quote.con commit t4211: demonstrate empty -L range crash (5896097)
   1#include "cache.h"
   2#include "quote.h"
   3#include "argv-array.h"
   4
   5int quote_path_fully = 1;
   6
   7/* Help to copy the thing properly quoted for the shell safety.
   8 * any single quote is replaced with '\'', any exclamation point
   9 * is replaced with '\!', and the whole thing is enclosed in a
  10 *
  11 * E.g.
  12 *  original     sq_quote     result
  13 *  name     ==> name      ==> 'name'
  14 *  a b      ==> a b       ==> 'a b'
  15 *  a'b      ==> a'\''b    ==> 'a'\''b'
  16 *  a!b      ==> a'\!'b    ==> 'a'\!'b'
  17 */
  18static inline int need_bs_quote(char c)
  19{
  20        return (c == '\'' || c == '!');
  21}
  22
  23void sq_quote_buf(struct strbuf *dst, const char *src)
  24{
  25        char *to_free = NULL;
  26
  27        if (dst->buf == src)
  28                to_free = strbuf_detach(dst, NULL);
  29
  30        strbuf_addch(dst, '\'');
  31        while (*src) {
  32                size_t len = strcspn(src, "'!");
  33                strbuf_add(dst, src, len);
  34                src += len;
  35                while (need_bs_quote(*src)) {
  36                        strbuf_addstr(dst, "'\\");
  37                        strbuf_addch(dst, *src++);
  38                        strbuf_addch(dst, '\'');
  39                }
  40        }
  41        strbuf_addch(dst, '\'');
  42        free(to_free);
  43}
  44
  45void sq_quote_print(FILE *stream, const char *src)
  46{
  47        char c;
  48
  49        fputc('\'', stream);
  50        while ((c = *src++)) {
  51                if (need_bs_quote(c)) {
  52                        fputs("'\\", stream);
  53                        fputc(c, stream);
  54                        fputc('\'', stream);
  55                } else {
  56                        fputc(c, stream);
  57                }
  58        }
  59        fputc('\'', stream);
  60}
  61
  62void sq_quote_argv(struct strbuf *dst, const char** argv, size_t maxlen)
  63{
  64        int i;
  65
  66        /* Copy into destination buffer. */
  67        strbuf_grow(dst, 255);
  68        for (i = 0; argv[i]; ++i) {
  69                strbuf_addch(dst, ' ');
  70                sq_quote_buf(dst, argv[i]);
  71                if (maxlen && dst->len > maxlen)
  72                        die("Too many or long arguments");
  73        }
  74}
  75
  76static char *sq_dequote_step(char *arg, char **next)
  77{
  78        char *dst = arg;
  79        char *src = arg;
  80        char c;
  81
  82        if (*src != '\'')
  83                return NULL;
  84        for (;;) {
  85                c = *++src;
  86                if (!c)
  87                        return NULL;
  88                if (c != '\'') {
  89                        *dst++ = c;
  90                        continue;
  91                }
  92                /* We stepped out of sq */
  93                switch (*++src) {
  94                case '\0':
  95                        *dst = 0;
  96                        if (next)
  97                                *next = NULL;
  98                        return arg;
  99                case '\\':
 100                        c = *++src;
 101                        if (need_bs_quote(c) && *++src == '\'') {
 102                                *dst++ = c;
 103                                continue;
 104                        }
 105                /* Fallthrough */
 106                default:
 107                        if (!next || !isspace(*src))
 108                                return NULL;
 109                        do {
 110                                c = *++src;
 111                        } while (isspace(c));
 112                        *dst = 0;
 113                        *next = src;
 114                        return arg;
 115                }
 116        }
 117}
 118
 119char *sq_dequote(char *arg)
 120{
 121        return sq_dequote_step(arg, NULL);
 122}
 123
 124static int sq_dequote_to_argv_internal(char *arg,
 125                                       const char ***argv, int *nr, int *alloc,
 126                                       struct argv_array *array)
 127{
 128        char *next = arg;
 129
 130        if (!*arg)
 131                return 0;
 132        do {
 133                char *dequoted = sq_dequote_step(next, &next);
 134                if (!dequoted)
 135                        return -1;
 136                if (argv) {
 137                        ALLOC_GROW(*argv, *nr + 1, *alloc);
 138                        (*argv)[(*nr)++] = dequoted;
 139                }
 140                if (array)
 141                        argv_array_push(array, dequoted);
 142        } while (next);
 143
 144        return 0;
 145}
 146
 147int sq_dequote_to_argv(char *arg, const char ***argv, int *nr, int *alloc)
 148{
 149        return sq_dequote_to_argv_internal(arg, argv, nr, alloc, NULL);
 150}
 151
 152int sq_dequote_to_argv_array(char *arg, struct argv_array *array)
 153{
 154        return sq_dequote_to_argv_internal(arg, NULL, NULL, NULL, array);
 155}
 156
 157/* 1 means: quote as octal
 158 * 0 means: quote as octal if (quote_path_fully)
 159 * -1 means: never quote
 160 * c: quote as "\\c"
 161 */
 162#define X8(x)   x, x, x, x, x, x, x, x
 163#define X16(x)  X8(x), X8(x)
 164static signed char const sq_lookup[256] = {
 165        /*           0    1    2    3    4    5    6    7 */
 166        /* 0x00 */   1,   1,   1,   1,   1,   1,   1, 'a',
 167        /* 0x08 */ 'b', 't', 'n', 'v', 'f', 'r',   1,   1,
 168        /* 0x10 */ X16(1),
 169        /* 0x20 */  -1,  -1, '"',  -1,  -1,  -1,  -1,  -1,
 170        /* 0x28 */ X16(-1), X16(-1), X16(-1),
 171        /* 0x58 */  -1,  -1,  -1,  -1,'\\',  -1,  -1,  -1,
 172        /* 0x60 */ X16(-1), X8(-1),
 173        /* 0x78 */  -1,  -1,  -1,  -1,  -1,  -1,  -1,   1,
 174        /* 0x80 */ /* set to 0 */
 175};
 176
 177static inline int sq_must_quote(char c)
 178{
 179        return sq_lookup[(unsigned char)c] + quote_path_fully > 0;
 180}
 181
 182/* returns the longest prefix not needing a quote up to maxlen if positive.
 183   This stops at the first \0 because it's marked as a character needing an
 184   escape */
 185static size_t next_quote_pos(const char *s, ssize_t maxlen)
 186{
 187        size_t len;
 188        if (maxlen < 0) {
 189                for (len = 0; !sq_must_quote(s[len]); len++);
 190        } else {
 191                for (len = 0; len < maxlen && !sq_must_quote(s[len]); len++);
 192        }
 193        return len;
 194}
 195
 196/*
 197 * C-style name quoting.
 198 *
 199 * (1) if sb and fp are both NULL, inspect the input name and counts the
 200 *     number of bytes that are needed to hold c_style quoted version of name,
 201 *     counting the double quotes around it but not terminating NUL, and
 202 *     returns it.
 203 *     However, if name does not need c_style quoting, it returns 0.
 204 *
 205 * (2) if sb or fp are not NULL, it emits the c_style quoted version
 206 *     of name, enclosed with double quotes if asked and needed only.
 207 *     Return value is the same as in (1).
 208 */
 209static size_t quote_c_style_counted(const char *name, ssize_t maxlen,
 210                                    struct strbuf *sb, FILE *fp, int no_dq)
 211{
 212#undef EMIT
 213#define EMIT(c)                                 \
 214        do {                                        \
 215                if (sb) strbuf_addch(sb, (c));          \
 216                if (fp) fputc((c), fp);                 \
 217                count++;                                \
 218        } while (0)
 219#define EMITBUF(s, l)                           \
 220        do {                                        \
 221                if (sb) strbuf_add(sb, (s), (l));       \
 222                if (fp) fwrite((s), (l), 1, fp);        \
 223                count += (l);                           \
 224        } while (0)
 225
 226        size_t len, count = 0;
 227        const char *p = name;
 228
 229        for (;;) {
 230                int ch;
 231
 232                len = next_quote_pos(p, maxlen);
 233                if (len == maxlen || (maxlen < 0 && !p[len]))
 234                        break;
 235
 236                if (!no_dq && p == name)
 237                        EMIT('"');
 238
 239                EMITBUF(p, len);
 240                EMIT('\\');
 241                p += len;
 242                ch = (unsigned char)*p++;
 243                if (maxlen >= 0)
 244                        maxlen -= len + 1;
 245                if (sq_lookup[ch] >= ' ') {
 246                        EMIT(sq_lookup[ch]);
 247                } else {
 248                        EMIT(((ch >> 6) & 03) + '0');
 249                        EMIT(((ch >> 3) & 07) + '0');
 250                        EMIT(((ch >> 0) & 07) + '0');
 251                }
 252        }
 253
 254        EMITBUF(p, len);
 255        if (p == name)   /* no ending quote needed */
 256                return 0;
 257
 258        if (!no_dq)
 259                EMIT('"');
 260        return count;
 261}
 262
 263size_t quote_c_style(const char *name, struct strbuf *sb, FILE *fp, int nodq)
 264{
 265        return quote_c_style_counted(name, -1, sb, fp, nodq);
 266}
 267
 268void quote_two_c_style(struct strbuf *sb, const char *prefix, const char *path, int nodq)
 269{
 270        if (quote_c_style(prefix, NULL, NULL, 0) ||
 271            quote_c_style(path, NULL, NULL, 0)) {
 272                if (!nodq)
 273                        strbuf_addch(sb, '"');
 274                quote_c_style(prefix, sb, NULL, 1);
 275                quote_c_style(path, sb, NULL, 1);
 276                if (!nodq)
 277                        strbuf_addch(sb, '"');
 278        } else {
 279                strbuf_addstr(sb, prefix);
 280                strbuf_addstr(sb, path);
 281        }
 282}
 283
 284void write_name_quoted(const char *name, FILE *fp, int terminator)
 285{
 286        if (terminator) {
 287                quote_c_style(name, NULL, fp, 0);
 288        } else {
 289                fputs(name, fp);
 290        }
 291        fputc(terminator, fp);
 292}
 293
 294void write_name_quotedpfx(const char *pfx, size_t pfxlen,
 295                          const char *name, FILE *fp, int terminator)
 296{
 297        int needquote = 0;
 298
 299        if (terminator) {
 300                needquote = next_quote_pos(pfx, pfxlen) < pfxlen
 301                        || name[next_quote_pos(name, -1)];
 302        }
 303        if (needquote) {
 304                fputc('"', fp);
 305                quote_c_style_counted(pfx, pfxlen, NULL, fp, 1);
 306                quote_c_style(name, NULL, fp, 1);
 307                fputc('"', fp);
 308        } else {
 309                fwrite(pfx, pfxlen, 1, fp);
 310                fputs(name, fp);
 311        }
 312        fputc(terminator, fp);
 313}
 314
 315static const char *path_relative(const char *in, int len,
 316                                 struct strbuf *sb, const char *prefix,
 317                                 int prefix_len);
 318
 319void write_name_quoted_relative(const char *name, size_t len,
 320                                const char *prefix, size_t prefix_len,
 321                                FILE *fp, int terminator)
 322{
 323        struct strbuf sb = STRBUF_INIT;
 324
 325        name = path_relative(name, len, &sb, prefix, prefix_len);
 326        write_name_quoted(name, fp, terminator);
 327
 328        strbuf_release(&sb);
 329}
 330
 331/*
 332 * Give path as relative to prefix.
 333 *
 334 * The strbuf may or may not be used, so do not assume it contains the
 335 * returned path.
 336 */
 337static const char *path_relative(const char *in, int len,
 338                                 struct strbuf *sb, const char *prefix,
 339                                 int prefix_len)
 340{
 341        int off, i;
 342
 343        if (len < 0)
 344                len = strlen(in);
 345        if (prefix_len < 0) {
 346                if (prefix)
 347                        prefix_len = strlen(prefix);
 348                else
 349                        prefix_len = 0;
 350        }
 351
 352        off = 0;
 353        i = 0;
 354        while (i < prefix_len && i < len && prefix[i] == in[i]) {
 355                if (prefix[i] == '/')
 356                        off = i + 1;
 357                i++;
 358        }
 359        in += off;
 360        len -= off;
 361
 362        if (i >= prefix_len)
 363                return in;
 364
 365        strbuf_reset(sb);
 366        strbuf_grow(sb, len);
 367
 368        while (i < prefix_len) {
 369                if (prefix[i] == '/')
 370                        strbuf_addstr(sb, "../");
 371                i++;
 372        }
 373        strbuf_add(sb, in, len);
 374
 375        return sb->buf;
 376}
 377
 378/* quote path as relative to the given prefix */
 379char *quote_path_relative(const char *in, int len,
 380                          struct strbuf *out, const char *prefix)
 381{
 382        struct strbuf sb = STRBUF_INIT;
 383        const char *rel = path_relative(in, len, &sb, prefix, -1);
 384        strbuf_reset(out);
 385        quote_c_style_counted(rel, strlen(rel), out, NULL, 0);
 386        strbuf_release(&sb);
 387
 388        if (!out->len)
 389                strbuf_addstr(out, "./");
 390
 391        return out->buf;
 392}
 393
 394/*
 395 * C-style name unquoting.
 396 *
 397 * Quoted should point at the opening double quote.
 398 * + Returns 0 if it was able to unquote the string properly, and appends the
 399 *   result in the strbuf `sb'.
 400 * + Returns -1 in case of error, and doesn't touch the strbuf. Though note
 401 *   that this function will allocate memory in the strbuf, so calling
 402 *   strbuf_release is mandatory whichever result unquote_c_style returns.
 403 *
 404 * Updates endp pointer to point at one past the ending double quote if given.
 405 */
 406int unquote_c_style(struct strbuf *sb, const char *quoted, const char **endp)
 407{
 408        size_t oldlen = sb->len, len;
 409        int ch, ac;
 410
 411        if (*quoted++ != '"')
 412                return -1;
 413
 414        for (;;) {
 415                len = strcspn(quoted, "\"\\");
 416                strbuf_add(sb, quoted, len);
 417                quoted += len;
 418
 419                switch (*quoted++) {
 420                  case '"':
 421                        if (endp)
 422                                *endp = quoted;
 423                        return 0;
 424                  case '\\':
 425                        break;
 426                  default:
 427                        goto error;
 428                }
 429
 430                switch ((ch = *quoted++)) {
 431                case 'a': ch = '\a'; break;
 432                case 'b': ch = '\b'; break;
 433                case 'f': ch = '\f'; break;
 434                case 'n': ch = '\n'; break;
 435                case 'r': ch = '\r'; break;
 436                case 't': ch = '\t'; break;
 437                case 'v': ch = '\v'; break;
 438
 439                case '\\': case '"':
 440                        break; /* verbatim */
 441
 442                /* octal values with first digit over 4 overflow */
 443                case '0': case '1': case '2': case '3':
 444                                        ac = ((ch - '0') << 6);
 445                        if ((ch = *quoted++) < '0' || '7' < ch)
 446                                goto error;
 447                                        ac |= ((ch - '0') << 3);
 448                        if ((ch = *quoted++) < '0' || '7' < ch)
 449                                goto error;
 450                                        ac |= (ch - '0');
 451                                        ch = ac;
 452                                        break;
 453                                default:
 454                        goto error;
 455                        }
 456                strbuf_addch(sb, ch);
 457                }
 458
 459  error:
 460        strbuf_setlen(sb, oldlen);
 461        return -1;
 462}
 463
 464/* quoting as a string literal for other languages */
 465
 466void perl_quote_print(FILE *stream, const char *src)
 467{
 468        const char sq = '\'';
 469        const char bq = '\\';
 470        char c;
 471
 472        fputc(sq, stream);
 473        while ((c = *src++)) {
 474                if (c == sq || c == bq)
 475                        fputc(bq, stream);
 476                fputc(c, stream);
 477        }
 478        fputc(sq, stream);
 479}
 480
 481void python_quote_print(FILE *stream, const char *src)
 482{
 483        const char sq = '\'';
 484        const char bq = '\\';
 485        const char nl = '\n';
 486        char c;
 487
 488        fputc(sq, stream);
 489        while ((c = *src++)) {
 490                if (c == nl) {
 491                        fputc(bq, stream);
 492                        fputc('n', stream);
 493                        continue;
 494                }
 495                if (c == sq || c == bq)
 496                        fputc(bq, stream);
 497                fputc(c, stream);
 498        }
 499        fputc(sq, stream);
 500}
 501
 502void tcl_quote_print(FILE *stream, const char *src)
 503{
 504        char c;
 505
 506        fputc('"', stream);
 507        while ((c = *src++)) {
 508                switch (c) {
 509                case '[': case ']':
 510                case '{': case '}':
 511                case '$': case '\\': case '"':
 512                        fputc('\\', stream);
 513                default:
 514                        fputc(c, stream);
 515                        break;
 516                case '\f':
 517                        fputs("\\f", stream);
 518                        break;
 519                case '\r':
 520                        fputs("\\r", stream);
 521                        break;
 522                case '\n':
 523                        fputs("\\n", stream);
 524                        break;
 525                case '\t':
 526                        fputs("\\t", stream);
 527                        break;
 528                case '\v':
 529                        fputs("\\v", stream);
 530                        break;
 531                }
 532        }
 533        fputc('"', stream);
 534}