1/*
2 * Utilities for paths and pathnames
3 */
4#include "cache.h"
5#include "strbuf.h"
6#include "string-list.h"
7static int get_st_mode_bits(const char *path, int *mode)
9{
10 struct stat st;
11 if (lstat(path, &st) < 0)
12 return -1;
13 *mode = st.st_mode;
14 return 0;
15}
16static char bad_path[] = "/bad-path/";
18static char *get_pathname(void)
20{
21 static char pathname_array[4][PATH_MAX];
22 static int index;
23 return pathname_array[3 & ++index];
24}
25static char *cleanup_path(char *path)
27{
28 /* Clean it up */
29 if (!memcmp(path, "./", 2)) {
30 path += 2;
31 while (*path == '/')
32 path++;
33 }
34 return path;
35}
36char *mksnpath(char *buf, size_t n, const char *fmt, ...)
38{
39 va_list args;
40 unsigned len;
41 va_start(args, fmt);
43 len = vsnprintf(buf, n, fmt, args);
44 va_end(args);
45 if (len >= n) {
46 strlcpy(buf, bad_path, n);
47 return buf;
48 }
49 return cleanup_path(buf);
50}
51static char *vsnpath(char *buf, size_t n, const char *fmt, va_list args)
53{
54 const char *git_dir = get_git_dir();
55 size_t len;
56 len = strlen(git_dir);
58 if (n < len + 1)
59 goto bad;
60 memcpy(buf, git_dir, len);
61 if (len && !is_dir_sep(git_dir[len-1]))
62 buf[len++] = '/';
63 len += vsnprintf(buf + len, n - len, fmt, args);
64 if (len >= n)
65 goto bad;
66 return cleanup_path(buf);
67bad:
68 strlcpy(buf, bad_path, n);
69 return buf;
70}
71char *git_snpath(char *buf, size_t n, const char *fmt, ...)
73{
74 char *ret;
75 va_list args;
76 va_start(args, fmt);
77 ret = vsnpath(buf, n, fmt, args);
78 va_end(args);
79 return ret;
80}
81char *git_pathdup(const char *fmt, ...)
83{
84 char path[PATH_MAX], *ret;
85 va_list args;
86 va_start(args, fmt);
87 ret = vsnpath(path, sizeof(path), fmt, args);
88 va_end(args);
89 return xstrdup(ret);
90}
91char *mkpathdup(const char *fmt, ...)
93{
94 char *path;
95 struct strbuf sb = STRBUF_INIT;
96 va_list args;
97 va_start(args, fmt);
99 strbuf_vaddf(&sb, fmt, args);
100 va_end(args);
101 path = xstrdup(cleanup_path(sb.buf));
102 strbuf_release(&sb);
104 return path;
105}
106char *mkpath(const char *fmt, ...)
108{
109 va_list args;
110 unsigned len;
111 char *pathname = get_pathname();
112 va_start(args, fmt);
114 len = vsnprintf(pathname, PATH_MAX, fmt, args);
115 va_end(args);
116 if (len >= PATH_MAX)
117 return bad_path;
118 return cleanup_path(pathname);
119}
120char *git_path(const char *fmt, ...)
122{
123 char *pathname = get_pathname();
124 va_list args;
125 char *ret;
126 va_start(args, fmt);
128 ret = vsnpath(pathname, PATH_MAX, fmt, args);
129 va_end(args);
130 return ret;
131}
132void home_config_paths(char **global, char **xdg, char *file)
134{
135 char *xdg_home = getenv("XDG_CONFIG_HOME");
136 char *home = getenv("HOME");
137 char *to_free = NULL;
138 if (!home) {
140 if (global)
141 *global = NULL;
142 } else {
143 if (!xdg_home) {
144 to_free = mkpathdup("%s/.config", home);
145 xdg_home = to_free;
146 }
147 if (global)
148 *global = mkpathdup("%s/.gitconfig", home);
149 }
150 if (!xdg_home)
152 *xdg = NULL;
153 else
154 *xdg = mkpathdup("%s/git/%s", xdg_home, file);
155 free(to_free);
157}
158char *git_path_submodule(const char *path, const char *fmt, ...)
160{
161 char *pathname = get_pathname();
162 struct strbuf buf = STRBUF_INIT;
163 const char *git_dir;
164 va_list args;
165 unsigned len;
166 len = strlen(path);
168 if (len > PATH_MAX-100)
169 return bad_path;
170 strbuf_addstr(&buf, path);
172 if (len && path[len-1] != '/')
173 strbuf_addch(&buf, '/');
174 strbuf_addstr(&buf, ".git");
175 git_dir = read_gitfile(buf.buf);
177 if (git_dir) {
178 strbuf_reset(&buf);
179 strbuf_addstr(&buf, git_dir);
180 }
181 strbuf_addch(&buf, '/');
182 if (buf.len >= PATH_MAX)
184 return bad_path;
185 memcpy(pathname, buf.buf, buf.len + 1);
186 strbuf_release(&buf);
188 len = strlen(pathname);
189 va_start(args, fmt);
191 len += vsnprintf(pathname + len, PATH_MAX - len, fmt, args);
192 va_end(args);
193 if (len >= PATH_MAX)
194 return bad_path;
195 return cleanup_path(pathname);
196}
197int validate_headref(const char *path)
199{
200 struct stat st;
201 char *buf, buffer[256];
202 unsigned char sha1[20];
203 int fd;
204 ssize_t len;
205 if (lstat(path, &st) < 0)
207 return -1;
208 /* Make sure it is a "refs/.." symlink */
210 if (S_ISLNK(st.st_mode)) {
211 len = readlink(path, buffer, sizeof(buffer)-1);
212 if (len >= 5 && !memcmp("refs/", buffer, 5))
213 return 0;
214 return -1;
215 }
216 /*
218 * Anything else, just open it and try to see if it is a symbolic ref.
219 */
220 fd = open(path, O_RDONLY);
221 if (fd < 0)
222 return -1;
223 len = read_in_full(fd, buffer, sizeof(buffer)-1);
224 close(fd);
225 /*
227 * Is it a symbolic ref?
228 */
229 if (len < 4)
230 return -1;
231 if (!memcmp("ref:", buffer, 4)) {
232 buf = buffer + 4;
233 len -= 4;
234 while (len && isspace(*buf))
235 buf++, len--;
236 if (len >= 5 && !memcmp("refs/", buf, 5))
237 return 0;
238 }
239 /*
241 * Is this a detached HEAD?
242 */
243 if (!get_sha1_hex(buffer, sha1))
244 return 0;
245 return -1;
247}
248static struct passwd *getpw_str(const char *username, size_t len)
250{
251 struct passwd *pw;
252 char *username_z = xmemdupz(username, len);
253 pw = getpwnam(username_z);
254 free(username_z);
255 return pw;
256}
257/*
259 * Return a string with ~ and ~user expanded via getpw*. If buf != NULL,
260 * then it is a newly allocated string. Returns NULL on getpw failure or
261 * if path is NULL.
262 */
263char *expand_user_path(const char *path)
264{
265 struct strbuf user_path = STRBUF_INIT;
266 const char *to_copy = path;
267 if (path == NULL)
269 goto return_null;
270 if (path[0] == '~') {
271 const char *first_slash = strchrnul(path, '/');
272 const char *username = path + 1;
273 size_t username_len = first_slash - username;
274 if (username_len == 0) {
275 const char *home = getenv("HOME");
276 if (!home)
277 goto return_null;
278 strbuf_addstr(&user_path, home);
279 } else {
280 struct passwd *pw = getpw_str(username, username_len);
281 if (!pw)
282 goto return_null;
283 strbuf_addstr(&user_path, pw->pw_dir);
284 }
285 to_copy = first_slash;
286 }
287 strbuf_addstr(&user_path, to_copy);
288 return strbuf_detach(&user_path, NULL);
289return_null:
290 strbuf_release(&user_path);
291 return NULL;
292}
293/*
295 * First, one directory to try is determined by the following algorithm.
296 *
297 * (0) If "strict" is given, the path is used as given and no DWIM is
298 * done. Otherwise:
299 * (1) "~/path" to mean path under the running user's home directory;
300 * (2) "~user/path" to mean path under named user's home directory;
301 * (3) "relative/path" to mean cwd relative directory; or
302 * (4) "/absolute/path" to mean absolute directory.
303 *
304 * Unless "strict" is given, we try access() for existence of "%s.git/.git",
305 * "%s/.git", "%s.git", "%s" in this order. The first one that exists is
306 * what we try.
307 *
308 * Second, we try chdir() to that. Upon failure, we return NULL.
309 *
310 * Then, we try if the current directory is a valid git repository.
311 * Upon failure, we return NULL.
312 *
313 * If all goes well, we return the directory we used to chdir() (but
314 * before ~user is expanded), avoiding getcwd() resolving symbolic
315 * links. User relative paths are also returned as they are given,
316 * except DWIM suffixing.
317 */
318const char *enter_repo(const char *path, int strict)
319{
320 static char used_path[PATH_MAX];
321 static char validated_path[PATH_MAX];
322 if (!path)
324 return NULL;
325 if (!strict) {
327 static const char *suffix[] = {
328 "/.git", "", ".git/.git", ".git", NULL,
329 };
330 const char *gitfile;
331 int len = strlen(path);
332 int i;
333 while ((1 < len) && (path[len-1] == '/'))
334 len--;
335 if (PATH_MAX <= len)
337 return NULL;
338 strncpy(used_path, path, len); used_path[len] = 0 ;
339 strcpy(validated_path, used_path);
340 if (used_path[0] == '~') {
342 char *newpath = expand_user_path(used_path);
343 if (!newpath || (PATH_MAX - 10 < strlen(newpath))) {
344 free(newpath);
345 return NULL;
346 }
347 /*
348 * Copy back into the static buffer. A pity
349 * since newpath was not bounded, but other
350 * branches of the if are limited by PATH_MAX
351 * anyway.
352 */
353 strcpy(used_path, newpath); free(newpath);
354 }
355 else if (PATH_MAX - 10 < len)
356 return NULL;
357 len = strlen(used_path);
358 for (i = 0; suffix[i]; i++) {
359 struct stat st;
360 strcpy(used_path + len, suffix[i]);
361 if (!stat(used_path, &st) &&
362 (S_ISREG(st.st_mode) ||
363 (S_ISDIR(st.st_mode) && is_git_directory(used_path)))) {
364 strcat(validated_path, suffix[i]);
365 break;
366 }
367 }
368 if (!suffix[i])
369 return NULL;
370 gitfile = read_gitfile(used_path) ;
371 if (gitfile)
372 strcpy(used_path, gitfile);
373 if (chdir(used_path))
374 return NULL;
375 path = validated_path;
376 }
377 else if (chdir(path))
378 return NULL;
379 if (access("objects", X_OK) == 0 && access("refs", X_OK) == 0 &&
381 validate_headref("HEAD") == 0) {
382 set_git_dir(".");
383 check_repository_format();
384 return path;
385 }
386 return NULL;
388}
389static int calc_shared_perm(int mode)
391{
392 int tweak;
393 if (shared_repository < 0)
395 tweak = -shared_repository;
396 else
397 tweak = shared_repository;
398 if (!(mode & S_IWUSR))
400 tweak &= ~0222;
401 if (mode & S_IXUSR)
402 /* Copy read bits to execute bits */
403 tweak |= (tweak & 0444) >> 2;
404 if (shared_repository < 0)
405 mode = (mode & ~0777) | tweak;
406 else
407 mode |= tweak;
408 return mode;
410}
411int adjust_shared_perm(const char *path)
414{
415 int old_mode, new_mode;
416 if (!shared_repository)
418 return 0;
419 if (get_st_mode_bits(path, &old_mode) < 0)
420 return -1;
421 new_mode = calc_shared_perm(old_mode);
423 if (S_ISDIR(old_mode)) {
424 /* Copy read bits to execute bits */
425 new_mode |= (new_mode & 0444) >> 2;
426 new_mode |= FORCE_DIR_SET_GID;
427 }
428 if (((old_mode ^ new_mode) & ~S_IFMT) &&
430 chmod(path, (new_mode & ~S_IFMT)) < 0)
431 return -2;
432 return 0;
433}
434static int have_same_root(const char *path1, const char *path2)
436{
437 int is_abs1, is_abs2;
438 is_abs1 = is_absolute_path(path1);
440 is_abs2 = is_absolute_path(path2);
441 return (is_abs1 && is_abs2 && tolower(path1[0]) == tolower(path2[0])) ||
442 (!is_abs1 && !is_abs2);
443}
444/*
446 * Give path as relative to prefix.
447 *
448 * The strbuf may or may not be used, so do not assume it contains the
449 * returned path.
450 */
451const char *relative_path(const char *in, const char *prefix,
452 struct strbuf *sb)
453{
454 int in_len = in ? strlen(in) : 0;
455 int prefix_len = prefix ? strlen(prefix) : 0;
456 int in_off = 0;
457 int prefix_off = 0;
458 int i = 0, j = 0;
459 if (!in_len)
461 return "./";
462 else if (!prefix_len)
463 return in;
464 if (have_same_root(in, prefix)) {
466 /* bypass dos_drive, for "c:" is identical to "C:" */
467 if (has_dos_drive_prefix(in)) {
468 i = 2;
469 j = 2;
470 }
471 } else {
472 return in;
473 }
474 while (i < prefix_len && j < in_len && prefix[i] == in[j]) {
476 if (is_dir_sep(prefix[i])) {
477 while (is_dir_sep(prefix[i]))
478 i++;
479 while (is_dir_sep(in[j]))
480 j++;
481 prefix_off = i;
482 in_off = j;
483 } else {
484 i++;
485 j++;
486 }
487 }
488 if (
490 /* "prefix" seems like prefix of "in" */
491 i >= prefix_len &&
492 /*
493 * but "/foo" is not a prefix of "/foobar"
494 * (i.e. prefix not end with '/')
495 */
496 prefix_off < prefix_len) {
497 if (j >= in_len) {
498 /* in="/a/b", prefix="/a/b" */
499 in_off = in_len;
500 } else if (is_dir_sep(in[j])) {
501 /* in="/a/b/c", prefix="/a/b" */
502 while (is_dir_sep(in[j]))
503 j++;
504 in_off = j;
505 } else {
506 /* in="/a/bbb/c", prefix="/a/b" */
507 i = prefix_off;
508 }
509 } else if (
510 /* "in" is short than "prefix" */
511 j >= in_len &&
512 /* "in" not end with '/' */
513 in_off < in_len) {
514 if (is_dir_sep(prefix[i])) {
515 /* in="/a/b", prefix="/a/b/c/" */
516 while (is_dir_sep(prefix[i]))
517 i++;
518 in_off = in_len;
519 }
520 }
521 in += in_off;
522 in_len -= in_off;
523 if (i >= prefix_len) {
525 if (!in_len)
526 return "./";
527 else
528 return in;
529 }
530 strbuf_reset(sb);
532 strbuf_grow(sb, in_len);
533 while (i < prefix_len) {
535 if (is_dir_sep(prefix[i])) {
536 strbuf_addstr(sb, "../");
537 while (is_dir_sep(prefix[i]))
538 i++;
539 continue;
540 }
541 i++;
542 }
543 if (!is_dir_sep(prefix[prefix_len - 1]))
544 strbuf_addstr(sb, "../");
545 strbuf_addstr(sb, in);
547 return sb->buf;
549}
550/*
552 * A simpler implementation of relative_path
553 *
554 * Get relative path by removing "prefix" from "in". This function
555 * first appears in v1.5.6-1-g044bbbc, and makes git_dir shorter
556 * to increase performance when traversing the path to work_tree.
557 */
558const char *remove_leading_path(const char *in, const char *prefix)
559{
560 static char buf[PATH_MAX + 1];
561 int i = 0, j = 0;
562 if (!prefix || !prefix[0])
564 return in;
565 while (prefix[i]) {
566 if (is_dir_sep(prefix[i])) {
567 if (!is_dir_sep(in[j]))
568 return in;
569 while (is_dir_sep(prefix[i]))
570 i++;
571 while (is_dir_sep(in[j]))
572 j++;
573 continue;
574 } else if (in[j] != prefix[i]) {
575 return in;
576 }
577 i++;
578 j++;
579 }
580 if (
581 /* "/foo" is a prefix of "/foo" */
582 in[j] &&
583 /* "/foo" is not a prefix of "/foobar" */
584 !is_dir_sep(prefix[i-1]) && !is_dir_sep(in[j])
585 )
586 return in;
587 while (is_dir_sep(in[j]))
588 j++;
589 if (!in[j])
590 strcpy(buf, ".");
591 else
592 strcpy(buf, in + j);
593 return buf;
594}
595/*
597 * It is okay if dst == src, but they should not overlap otherwise.
598 *
599 * Performs the following normalizations on src, storing the result in dst:
600 * - Ensures that components are separated by '/' (Windows only)
601 * - Squashes sequences of '/'.
602 * - Removes "." components.
603 * - Removes ".." components, and the components the precede them.
604 * Returns failure (non-zero) if a ".." component appears as first path
605 * component anytime during the normalization. Otherwise, returns success (0).
606 *
607 * Note that this function is purely textual. It does not follow symlinks,
608 * verify the existence of the path, or make any system calls.
609 *
610 * prefix_len != NULL is for a specific case of prefix_pathspec():
611 * assume that src == dst and src[0..prefix_len-1] is already
612 * normalized, any time "../" eats up to the prefix_len part,
613 * prefix_len is reduced. In the end prefix_len is the remaining
614 * prefix that has not been overridden by user pathspec.
615 */
616int normalize_path_copy_len(char *dst, const char *src, int *prefix_len)
617{
618 char *dst0;
619 if (has_dos_drive_prefix(src)) {
621 *dst++ = *src++;
622 *dst++ = *src++;
623 }
624 dst0 = dst;
625 if (is_dir_sep(*src)) {
627 *dst++ = '/';
628 while (is_dir_sep(*src))
629 src++;
630 }
631 for (;;) {
633 char c = *src;
634 /*
636 * A path component that begins with . could be
637 * special:
638 * (1) "." and ends -- ignore and terminate.
639 * (2) "./" -- ignore them, eat slash and continue.
640 * (3) ".." and ends -- strip one and terminate.
641 * (4) "../" -- strip one, eat slash and continue.
642 */
643 if (c == '.') {
644 if (!src[1]) {
645 /* (1) */
646 src++;
647 } else if (is_dir_sep(src[1])) {
648 /* (2) */
649 src += 2;
650 while (is_dir_sep(*src))
651 src++;
652 continue;
653 } else if (src[1] == '.') {
654 if (!src[2]) {
655 /* (3) */
656 src += 2;
657 goto up_one;
658 } else if (is_dir_sep(src[2])) {
659 /* (4) */
660 src += 3;
661 while (is_dir_sep(*src))
662 src++;
663 goto up_one;
664 }
665 }
666 }
667 /* copy up to the next '/', and eat all '/' */
669 while ((c = *src++) != '\0' && !is_dir_sep(c))
670 *dst++ = c;
671 if (is_dir_sep(c)) {
672 *dst++ = '/';
673 while (is_dir_sep(c))
674 c = *src++;
675 src--;
676 } else if (!c)
677 break;
678 continue;
679 up_one:
681 /*
682 * dst0..dst is prefix portion, and dst[-1] is '/';
683 * go up one level.
684 */
685 dst--; /* go to trailing '/' */
686 if (dst <= dst0)
687 return -1;
688 /* Windows: dst[-1] cannot be backslash anymore */
689 while (dst0 < dst && dst[-1] != '/')
690 dst--;
691 if (prefix_len && *prefix_len > dst - dst0)
692 *prefix_len = dst - dst0;
693 }
694 *dst = '\0';
695 return 0;
696}
697int normalize_path_copy(char *dst, const char *src)
699{
700 return normalize_path_copy_len(dst, src, NULL);
701}
702/*
704 * path = Canonical absolute path
705 * prefixes = string_list containing normalized, absolute paths without
706 * trailing slashes (except for the root directory, which is denoted by "/").
707 *
708 * Determines, for each path in prefixes, whether the "prefix"
709 * is an ancestor directory of path. Returns the length of the longest
710 * ancestor directory, excluding any trailing slashes, or -1 if no prefix
711 * is an ancestor. (Note that this means 0 is returned if prefixes is
712 * ["/"].) "/foo" is not considered an ancestor of "/foobar". Directories
713 * are not considered to be their own ancestors. path must be in a
714 * canonical form: empty components, or "." or ".." components are not
715 * allowed.
716 */
717int longest_ancestor_length(const char *path, struct string_list *prefixes)
718{
719 int i, max_len = -1;
720 if (!strcmp(path, "/"))
722 return -1;
723 for (i = 0; i < prefixes->nr; i++) {
725 const char *ceil = prefixes->items[i].string;
726 int len = strlen(ceil);
727 if (len == 1 && ceil[0] == '/')
729 len = 0; /* root matches anything, with length 0 */
730 else if (!strncmp(path, ceil, len) && path[len] == '/')
731 ; /* match of length len */
732 else
733 continue; /* no match */
734 if (len > max_len)
736 max_len = len;
737 }
738 return max_len;
740}
741/* strip arbitrary amount of directory separators at end of path */
743static inline int chomp_trailing_dir_sep(const char *path, int len)
744{
745 while (len && is_dir_sep(path[len - 1]))
746 len--;
747 return len;
748}
749/*
751 * If path ends with suffix (complete path components), returns the
752 * part before suffix (sans trailing directory separators).
753 * Otherwise returns NULL.
754 */
755char *strip_path_suffix(const char *path, const char *suffix)
756{
757 int path_len = strlen(path), suffix_len = strlen(suffix);
758 while (suffix_len) {
760 if (!path_len)
761 return NULL;
762 if (is_dir_sep(path[path_len - 1])) {
764 if (!is_dir_sep(suffix[suffix_len - 1]))
765 return NULL;
766 path_len = chomp_trailing_dir_sep(path, path_len);
767 suffix_len = chomp_trailing_dir_sep(suffix, suffix_len);
768 }
769 else if (path[--path_len] != suffix[--suffix_len])
770 return NULL;
771 }
772 if (path_len && !is_dir_sep(path[path_len - 1]))
774 return NULL;
775 return xstrndup(path, chomp_trailing_dir_sep(path, path_len));
776}
777int daemon_avoid_alias(const char *p)
779{
780 int sl, ndot;
781 /*
783 * This resurrects the belts and suspenders paranoia check by HPA
784 * done in <435560F7.4080006@zytor.com> thread, now enter_repo()
785 * does not do getcwd() based path canonicalization.
786 *
787 * sl becomes true immediately after seeing '/' and continues to
788 * be true as long as dots continue after that without intervening
789 * non-dot character.
790 */
791 if (!p || (*p != '/' && *p != '~'))
792 return -1;
793 sl = 1; ndot = 0;
794 p++;
795 while (1) {
797 char ch = *p++;
798 if (sl) {
799 if (ch == '.')
800 ndot++;
801 else if (ch == '/') {
802 if (ndot < 3)
803 /* reject //, /./ and /../ */
804 return -1;
805 ndot = 0;
806 }
807 else if (ch == 0) {
808 if (0 < ndot && ndot < 3)
809 /* reject /.$ and /..$ */
810 return -1;
811 return 0;
812 }
813 else
814 sl = ndot = 0;
815 }
816 else if (ch == 0)
817 return 0;
818 else if (ch == '/') {
819 sl = 1;
820 ndot = 0;
821 }
822 }
823}