path.con commit Avoid writing to buffer in add_excludes_from_file_1() (b5041c5)
   1/*
   2 * I'm tired of doing "vsnprintf()" etc just to open a
   3 * file, so here's a "return static buffer with printf"
   4 * interface for paths.
   5 *
   6 * It's obviously not thread-safe. Sue me. But it's quite
   7 * useful for doing things like
   8 *
   9 *   f = open(mkpath("%s/%s.git", base, name), O_RDONLY);
  10 *
  11 * which is what it's designed for.
  12 */
  13#include "cache.h"
  14
  15static char bad_path[] = "/bad-path/";
  16
  17static char *get_pathname(void)
  18{
  19        static char pathname_array[4][PATH_MAX];
  20        static int index;
  21        return pathname_array[3 & ++index];
  22}
  23
  24static char *cleanup_path(char *path)
  25{
  26        /* Clean it up */
  27        if (!memcmp(path, "./", 2)) {
  28                path += 2;
  29                while (*path == '/')
  30                        path++;
  31        }
  32        return path;
  33}
  34
  35char *mksnpath(char *buf, size_t n, const char *fmt, ...)
  36{
  37        va_list args;
  38        unsigned len;
  39
  40        va_start(args, fmt);
  41        len = vsnprintf(buf, n, fmt, args);
  42        va_end(args);
  43        if (len >= n) {
  44                strlcpy(buf, bad_path, n);
  45                return buf;
  46        }
  47        return cleanup_path(buf);
  48}
  49
  50static char *git_vsnpath(char *buf, size_t n, const char *fmt, va_list args)
  51{
  52        const char *git_dir = get_git_dir();
  53        size_t len;
  54
  55        len = strlen(git_dir);
  56        if (n < len + 1)
  57                goto bad;
  58        memcpy(buf, git_dir, len);
  59        if (len && !is_dir_sep(git_dir[len-1]))
  60                buf[len++] = '/';
  61        len += vsnprintf(buf + len, n - len, fmt, args);
  62        if (len >= n)
  63                goto bad;
  64        return cleanup_path(buf);
  65bad:
  66        strlcpy(buf, bad_path, n);
  67        return buf;
  68}
  69
  70char *git_snpath(char *buf, size_t n, const char *fmt, ...)
  71{
  72        va_list args;
  73        va_start(args, fmt);
  74        (void)git_vsnpath(buf, n, fmt, args);
  75        va_end(args);
  76        return buf;
  77}
  78
  79char *git_pathdup(const char *fmt, ...)
  80{
  81        char path[PATH_MAX];
  82        va_list args;
  83        va_start(args, fmt);
  84        (void)git_vsnpath(path, sizeof(path), fmt, args);
  85        va_end(args);
  86        return xstrdup(path);
  87}
  88
  89char *mkpath(const char *fmt, ...)
  90{
  91        va_list args;
  92        unsigned len;
  93        char *pathname = get_pathname();
  94
  95        va_start(args, fmt);
  96        len = vsnprintf(pathname, PATH_MAX, fmt, args);
  97        va_end(args);
  98        if (len >= PATH_MAX)
  99                return bad_path;
 100        return cleanup_path(pathname);
 101}
 102
 103char *git_path(const char *fmt, ...)
 104{
 105        const char *git_dir = get_git_dir();
 106        char *pathname = get_pathname();
 107        va_list args;
 108        unsigned len;
 109
 110        len = strlen(git_dir);
 111        if (len > PATH_MAX-100)
 112                return bad_path;
 113        memcpy(pathname, git_dir, len);
 114        if (len && git_dir[len-1] != '/')
 115                pathname[len++] = '/';
 116        va_start(args, fmt);
 117        len += vsnprintf(pathname + len, PATH_MAX - len, fmt, args);
 118        va_end(args);
 119        if (len >= PATH_MAX)
 120                return bad_path;
 121        return cleanup_path(pathname);
 122}
 123
 124
 125/* git_mkstemp() - create tmp file honoring TMPDIR variable */
 126int git_mkstemp(char *path, size_t len, const char *template)
 127{
 128        const char *tmp;
 129        size_t n;
 130
 131        tmp = getenv("TMPDIR");
 132        if (!tmp)
 133                tmp = "/tmp";
 134        n = snprintf(path, len, "%s/%s", tmp, template);
 135        if (len <= n) {
 136                errno = ENAMETOOLONG;
 137                return -1;
 138        }
 139        return mkstemp(path);
 140}
 141
 142/* git_mkstemps() - create tmp file with suffix honoring TMPDIR variable. */
 143int git_mkstemps(char *path, size_t len, const char *template, int suffix_len)
 144{
 145        const char *tmp;
 146        size_t n;
 147
 148        tmp = getenv("TMPDIR");
 149        if (!tmp)
 150                tmp = "/tmp";
 151        n = snprintf(path, len, "%s/%s", tmp, template);
 152        if (len <= n) {
 153                errno = ENAMETOOLONG;
 154                return -1;
 155        }
 156        return mkstemps(path, suffix_len);
 157}
 158
 159int validate_headref(const char *path)
 160{
 161        struct stat st;
 162        char *buf, buffer[256];
 163        unsigned char sha1[20];
 164        int fd;
 165        ssize_t len;
 166
 167        if (lstat(path, &st) < 0)
 168                return -1;
 169
 170        /* Make sure it is a "refs/.." symlink */
 171        if (S_ISLNK(st.st_mode)) {
 172                len = readlink(path, buffer, sizeof(buffer)-1);
 173                if (len >= 5 && !memcmp("refs/", buffer, 5))
 174                        return 0;
 175                return -1;
 176        }
 177
 178        /*
 179         * Anything else, just open it and try to see if it is a symbolic ref.
 180         */
 181        fd = open(path, O_RDONLY);
 182        if (fd < 0)
 183                return -1;
 184        len = read_in_full(fd, buffer, sizeof(buffer)-1);
 185        close(fd);
 186
 187        /*
 188         * Is it a symbolic ref?
 189         */
 190        if (len < 4)
 191                return -1;
 192        if (!memcmp("ref:", buffer, 4)) {
 193                buf = buffer + 4;
 194                len -= 4;
 195                while (len && isspace(*buf))
 196                        buf++, len--;
 197                if (len >= 5 && !memcmp("refs/", buf, 5))
 198                        return 0;
 199        }
 200
 201        /*
 202         * Is this a detached HEAD?
 203         */
 204        if (!get_sha1_hex(buffer, sha1))
 205                return 0;
 206
 207        return -1;
 208}
 209
 210static char *user_path(char *buf, char *path, int sz)
 211{
 212        struct passwd *pw;
 213        char *slash;
 214        int len, baselen;
 215
 216        if (!path || path[0] != '~')
 217                return NULL;
 218        path++;
 219        slash = strchr(path, '/');
 220        if (path[0] == '/' || !path[0]) {
 221                pw = getpwuid(getuid());
 222        }
 223        else {
 224                if (slash) {
 225                        *slash = 0;
 226                        pw = getpwnam(path);
 227                        *slash = '/';
 228                }
 229                else
 230                        pw = getpwnam(path);
 231        }
 232        if (!pw || !pw->pw_dir || sz <= strlen(pw->pw_dir))
 233                return NULL;
 234        baselen = strlen(pw->pw_dir);
 235        memcpy(buf, pw->pw_dir, baselen);
 236        while ((1 < baselen) && (buf[baselen-1] == '/')) {
 237                buf[baselen-1] = 0;
 238                baselen--;
 239        }
 240        if (slash && slash[1]) {
 241                len = strlen(slash);
 242                if (sz <= baselen + len)
 243                        return NULL;
 244                memcpy(buf + baselen, slash, len + 1);
 245        }
 246        return buf;
 247}
 248
 249/*
 250 * First, one directory to try is determined by the following algorithm.
 251 *
 252 * (0) If "strict" is given, the path is used as given and no DWIM is
 253 *     done. Otherwise:
 254 * (1) "~/path" to mean path under the running user's home directory;
 255 * (2) "~user/path" to mean path under named user's home directory;
 256 * (3) "relative/path" to mean cwd relative directory; or
 257 * (4) "/absolute/path" to mean absolute directory.
 258 *
 259 * Unless "strict" is given, we try access() for existence of "%s.git/.git",
 260 * "%s/.git", "%s.git", "%s" in this order.  The first one that exists is
 261 * what we try.
 262 *
 263 * Second, we try chdir() to that.  Upon failure, we return NULL.
 264 *
 265 * Then, we try if the current directory is a valid git repository.
 266 * Upon failure, we return NULL.
 267 *
 268 * If all goes well, we return the directory we used to chdir() (but
 269 * before ~user is expanded), avoiding getcwd() resolving symbolic
 270 * links.  User relative paths are also returned as they are given,
 271 * except DWIM suffixing.
 272 */
 273char *enter_repo(char *path, int strict)
 274{
 275        static char used_path[PATH_MAX];
 276        static char validated_path[PATH_MAX];
 277
 278        if (!path)
 279                return NULL;
 280
 281        if (!strict) {
 282                static const char *suffix[] = {
 283                        ".git/.git", "/.git", ".git", "", NULL,
 284                };
 285                int len = strlen(path);
 286                int i;
 287                while ((1 < len) && (path[len-1] == '/')) {
 288                        path[len-1] = 0;
 289                        len--;
 290                }
 291                if (PATH_MAX <= len)
 292                        return NULL;
 293                if (path[0] == '~') {
 294                        if (!user_path(used_path, path, PATH_MAX))
 295                                return NULL;
 296                        strcpy(validated_path, path);
 297                        path = used_path;
 298                }
 299                else if (PATH_MAX - 10 < len)
 300                        return NULL;
 301                else {
 302                        path = strcpy(used_path, path);
 303                        strcpy(validated_path, path);
 304                }
 305                len = strlen(path);
 306                for (i = 0; suffix[i]; i++) {
 307                        strcpy(path + len, suffix[i]);
 308                        if (!access(path, F_OK)) {
 309                                strcat(validated_path, suffix[i]);
 310                                break;
 311                        }
 312                }
 313                if (!suffix[i] || chdir(path))
 314                        return NULL;
 315                path = validated_path;
 316        }
 317        else if (chdir(path))
 318                return NULL;
 319
 320        if (access("objects", X_OK) == 0 && access("refs", X_OK) == 0 &&
 321            validate_headref("HEAD") == 0) {
 322                setenv(GIT_DIR_ENVIRONMENT, ".", 1);
 323                check_repository_format();
 324                return path;
 325        }
 326
 327        return NULL;
 328}
 329
 330int set_shared_perm(const char *path, int mode)
 331{
 332        struct stat st;
 333        int tweak, shared, orig_mode;
 334
 335        if (!shared_repository) {
 336                if (mode)
 337                        return chmod(path, mode & ~S_IFMT);
 338                return 0;
 339        }
 340        if (!mode) {
 341                if (lstat(path, &st) < 0)
 342                        return -1;
 343                mode = st.st_mode;
 344                orig_mode = mode;
 345        } else
 346                orig_mode = 0;
 347        if (shared_repository < 0)
 348                shared = -shared_repository;
 349        else
 350                shared = shared_repository;
 351        tweak = shared;
 352
 353        if (!(mode & S_IWUSR))
 354                tweak &= ~0222;
 355        if (mode & S_IXUSR)
 356                /* Copy read bits to execute bits */
 357                tweak |= (tweak & 0444) >> 2;
 358        if (shared_repository < 0)
 359                mode = (mode & ~0777) | tweak;
 360        else
 361                mode |= tweak;
 362
 363        if (S_ISDIR(mode)) {
 364                /* Copy read bits to execute bits */
 365                mode |= (shared & 0444) >> 2;
 366                mode |= FORCE_DIR_SET_GID;
 367        }
 368
 369        if (((shared_repository < 0
 370              ? (orig_mode & (FORCE_DIR_SET_GID | 0777))
 371              : (orig_mode & mode)) != mode) &&
 372            chmod(path, (mode & ~S_IFMT)) < 0)
 373                return -2;
 374        return 0;
 375}
 376
 377const char *make_relative_path(const char *abs, const char *base)
 378{
 379        static char buf[PATH_MAX + 1];
 380        int baselen;
 381        if (!base)
 382                return abs;
 383        baselen = strlen(base);
 384        if (prefixcmp(abs, base))
 385                return abs;
 386        if (abs[baselen] == '/')
 387                baselen++;
 388        else if (base[baselen - 1] != '/')
 389                return abs;
 390        strcpy(buf, abs + baselen);
 391        return buf;
 392}
 393
 394/*
 395 * It is okay if dst == src, but they should not overlap otherwise.
 396 *
 397 * Performs the following normalizations on src, storing the result in dst:
 398 * - Ensures that components are separated by '/' (Windows only)
 399 * - Squashes sequences of '/'.
 400 * - Removes "." components.
 401 * - Removes ".." components, and the components the precede them.
 402 * Returns failure (non-zero) if a ".." component appears as first path
 403 * component anytime during the normalization. Otherwise, returns success (0).
 404 *
 405 * Note that this function is purely textual.  It does not follow symlinks,
 406 * verify the existence of the path, or make any system calls.
 407 */
 408int normalize_path_copy(char *dst, const char *src)
 409{
 410        char *dst0;
 411
 412        if (has_dos_drive_prefix(src)) {
 413                *dst++ = *src++;
 414                *dst++ = *src++;
 415        }
 416        dst0 = dst;
 417
 418        if (is_dir_sep(*src)) {
 419                *dst++ = '/';
 420                while (is_dir_sep(*src))
 421                        src++;
 422        }
 423
 424        for (;;) {
 425                char c = *src;
 426
 427                /*
 428                 * A path component that begins with . could be
 429                 * special:
 430                 * (1) "." and ends   -- ignore and terminate.
 431                 * (2) "./"           -- ignore them, eat slash and continue.
 432                 * (3) ".." and ends  -- strip one and terminate.
 433                 * (4) "../"          -- strip one, eat slash and continue.
 434                 */
 435                if (c == '.') {
 436                        if (!src[1]) {
 437                                /* (1) */
 438                                src++;
 439                        } else if (is_dir_sep(src[1])) {
 440                                /* (2) */
 441                                src += 2;
 442                                while (is_dir_sep(*src))
 443                                        src++;
 444                                continue;
 445                        } else if (src[1] == '.') {
 446                                if (!src[2]) {
 447                                        /* (3) */
 448                                        src += 2;
 449                                        goto up_one;
 450                                } else if (is_dir_sep(src[2])) {
 451                                        /* (4) */
 452                                        src += 3;
 453                                        while (is_dir_sep(*src))
 454                                                src++;
 455                                        goto up_one;
 456                                }
 457                        }
 458                }
 459
 460                /* copy up to the next '/', and eat all '/' */
 461                while ((c = *src++) != '\0' && !is_dir_sep(c))
 462                        *dst++ = c;
 463                if (is_dir_sep(c)) {
 464                        *dst++ = '/';
 465                        while (is_dir_sep(c))
 466                                c = *src++;
 467                        src--;
 468                } else if (!c)
 469                        break;
 470                continue;
 471
 472        up_one:
 473                /*
 474                 * dst0..dst is prefix portion, and dst[-1] is '/';
 475                 * go up one level.
 476                 */
 477                dst--;  /* go to trailing '/' */
 478                if (dst <= dst0)
 479                        return -1;
 480                /* Windows: dst[-1] cannot be backslash anymore */
 481                while (dst0 < dst && dst[-1] != '/')
 482                        dst--;
 483        }
 484        *dst = '\0';
 485        return 0;
 486}
 487
 488/*
 489 * path = Canonical absolute path
 490 * prefix_list = Colon-separated list of absolute paths
 491 *
 492 * Determines, for each path in prefix_list, whether the "prefix" really
 493 * is an ancestor directory of path.  Returns the length of the longest
 494 * ancestor directory, excluding any trailing slashes, or -1 if no prefix
 495 * is an ancestor.  (Note that this means 0 is returned if prefix_list is
 496 * "/".) "/foo" is not considered an ancestor of "/foobar".  Directories
 497 * are not considered to be their own ancestors.  path must be in a
 498 * canonical form: empty components, or "." or ".." components are not
 499 * allowed.  prefix_list may be null, which is like "".
 500 */
 501int longest_ancestor_length(const char *path, const char *prefix_list)
 502{
 503        char buf[PATH_MAX+1];
 504        const char *ceil, *colon;
 505        int len, max_len = -1;
 506
 507        if (prefix_list == NULL || !strcmp(path, "/"))
 508                return -1;
 509
 510        for (colon = ceil = prefix_list; *colon; ceil = colon+1) {
 511                for (colon = ceil; *colon && *colon != PATH_SEP; colon++);
 512                len = colon - ceil;
 513                if (len == 0 || len > PATH_MAX || !is_absolute_path(ceil))
 514                        continue;
 515                strlcpy(buf, ceil, len+1);
 516                if (normalize_path_copy(buf, buf) < 0)
 517                        continue;
 518                len = strlen(buf);
 519                if (len > 0 && buf[len-1] == '/')
 520                        buf[--len] = '\0';
 521
 522                if (!strncmp(path, buf, len) &&
 523                    path[len] == '/' &&
 524                    len > max_len) {
 525                        max_len = len;
 526                }
 527        }
 528
 529        return max_len;
 530}
 531
 532/* strip arbitrary amount of directory separators at end of path */
 533static inline int chomp_trailing_dir_sep(const char *path, int len)
 534{
 535        while (len && is_dir_sep(path[len - 1]))
 536                len--;
 537        return len;
 538}
 539
 540/*
 541 * If path ends with suffix (complete path components), returns the
 542 * part before suffix (sans trailing directory separators).
 543 * Otherwise returns NULL.
 544 */
 545char *strip_path_suffix(const char *path, const char *suffix)
 546{
 547        int path_len = strlen(path), suffix_len = strlen(suffix);
 548
 549        while (suffix_len) {
 550                if (!path_len)
 551                        return NULL;
 552
 553                if (is_dir_sep(path[path_len - 1])) {
 554                        if (!is_dir_sep(suffix[suffix_len - 1]))
 555                                return NULL;
 556                        path_len = chomp_trailing_dir_sep(path, path_len);
 557                        suffix_len = chomp_trailing_dir_sep(suffix, suffix_len);
 558                }
 559                else if (path[--path_len] != suffix[--suffix_len])
 560                        return NULL;
 561        }
 562
 563        if (path_len && !is_dir_sep(path[path_len - 1]))
 564                return NULL;
 565        return xstrndup(path, chomp_trailing_dir_sep(path, path_len));
 566}