setup.con commit daemon: Strictly parse the "extra arg" part of the command (73bb33a)
   1#include "cache.h"
   2#include "dir.h"
   3
   4static int inside_git_dir = -1;
   5static int inside_work_tree = -1;
   6
   7const char *prefix_path(const char *prefix, int len, const char *path)
   8{
   9        const char *orig = path;
  10        char *sanitized = xmalloc(len + strlen(path) + 1);
  11        if (is_absolute_path(orig))
  12                strcpy(sanitized, path);
  13        else {
  14                if (len)
  15                        memcpy(sanitized, prefix, len);
  16                strcpy(sanitized + len, path);
  17        }
  18        if (normalize_path_copy(sanitized, sanitized))
  19                goto error_out;
  20        if (is_absolute_path(orig)) {
  21                const char *work_tree = get_git_work_tree();
  22                size_t len = strlen(work_tree);
  23                size_t total = strlen(sanitized) + 1;
  24                if (strncmp(sanitized, work_tree, len) ||
  25                    (sanitized[len] != '\0' && sanitized[len] != '/')) {
  26                error_out:
  27                        die("'%s' is outside repository", orig);
  28                }
  29                if (sanitized[len] == '/')
  30                        len++;
  31                memmove(sanitized, sanitized + len, total - len);
  32        }
  33        return sanitized;
  34}
  35
  36/*
  37 * Unlike prefix_path, this should be used if the named file does
  38 * not have to interact with index entry; i.e. name of a random file
  39 * on the filesystem.
  40 */
  41const char *prefix_filename(const char *pfx, int pfx_len, const char *arg)
  42{
  43        static char path[PATH_MAX];
  44#ifndef __MINGW32__
  45        if (!pfx || !*pfx || is_absolute_path(arg))
  46                return arg;
  47        memcpy(path, pfx, pfx_len);
  48        strcpy(path + pfx_len, arg);
  49#else
  50        char *p;
  51        /* don't add prefix to absolute paths, but still replace '\' by '/' */
  52        if (is_absolute_path(arg))
  53                pfx_len = 0;
  54        else
  55                memcpy(path, pfx, pfx_len);
  56        strcpy(path + pfx_len, arg);
  57        for (p = path + pfx_len; *p; p++)
  58                if (*p == '\\')
  59                        *p = '/';
  60#endif
  61        return path;
  62}
  63
  64/*
  65 * Verify a filename that we got as an argument for a pathspec
  66 * entry. Note that a filename that begins with "-" never verifies
  67 * as true, because even if such a filename were to exist, we want
  68 * it to be preceded by the "--" marker (or we want the user to
  69 * use a format like "./-filename")
  70 */
  71void verify_filename(const char *prefix, const char *arg)
  72{
  73        const char *name;
  74        struct stat st;
  75
  76        if (*arg == '-')
  77                die("bad flag '%s' used after filename", arg);
  78        name = prefix ? prefix_filename(prefix, strlen(prefix), arg) : arg;
  79        if (!lstat(name, &st))
  80                return;
  81        if (errno == ENOENT)
  82                die("ambiguous argument '%s': unknown revision or path not in the working tree.\n"
  83                    "Use '--' to separate paths from revisions", arg);
  84        die("'%s': %s", arg, strerror(errno));
  85}
  86
  87/*
  88 * Opposite of the above: the command line did not have -- marker
  89 * and we parsed the arg as a refname.  It should not be interpretable
  90 * as a filename.
  91 */
  92void verify_non_filename(const char *prefix, const char *arg)
  93{
  94        const char *name;
  95        struct stat st;
  96
  97        if (!is_inside_work_tree() || is_inside_git_dir())
  98                return;
  99        if (*arg == '-')
 100                return; /* flag */
 101        name = prefix ? prefix_filename(prefix, strlen(prefix), arg) : arg;
 102        if (!lstat(name, &st))
 103                die("ambiguous argument '%s': both revision and filename\n"
 104                    "Use '--' to separate filenames from revisions", arg);
 105        if (errno != ENOENT && errno != ENOTDIR)
 106                die("'%s': %s", arg, strerror(errno));
 107}
 108
 109const char **get_pathspec(const char *prefix, const char **pathspec)
 110{
 111        const char *entry = *pathspec;
 112        const char **src, **dst;
 113        int prefixlen;
 114
 115        if (!prefix && !entry)
 116                return NULL;
 117
 118        if (!entry) {
 119                static const char *spec[2];
 120                spec[0] = prefix;
 121                spec[1] = NULL;
 122                return spec;
 123        }
 124
 125        /* Otherwise we have to re-write the entries.. */
 126        src = pathspec;
 127        dst = pathspec;
 128        prefixlen = prefix ? strlen(prefix) : 0;
 129        while (*src) {
 130                const char *p = prefix_path(prefix, prefixlen, *src);
 131                *(dst++) = p;
 132                src++;
 133        }
 134        *dst = NULL;
 135        if (!*pathspec)
 136                return NULL;
 137        return pathspec;
 138}
 139
 140/*
 141 * Test if it looks like we're at a git directory.
 142 * We want to see:
 143 *
 144 *  - either an objects/ directory _or_ the proper
 145 *    GIT_OBJECT_DIRECTORY environment variable
 146 *  - a refs/ directory
 147 *  - either a HEAD symlink or a HEAD file that is formatted as
 148 *    a proper "ref:", or a regular file HEAD that has a properly
 149 *    formatted sha1 object name.
 150 */
 151static int is_git_directory(const char *suspect)
 152{
 153        char path[PATH_MAX];
 154        size_t len = strlen(suspect);
 155
 156        strcpy(path, suspect);
 157        if (getenv(DB_ENVIRONMENT)) {
 158                if (access(getenv(DB_ENVIRONMENT), X_OK))
 159                        return 0;
 160        }
 161        else {
 162                strcpy(path + len, "/objects");
 163                if (access(path, X_OK))
 164                        return 0;
 165        }
 166
 167        strcpy(path + len, "/refs");
 168        if (access(path, X_OK))
 169                return 0;
 170
 171        strcpy(path + len, "/HEAD");
 172        if (validate_headref(path))
 173                return 0;
 174
 175        return 1;
 176}
 177
 178int is_inside_git_dir(void)
 179{
 180        if (inside_git_dir < 0)
 181                inside_git_dir = is_inside_dir(get_git_dir());
 182        return inside_git_dir;
 183}
 184
 185int is_inside_work_tree(void)
 186{
 187        if (inside_work_tree < 0)
 188                inside_work_tree = is_inside_dir(get_git_work_tree());
 189        return inside_work_tree;
 190}
 191
 192/*
 193 * set_work_tree() is only ever called if you set GIT_DIR explicitely.
 194 * The old behaviour (which we retain here) is to set the work tree root
 195 * to the cwd, unless overridden by the config, the command line, or
 196 * GIT_WORK_TREE.
 197 */
 198static const char *set_work_tree(const char *dir)
 199{
 200        char buffer[PATH_MAX + 1];
 201
 202        if (!getcwd(buffer, sizeof(buffer)))
 203                die ("Could not get the current working directory");
 204        git_work_tree_cfg = xstrdup(buffer);
 205        inside_work_tree = 1;
 206
 207        return NULL;
 208}
 209
 210void setup_work_tree(void)
 211{
 212        const char *work_tree, *git_dir;
 213        static int initialized = 0;
 214
 215        if (initialized)
 216                return;
 217        work_tree = get_git_work_tree();
 218        git_dir = get_git_dir();
 219        if (!is_absolute_path(git_dir))
 220                git_dir = make_absolute_path(git_dir);
 221        if (!work_tree || chdir(work_tree))
 222                die("This operation must be run in a work tree");
 223        set_git_dir(make_relative_path(git_dir, work_tree));
 224        initialized = 1;
 225}
 226
 227static int check_repository_format_gently(int *nongit_ok)
 228{
 229        git_config(check_repository_format_version, NULL);
 230        if (GIT_REPO_VERSION < repository_format_version) {
 231                if (!nongit_ok)
 232                        die ("Expected git repo version <= %d, found %d",
 233                             GIT_REPO_VERSION, repository_format_version);
 234                warning("Expected git repo version <= %d, found %d",
 235                        GIT_REPO_VERSION, repository_format_version);
 236                warning("Please upgrade Git");
 237                *nongit_ok = -1;
 238                return -1;
 239        }
 240        return 0;
 241}
 242
 243/*
 244 * Try to read the location of the git directory from the .git file,
 245 * return path to git directory if found.
 246 */
 247const char *read_gitfile_gently(const char *path)
 248{
 249        char *buf;
 250        struct stat st;
 251        int fd;
 252        size_t len;
 253
 254        if (stat(path, &st))
 255                return NULL;
 256        if (!S_ISREG(st.st_mode))
 257                return NULL;
 258        fd = open(path, O_RDONLY);
 259        if (fd < 0)
 260                die("Error opening %s: %s", path, strerror(errno));
 261        buf = xmalloc(st.st_size + 1);
 262        len = read_in_full(fd, buf, st.st_size);
 263        close(fd);
 264        if (len != st.st_size)
 265                die("Error reading %s", path);
 266        buf[len] = '\0';
 267        if (prefixcmp(buf, "gitdir: "))
 268                die("Invalid gitfile format: %s", path);
 269        while (buf[len - 1] == '\n' || buf[len - 1] == '\r')
 270                len--;
 271        if (len < 9)
 272                die("No path in gitfile: %s", path);
 273        buf[len] = '\0';
 274        if (!is_git_directory(buf + 8))
 275                die("Not a git repository: %s", buf + 8);
 276        path = make_absolute_path(buf + 8);
 277        free(buf);
 278        return path;
 279}
 280
 281/*
 282 * We cannot decide in this function whether we are in the work tree or
 283 * not, since the config can only be read _after_ this function was called.
 284 */
 285const char *setup_git_directory_gently(int *nongit_ok)
 286{
 287        const char *work_tree_env = getenv(GIT_WORK_TREE_ENVIRONMENT);
 288        const char *env_ceiling_dirs = getenv(CEILING_DIRECTORIES_ENVIRONMENT);
 289        static char cwd[PATH_MAX+1];
 290        const char *gitdirenv;
 291        const char *gitfile_dir;
 292        int len, offset, ceil_offset;
 293
 294        /*
 295         * Let's assume that we are in a git repository.
 296         * If it turns out later that we are somewhere else, the value will be
 297         * updated accordingly.
 298         */
 299        if (nongit_ok)
 300                *nongit_ok = 0;
 301
 302        /*
 303         * If GIT_DIR is set explicitly, we're not going
 304         * to do any discovery, but we still do repository
 305         * validation.
 306         */
 307        gitdirenv = getenv(GIT_DIR_ENVIRONMENT);
 308        if (gitdirenv) {
 309                if (PATH_MAX - 40 < strlen(gitdirenv))
 310                        die("'$%s' too big", GIT_DIR_ENVIRONMENT);
 311                if (is_git_directory(gitdirenv)) {
 312                        static char buffer[1024 + 1];
 313                        const char *retval;
 314
 315                        if (!work_tree_env) {
 316                                retval = set_work_tree(gitdirenv);
 317                                /* config may override worktree */
 318                                if (check_repository_format_gently(nongit_ok))
 319                                        return NULL;
 320                                return retval;
 321                        }
 322                        if (check_repository_format_gently(nongit_ok))
 323                                return NULL;
 324                        retval = get_relative_cwd(buffer, sizeof(buffer) - 1,
 325                                        get_git_work_tree());
 326                        if (!retval || !*retval)
 327                                return NULL;
 328                        set_git_dir(make_absolute_path(gitdirenv));
 329                        if (chdir(work_tree_env) < 0)
 330                                die ("Could not chdir to %s", work_tree_env);
 331                        strcat(buffer, "/");
 332                        return retval;
 333                }
 334                if (nongit_ok) {
 335                        *nongit_ok = 1;
 336                        return NULL;
 337                }
 338                die("Not a git repository: '%s'", gitdirenv);
 339        }
 340
 341        if (!getcwd(cwd, sizeof(cwd)-1))
 342                die("Unable to read current working directory");
 343
 344        ceil_offset = longest_ancestor_length(cwd, env_ceiling_dirs);
 345        if (ceil_offset < 0 && has_dos_drive_prefix(cwd))
 346                ceil_offset = 1;
 347
 348        /*
 349         * Test in the following order (relative to the cwd):
 350         * - .git (file containing "gitdir: <path>")
 351         * - .git/
 352         * - ./ (bare)
 353         * - ../.git
 354         * - ../.git/
 355         * - ../ (bare)
 356         * - ../../.git/
 357         *   etc.
 358         */
 359        offset = len = strlen(cwd);
 360        for (;;) {
 361                gitfile_dir = read_gitfile_gently(DEFAULT_GIT_DIR_ENVIRONMENT);
 362                if (gitfile_dir) {
 363                        if (set_git_dir(gitfile_dir))
 364                                die("Repository setup failed");
 365                        break;
 366                }
 367                if (is_git_directory(DEFAULT_GIT_DIR_ENVIRONMENT))
 368                        break;
 369                if (is_git_directory(".")) {
 370                        inside_git_dir = 1;
 371                        if (!work_tree_env)
 372                                inside_work_tree = 0;
 373                        if (offset != len) {
 374                                cwd[offset] = '\0';
 375                                setenv(GIT_DIR_ENVIRONMENT, cwd, 1);
 376                        } else
 377                                setenv(GIT_DIR_ENVIRONMENT, ".", 1);
 378                        check_repository_format_gently(nongit_ok);
 379                        return NULL;
 380                }
 381                while (--offset > ceil_offset && cwd[offset] != '/');
 382                if (offset <= ceil_offset) {
 383                        if (nongit_ok) {
 384                                if (chdir(cwd))
 385                                        die("Cannot come back to cwd");
 386                                *nongit_ok = 1;
 387                                return NULL;
 388                        }
 389                        die("Not a git repository (or any of the parent directories): %s", DEFAULT_GIT_DIR_ENVIRONMENT);
 390                }
 391                if (chdir(".."))
 392                        die("Cannot change to %s/..: %s", cwd, strerror(errno));
 393        }
 394
 395        inside_git_dir = 0;
 396        if (!work_tree_env)
 397                inside_work_tree = 1;
 398        git_work_tree_cfg = xstrndup(cwd, offset);
 399        if (check_repository_format_gently(nongit_ok))
 400                return NULL;
 401        if (offset == len)
 402                return NULL;
 403
 404        /* Make "offset" point to past the '/', and add a '/' at the end */
 405        offset++;
 406        cwd[len++] = '/';
 407        cwd[len] = 0;
 408        return cwd + offset;
 409}
 410
 411int git_config_perm(const char *var, const char *value)
 412{
 413        int i;
 414        char *endptr;
 415
 416        if (value == NULL)
 417                return PERM_GROUP;
 418
 419        if (!strcmp(value, "umask"))
 420                return PERM_UMASK;
 421        if (!strcmp(value, "group"))
 422                return PERM_GROUP;
 423        if (!strcmp(value, "all") ||
 424            !strcmp(value, "world") ||
 425            !strcmp(value, "everybody"))
 426                return PERM_EVERYBODY;
 427
 428        /* Parse octal numbers */
 429        i = strtol(value, &endptr, 8);
 430
 431        /* If not an octal number, maybe true/false? */
 432        if (*endptr != 0)
 433                return git_config_bool(var, value) ? PERM_GROUP : PERM_UMASK;
 434
 435        /*
 436         * Treat values 0, 1 and 2 as compatibility cases, otherwise it is
 437         * a chmod value to restrict to.
 438         */
 439        switch (i) {
 440        case PERM_UMASK:               /* 0 */
 441                return PERM_UMASK;
 442        case OLD_PERM_GROUP:           /* 1 */
 443                return PERM_GROUP;
 444        case OLD_PERM_EVERYBODY:       /* 2 */
 445                return PERM_EVERYBODY;
 446        }
 447
 448        /* A filemode value was given: 0xxx */
 449
 450        if ((i & 0600) != 0600)
 451                die("Problem with core.sharedRepository filemode value "
 452                    "(0%.3o).\nThe owner of files must always have "
 453                    "read and write permissions.", i);
 454
 455        /*
 456         * Mask filemode value. Others can not get write permission.
 457         * x flags for directories are handled separately.
 458         */
 459        return -(i & 0666);
 460}
 461
 462int check_repository_format_version(const char *var, const char *value, void *cb)
 463{
 464        if (strcmp(var, "core.repositoryformatversion") == 0)
 465                repository_format_version = git_config_int(var, value);
 466        else if (strcmp(var, "core.sharedrepository") == 0)
 467                shared_repository = git_config_perm(var, value);
 468        else if (strcmp(var, "core.bare") == 0) {
 469                is_bare_repository_cfg = git_config_bool(var, value);
 470                if (is_bare_repository_cfg == 1)
 471                        inside_work_tree = -1;
 472        } else if (strcmp(var, "core.worktree") == 0) {
 473                if (!value)
 474                        return config_error_nonbool(var);
 475                free(git_work_tree_cfg);
 476                git_work_tree_cfg = xstrdup(value);
 477                inside_work_tree = -1;
 478        }
 479        return 0;
 480}
 481
 482int check_repository_format(void)
 483{
 484        return check_repository_format_gently(NULL);
 485}
 486
 487const char *setup_git_directory(void)
 488{
 489        const char *retval = setup_git_directory_gently(NULL);
 490
 491        /* If the work tree is not the default one, recompute prefix */
 492        if (inside_work_tree < 0) {
 493                static char buffer[PATH_MAX + 1];
 494                char *rel;
 495                if (retval && chdir(retval))
 496                        die ("Could not jump back into original cwd");
 497                rel = get_relative_cwd(buffer, PATH_MAX, get_git_work_tree());
 498                if (rel && *rel && chdir(get_git_work_tree()))
 499                        die ("Could not jump to working directory");
 500                return rel && *rel ? strcat(rel, "/") : NULL;
 501        }
 502
 503        return retval;
 504}