run-command.con commit fast-import: prevent producing bad delta (8fb3ad7)
   1#include "cache.h"
   2#include "run-command.h"
   3#include "exec_cmd.h"
   4
   5static inline void close_pair(int fd[2])
   6{
   7        close(fd[0]);
   8        close(fd[1]);
   9}
  10
  11#ifndef WIN32
  12static inline void dup_devnull(int to)
  13{
  14        int fd = open("/dev/null", O_RDWR);
  15        dup2(fd, to);
  16        close(fd);
  17}
  18#endif
  19
  20static const char **prepare_shell_cmd(const char **argv)
  21{
  22        int argc, nargc = 0;
  23        const char **nargv;
  24
  25        for (argc = 0; argv[argc]; argc++)
  26                ; /* just counting */
  27        /* +1 for NULL, +3 for "sh -c" plus extra $0 */
  28        nargv = xmalloc(sizeof(*nargv) * (argc + 1 + 3));
  29
  30        if (argc < 1)
  31                die("BUG: shell command is empty");
  32
  33        if (strcspn(argv[0], "|&;<>()$`\\\"' \t\n*?[#~=%") != strlen(argv[0])) {
  34                nargv[nargc++] = "sh";
  35                nargv[nargc++] = "-c";
  36
  37                if (argc < 2)
  38                        nargv[nargc++] = argv[0];
  39                else {
  40                        struct strbuf arg0 = STRBUF_INIT;
  41                        strbuf_addf(&arg0, "%s \"$@\"", argv[0]);
  42                        nargv[nargc++] = strbuf_detach(&arg0, NULL);
  43                }
  44        }
  45
  46        for (argc = 0; argv[argc]; argc++)
  47                nargv[nargc++] = argv[argc];
  48        nargv[nargc] = NULL;
  49
  50        return nargv;
  51}
  52
  53#ifndef WIN32
  54static int execv_shell_cmd(const char **argv)
  55{
  56        const char **nargv = prepare_shell_cmd(argv);
  57        trace_argv_printf(nargv, "trace: exec:");
  58        execvp(nargv[0], (char **)nargv);
  59        free(nargv);
  60        return -1;
  61}
  62#endif
  63
  64#ifndef WIN32
  65static int child_err = 2;
  66static int child_notifier = -1;
  67
  68static void notify_parent(void)
  69{
  70        /*
  71         * execvp failed.  If possible, we'd like to let start_command
  72         * know, so failures like ENOENT can be handled right away; but
  73         * otherwise, finish_command will still report the error.
  74         */
  75        xwrite(child_notifier, "", 1);
  76}
  77
  78static NORETURN void die_child(const char *err, va_list params)
  79{
  80        char msg[4096];
  81        int len = vsnprintf(msg, sizeof(msg), err, params);
  82        if (len > sizeof(msg))
  83                len = sizeof(msg);
  84
  85        write_in_full(child_err, "fatal: ", 7);
  86        write_in_full(child_err, msg, len);
  87        write_in_full(child_err, "\n", 1);
  88        exit(128);
  89}
  90#endif
  91
  92static inline void set_cloexec(int fd)
  93{
  94        int flags = fcntl(fd, F_GETFD);
  95        if (flags >= 0)
  96                fcntl(fd, F_SETFD, flags | FD_CLOEXEC);
  97}
  98
  99static int wait_or_whine(pid_t pid, const char *argv0, int silent_exec_failure)
 100{
 101        int status, code = -1;
 102        pid_t waiting;
 103        int failed_errno = 0;
 104
 105        while ((waiting = waitpid(pid, &status, 0)) < 0 && errno == EINTR)
 106                ;       /* nothing */
 107
 108        if (waiting < 0) {
 109                failed_errno = errno;
 110                error("waitpid for %s failed: %s", argv0, strerror(errno));
 111        } else if (waiting != pid) {
 112                error("waitpid is confused (%s)", argv0);
 113        } else if (WIFSIGNALED(status)) {
 114                code = WTERMSIG(status);
 115                error("%s died of signal %d", argv0, code);
 116                /*
 117                 * This return value is chosen so that code & 0xff
 118                 * mimics the exit code that a POSIX shell would report for
 119                 * a program that died from this signal.
 120                 */
 121                code -= 128;
 122        } else if (WIFEXITED(status)) {
 123                code = WEXITSTATUS(status);
 124                /*
 125                 * Convert special exit code when execvp failed.
 126                 */
 127                if (code == 127) {
 128                        code = -1;
 129                        failed_errno = ENOENT;
 130                        if (!silent_exec_failure)
 131                                error("cannot run %s: %s", argv0,
 132                                        strerror(ENOENT));
 133                }
 134        } else {
 135                error("waitpid is confused (%s)", argv0);
 136        }
 137        errno = failed_errno;
 138        return code;
 139}
 140
 141int start_command(struct child_process *cmd)
 142{
 143        int need_in, need_out, need_err;
 144        int fdin[2], fdout[2], fderr[2];
 145        int failed_errno = failed_errno;
 146
 147        /*
 148         * In case of errors we must keep the promise to close FDs
 149         * that have been passed in via ->in and ->out.
 150         */
 151
 152        need_in = !cmd->no_stdin && cmd->in < 0;
 153        if (need_in) {
 154                if (pipe(fdin) < 0) {
 155                        failed_errno = errno;
 156                        if (cmd->out > 0)
 157                                close(cmd->out);
 158                        goto fail_pipe;
 159                }
 160                cmd->in = fdin[1];
 161        }
 162
 163        need_out = !cmd->no_stdout
 164                && !cmd->stdout_to_stderr
 165                && cmd->out < 0;
 166        if (need_out) {
 167                if (pipe(fdout) < 0) {
 168                        failed_errno = errno;
 169                        if (need_in)
 170                                close_pair(fdin);
 171                        else if (cmd->in)
 172                                close(cmd->in);
 173                        goto fail_pipe;
 174                }
 175                cmd->out = fdout[0];
 176        }
 177
 178        need_err = !cmd->no_stderr && cmd->err < 0;
 179        if (need_err) {
 180                if (pipe(fderr) < 0) {
 181                        failed_errno = errno;
 182                        if (need_in)
 183                                close_pair(fdin);
 184                        else if (cmd->in)
 185                                close(cmd->in);
 186                        if (need_out)
 187                                close_pair(fdout);
 188                        else if (cmd->out)
 189                                close(cmd->out);
 190fail_pipe:
 191                        error("cannot create pipe for %s: %s",
 192                                cmd->argv[0], strerror(failed_errno));
 193                        errno = failed_errno;
 194                        return -1;
 195                }
 196                cmd->err = fderr[0];
 197        }
 198
 199        trace_argv_printf(cmd->argv, "trace: run_command:");
 200        fflush(NULL);
 201
 202#ifndef WIN32
 203{
 204        int notify_pipe[2];
 205        if (pipe(notify_pipe))
 206                notify_pipe[0] = notify_pipe[1] = -1;
 207
 208        cmd->pid = fork();
 209        if (!cmd->pid) {
 210                /*
 211                 * Redirect the channel to write syscall error messages to
 212                 * before redirecting the process's stderr so that all die()
 213                 * in subsequent call paths use the parent's stderr.
 214                 */
 215                if (cmd->no_stderr || need_err) {
 216                        child_err = dup(2);
 217                        set_cloexec(child_err);
 218                }
 219                set_die_routine(die_child);
 220
 221                close(notify_pipe[0]);
 222                set_cloexec(notify_pipe[1]);
 223                child_notifier = notify_pipe[1];
 224                atexit(notify_parent);
 225
 226                if (cmd->no_stdin)
 227                        dup_devnull(0);
 228                else if (need_in) {
 229                        dup2(fdin[0], 0);
 230                        close_pair(fdin);
 231                } else if (cmd->in) {
 232                        dup2(cmd->in, 0);
 233                        close(cmd->in);
 234                }
 235
 236                if (cmd->no_stderr)
 237                        dup_devnull(2);
 238                else if (need_err) {
 239                        dup2(fderr[1], 2);
 240                        close_pair(fderr);
 241                } else if (cmd->err > 1) {
 242                        dup2(cmd->err, 2);
 243                        close(cmd->err);
 244                }
 245
 246                if (cmd->no_stdout)
 247                        dup_devnull(1);
 248                else if (cmd->stdout_to_stderr)
 249                        dup2(2, 1);
 250                else if (need_out) {
 251                        dup2(fdout[1], 1);
 252                        close_pair(fdout);
 253                } else if (cmd->out > 1) {
 254                        dup2(cmd->out, 1);
 255                        close(cmd->out);
 256                }
 257
 258                if (cmd->dir && chdir(cmd->dir))
 259                        die_errno("exec '%s': cd to '%s' failed", cmd->argv[0],
 260                            cmd->dir);
 261                if (cmd->env) {
 262                        for (; *cmd->env; cmd->env++) {
 263                                if (strchr(*cmd->env, '='))
 264                                        putenv((char *)*cmd->env);
 265                                else
 266                                        unsetenv(*cmd->env);
 267                        }
 268                }
 269                if (cmd->preexec_cb) {
 270                        /*
 271                         * We cannot predict what the pre-exec callback does.
 272                         * Forgo parent notification.
 273                         */
 274                        close(child_notifier);
 275                        child_notifier = -1;
 276
 277                        cmd->preexec_cb();
 278                }
 279                if (cmd->git_cmd) {
 280                        execv_git_cmd(cmd->argv);
 281                } else if (cmd->use_shell) {
 282                        execv_shell_cmd(cmd->argv);
 283                } else {
 284                        execvp(cmd->argv[0], (char *const*) cmd->argv);
 285                }
 286                /*
 287                 * Do not check for cmd->silent_exec_failure; the parent
 288                 * process will check it when it sees this exit code.
 289                 */
 290                if (errno == ENOENT)
 291                        exit(127);
 292                else
 293                        die_errno("cannot exec '%s'", cmd->argv[0]);
 294        }
 295        if (cmd->pid < 0)
 296                error("cannot fork() for %s: %s", cmd->argv[0],
 297                        strerror(failed_errno = errno));
 298
 299        /*
 300         * Wait for child's execvp. If the execvp succeeds (or if fork()
 301         * failed), EOF is seen immediately by the parent. Otherwise, the
 302         * child process sends a single byte.
 303         * Note that use of this infrastructure is completely advisory,
 304         * therefore, we keep error checks minimal.
 305         */
 306        close(notify_pipe[1]);
 307        if (read(notify_pipe[0], &notify_pipe[1], 1) == 1) {
 308                /*
 309                 * At this point we know that fork() succeeded, but execvp()
 310                 * failed. Errors have been reported to our stderr.
 311                 */
 312                wait_or_whine(cmd->pid, cmd->argv[0],
 313                              cmd->silent_exec_failure);
 314                failed_errno = errno;
 315                cmd->pid = -1;
 316        }
 317        close(notify_pipe[0]);
 318}
 319#else
 320{
 321        int fhin = 0, fhout = 1, fherr = 2;
 322        const char **sargv = cmd->argv;
 323        char **env = environ;
 324
 325        if (cmd->no_stdin)
 326                fhin = open("/dev/null", O_RDWR);
 327        else if (need_in)
 328                fhin = dup(fdin[0]);
 329        else if (cmd->in)
 330                fhin = dup(cmd->in);
 331
 332        if (cmd->no_stderr)
 333                fherr = open("/dev/null", O_RDWR);
 334        else if (need_err)
 335                fherr = dup(fderr[1]);
 336        else if (cmd->err > 2)
 337                fherr = dup(cmd->err);
 338
 339        if (cmd->no_stdout)
 340                fhout = open("/dev/null", O_RDWR);
 341        else if (cmd->stdout_to_stderr)
 342                fhout = dup(fherr);
 343        else if (need_out)
 344                fhout = dup(fdout[1]);
 345        else if (cmd->out > 1)
 346                fhout = dup(cmd->out);
 347
 348        if (cmd->env)
 349                env = make_augmented_environ(cmd->env);
 350
 351        if (cmd->git_cmd) {
 352                cmd->argv = prepare_git_cmd(cmd->argv);
 353        } else if (cmd->use_shell) {
 354                cmd->argv = prepare_shell_cmd(cmd->argv);
 355        }
 356
 357        cmd->pid = mingw_spawnvpe(cmd->argv[0], cmd->argv, env, cmd->dir,
 358                                  fhin, fhout, fherr);
 359        failed_errno = errno;
 360        if (cmd->pid < 0 && (!cmd->silent_exec_failure || errno != ENOENT))
 361                error("cannot spawn %s: %s", cmd->argv[0], strerror(errno));
 362
 363        if (cmd->env)
 364                free_environ(env);
 365        if (cmd->git_cmd)
 366                free(cmd->argv);
 367
 368        cmd->argv = sargv;
 369        if (fhin != 0)
 370                close(fhin);
 371        if (fhout != 1)
 372                close(fhout);
 373        if (fherr != 2)
 374                close(fherr);
 375}
 376#endif
 377
 378        if (cmd->pid < 0) {
 379                if (need_in)
 380                        close_pair(fdin);
 381                else if (cmd->in)
 382                        close(cmd->in);
 383                if (need_out)
 384                        close_pair(fdout);
 385                else if (cmd->out)
 386                        close(cmd->out);
 387                if (need_err)
 388                        close_pair(fderr);
 389                else if (cmd->err)
 390                        close(cmd->err);
 391                errno = failed_errno;
 392                return -1;
 393        }
 394
 395        if (need_in)
 396                close(fdin[0]);
 397        else if (cmd->in)
 398                close(cmd->in);
 399
 400        if (need_out)
 401                close(fdout[1]);
 402        else if (cmd->out)
 403                close(cmd->out);
 404
 405        if (need_err)
 406                close(fderr[1]);
 407        else if (cmd->err)
 408                close(cmd->err);
 409
 410        return 0;
 411}
 412
 413int finish_command(struct child_process *cmd)
 414{
 415        return wait_or_whine(cmd->pid, cmd->argv[0], cmd->silent_exec_failure);
 416}
 417
 418int run_command(struct child_process *cmd)
 419{
 420        int code = start_command(cmd);
 421        if (code)
 422                return code;
 423        return finish_command(cmd);
 424}
 425
 426static void prepare_run_command_v_opt(struct child_process *cmd,
 427                                      const char **argv,
 428                                      int opt)
 429{
 430        memset(cmd, 0, sizeof(*cmd));
 431        cmd->argv = argv;
 432        cmd->no_stdin = opt & RUN_COMMAND_NO_STDIN ? 1 : 0;
 433        cmd->git_cmd = opt & RUN_GIT_CMD ? 1 : 0;
 434        cmd->stdout_to_stderr = opt & RUN_COMMAND_STDOUT_TO_STDERR ? 1 : 0;
 435        cmd->silent_exec_failure = opt & RUN_SILENT_EXEC_FAILURE ? 1 : 0;
 436        cmd->use_shell = opt & RUN_USING_SHELL ? 1 : 0;
 437}
 438
 439int run_command_v_opt(const char **argv, int opt)
 440{
 441        struct child_process cmd;
 442        prepare_run_command_v_opt(&cmd, argv, opt);
 443        return run_command(&cmd);
 444}
 445
 446int run_command_v_opt_cd_env(const char **argv, int opt, const char *dir, const char *const *env)
 447{
 448        struct child_process cmd;
 449        prepare_run_command_v_opt(&cmd, argv, opt);
 450        cmd.dir = dir;
 451        cmd.env = env;
 452        return run_command(&cmd);
 453}
 454
 455#ifndef NO_PTHREADS
 456static pthread_t main_thread;
 457static int main_thread_set;
 458static pthread_key_t async_key;
 459
 460static void *run_thread(void *data)
 461{
 462        struct async *async = data;
 463        intptr_t ret;
 464
 465        pthread_setspecific(async_key, async);
 466        ret = async->proc(async->proc_in, async->proc_out, async->data);
 467        return (void *)ret;
 468}
 469
 470static NORETURN void die_async(const char *err, va_list params)
 471{
 472        vreportf("fatal: ", err, params);
 473
 474        if (!pthread_equal(main_thread, pthread_self())) {
 475                struct async *async = pthread_getspecific(async_key);
 476                if (async->proc_in >= 0)
 477                        close(async->proc_in);
 478                if (async->proc_out >= 0)
 479                        close(async->proc_out);
 480                pthread_exit((void *)128);
 481        }
 482
 483        exit(128);
 484}
 485#endif
 486
 487int start_async(struct async *async)
 488{
 489        int need_in, need_out;
 490        int fdin[2], fdout[2];
 491        int proc_in, proc_out;
 492
 493        need_in = async->in < 0;
 494        if (need_in) {
 495                if (pipe(fdin) < 0) {
 496                        if (async->out > 0)
 497                                close(async->out);
 498                        return error("cannot create pipe: %s", strerror(errno));
 499                }
 500                async->in = fdin[1];
 501        }
 502
 503        need_out = async->out < 0;
 504        if (need_out) {
 505                if (pipe(fdout) < 0) {
 506                        if (need_in)
 507                                close_pair(fdin);
 508                        else if (async->in)
 509                                close(async->in);
 510                        return error("cannot create pipe: %s", strerror(errno));
 511                }
 512                async->out = fdout[0];
 513        }
 514
 515        if (need_in)
 516                proc_in = fdin[0];
 517        else if (async->in)
 518                proc_in = async->in;
 519        else
 520                proc_in = -1;
 521
 522        if (need_out)
 523                proc_out = fdout[1];
 524        else if (async->out)
 525                proc_out = async->out;
 526        else
 527                proc_out = -1;
 528
 529#ifdef NO_PTHREADS
 530        /* Flush stdio before fork() to avoid cloning buffers */
 531        fflush(NULL);
 532
 533        async->pid = fork();
 534        if (async->pid < 0) {
 535                error("fork (async) failed: %s", strerror(errno));
 536                goto error;
 537        }
 538        if (!async->pid) {
 539                if (need_in)
 540                        close(fdin[1]);
 541                if (need_out)
 542                        close(fdout[0]);
 543                exit(!!async->proc(proc_in, proc_out, async->data));
 544        }
 545
 546        if (need_in)
 547                close(fdin[0]);
 548        else if (async->in)
 549                close(async->in);
 550
 551        if (need_out)
 552                close(fdout[1]);
 553        else if (async->out)
 554                close(async->out);
 555#else
 556        if (!main_thread_set) {
 557                /*
 558                 * We assume that the first time that start_async is called
 559                 * it is from the main thread.
 560                 */
 561                main_thread_set = 1;
 562                main_thread = pthread_self();
 563                pthread_key_create(&async_key, NULL);
 564                set_die_routine(die_async);
 565        }
 566
 567        if (proc_in >= 0)
 568                set_cloexec(proc_in);
 569        if (proc_out >= 0)
 570                set_cloexec(proc_out);
 571        async->proc_in = proc_in;
 572        async->proc_out = proc_out;
 573        {
 574                int err = pthread_create(&async->tid, NULL, run_thread, async);
 575                if (err) {
 576                        error("cannot create thread: %s", strerror(err));
 577                        goto error;
 578                }
 579        }
 580#endif
 581        return 0;
 582
 583error:
 584        if (need_in)
 585                close_pair(fdin);
 586        else if (async->in)
 587                close(async->in);
 588
 589        if (need_out)
 590                close_pair(fdout);
 591        else if (async->out)
 592                close(async->out);
 593        return -1;
 594}
 595
 596int finish_async(struct async *async)
 597{
 598#ifdef NO_PTHREADS
 599        return wait_or_whine(async->pid, "child process", 0);
 600#else
 601        void *ret = (void *)(intptr_t)(-1);
 602
 603        if (pthread_join(async->tid, &ret))
 604                error("pthread_join failed");
 605        return (int)(intptr_t)ret;
 606#endif
 607}
 608
 609int run_hook(const char *index_file, const char *name, ...)
 610{
 611        struct child_process hook;
 612        const char **argv = NULL, *env[2];
 613        char index[PATH_MAX];
 614        va_list args;
 615        int ret;
 616        size_t i = 0, alloc = 0;
 617
 618        if (access(git_path("hooks/%s", name), X_OK) < 0)
 619                return 0;
 620
 621        va_start(args, name);
 622        ALLOC_GROW(argv, i + 1, alloc);
 623        argv[i++] = git_path("hooks/%s", name);
 624        while (argv[i-1]) {
 625                ALLOC_GROW(argv, i + 1, alloc);
 626                argv[i++] = va_arg(args, const char *);
 627        }
 628        va_end(args);
 629
 630        memset(&hook, 0, sizeof(hook));
 631        hook.argv = argv;
 632        hook.no_stdin = 1;
 633        hook.stdout_to_stderr = 1;
 634        if (index_file) {
 635                snprintf(index, sizeof(index), "GIT_INDEX_FILE=%s", index_file);
 636                env[0] = index;
 637                env[1] = NULL;
 638                hook.env = env;
 639        }
 640
 641        ret = run_command(&hook);
 642        free(argv);
 643        return ret;
 644}