
 394                case sizeof("Node-action"):
 395                        if (constcmp(t, "Node-action"))
 396                                continue;
 397                        strbuf_addf(&rev_ctx.note, "%s\n", t);
 398                        if (!strcmp(val, "delete")) {
 399                                node_ctx.action = NODEACT_DELETE;
 400                        } else if (!strcmp(val, "add")) {
 401                                node_ctx.action = NODEACT_ADD;
 402                        } else if (!strcmp(val, "change")) {
 403                                node_ctx.action = NODEACT_CHANGE;
 404                        } else if (!strcmp(val, "replace")) {
 405                                node_ctx.action = NODEACT_REPLACE;
 406                        } else {
 407                                fprintf(stderr, "Unknown node-action: %s\n", val);
 408                                node_ctx.action = NODEACT_UNKNOWN;
 409                        }
 410                        break;
 411                case sizeof("Node-copyfrom-path"):
 412                        if (constcmp(t, "Node-copyfrom-path"))
 413                                continue;
 414                        strbuf_reset(&node_ctx.src);
 415                        strbuf_addstr(&node_ctx.src, val);
 416                        strbuf_addf(&rev_ctx.note, "%s\n", t);
 417                        break;
 418                case sizeof("Node-copyfrom-rev"):
 419                        if (constcmp(t, "Node-copyfrom-rev"))
 420                                continue;
 421                        node_ctx.srcRev = atoi(val);
 422                        strbuf_addf(&rev_ctx.note, "%s\n", t);
 423                        break;
 424                case sizeof("Text-content-length"):
 425                        if (constcmp(t, "Text") && constcmp(t, "Prop"))
 426                                continue;
 427                        if (constcmp(t + 4, "-content-length"))
 428                                continue;
 429                        {
 430                                char *end;
 431                                uintmax_t len;
 432
 433                                len = strtoumax(val, &end, 10);
 434                                if (!isdigit(*val) || *end)
 435                                        die("invalid dump: non-numeric length %s", val);
 436                                if (len > maximum_signed_value_of_type(off_t))
 437                                        die("unrepresentable length in dump: %s", val);
 438
 439                                if (*t == 'T')
 440                                        node_ctx.text_length = (off_t) len;
 441                                else
 442                                        node_ctx.prop_length = (off_t) len;
 443                                break;
 444                        }
 445                case sizeof("Text-delta"):
 446                        if (!constcmp(t, "Text-delta")) {
 447                                node_ctx.text_delta = !strcmp(val, "true");
 448                                break;
 449                        }
 450                        if (constcmp(t, "Prop-delta"))
 451                                continue;
 452                        node_ctx.prop_delta = !strcmp(val, "true");
 453                        break;
 454                case sizeof("Content-length"):
 455                        if (constcmp(t, "Content-length"))
 456                                continue;
 457                        len = atoi(val);
 458                        t = buffer_read_line(&input);
 459                        if (!t)
 460                                die_short_read();
 461                        if (*t)
 462                                die("invalid dump: expected blank line after content length header");
 463                        if (active_ctx == REV_CTX) {
 464                                read_props();
 465                        } else if (active_ctx == NODE_CTX) {
 466                                handle_node();
 467                                active_ctx = INTERNODE_CTX;
 468                        } else {
 469                                fprintf(stderr, "Unexpected content length header: %"PRIu32"\n", len);
 470                                if (buffer_skip_bytes(&input, len) != len)
 471                                        die_short_read();
 472                        }
 473                }
 474        }
 475        if (buffer_ferror(&input))
 476                die_short_read();
 477        if (active_ctx == NODE_CTX)
 478                handle_node();
 479        if (active_ctx == REV_CTX)
 480                begin_revision(local_ref);
 481        if (active_ctx != DUMP_CTX)
 482                end_revision(notes_ref);
 483}
 484
 485static void init(int report_fd)
 486{
 487        fast_export_init(report_fd);
 488        strbuf_init(&dump_ctx.uuid, 4096);
 489        strbuf_init(&dump_ctx.url, 4096);
 490        strbuf_init(&rev_ctx.log, 4096);
 491        strbuf_init(&rev_ctx.author, 4096);
 492        strbuf_init(&rev_ctx.note, 4096);
 493        strbuf_init(&node_ctx.src, 4096);
 494        strbuf_init(&node_ctx.dst, 4096);
 495        reset_dump_ctx(NULL);
 496        reset_rev_ctx(0);
 497        reset_node_ctx(NULL);
 498        return;
 499}
 500
 501int svndump_init(const char *filename)
 502{
 503        if (buffer_init(&input, filename))
 504                return error("cannot open %s: %s", filename ? filename : "NULL", strerror(errno));
 505        init(REPORT_FILENO);
 506        return 0;
 507}
 508
 509int svndump_init_fd(int in_fd, int back_fd)
 510{
 511        if(buffer_fdinit(&input, xdup(in_fd)))
 512                return error("cannot open fd %d: %s", in_fd, strerror(errno));
 513        init(xdup(back_fd));
 514        return 0;
 515}
 516
 517void svndump_deinit(void)
 518{
 519        fast_export_deinit();
 520        reset_dump_ctx(NULL);
 521        reset_rev_ctx(0);
 522        reset_node_ctx(NULL);
 523        strbuf_release(&rev_ctx.log);
 524        strbuf_release(&rev_ctx.author);
 525        strbuf_release(&rev_ctx.note);
 526        strbuf_release(&node_ctx.src);
 527        strbuf_release(&node_ctx.dst);
 528        if (buffer_deinit(&input))
 529                fprintf(stderr, "Input error\n");
 530        if (ferror(stdout))
 531                fprintf(stderr, "Output error\n");
 532}
 533
 534void svndump_reset(void)
 535{
 536        strbuf_release(&dump_ctx.uuid);
 537        strbuf_release(&dump_ctx.url);
 538        strbuf_release(&rev_ctx.log);
 539        strbuf_release(&rev_ctx.author);
 540}