builtin-diff.con commit gitweb: No error messages with unescaped/unprotected user input (e2860ea)
   1/*
   2 * Builtin "git diff"
   3 *
   4 * Copyright (c) 2006 Junio C Hamano
   5 */
   6#include "cache.h"
   7#include "commit.h"
   8#include "blob.h"
   9#include "tag.h"
  10#include "diff.h"
  11#include "diffcore.h"
  12#include "revision.h"
  13#include "log-tree.h"
  14#include "builtin.h"
  15
  16/* NEEDSWORK: struct object has place for name but we _do_
  17 * know mode when we extracted the blob out of a tree, which
  18 * we currently lose.
  19 */
  20struct blobinfo {
  21        unsigned char sha1[20];
  22        const char *name;
  23};
  24
  25static const char builtin_diff_usage[] =
  26"diff <options> <rev>{0,2} -- <path>*";
  27
  28static int builtin_diff_files(struct rev_info *revs,
  29                              int argc, const char **argv)
  30{
  31        int silent = 0;
  32        while (1 < argc) {
  33                const char *arg = argv[1];
  34                if (!strcmp(arg, "--base"))
  35                        revs->max_count = 1;
  36                else if (!strcmp(arg, "--ours"))
  37                        revs->max_count = 2;
  38                else if (!strcmp(arg, "--theirs"))
  39                        revs->max_count = 3;
  40                else if (!strcmp(arg, "-q"))
  41                        silent = 1;
  42                else
  43                        usage(builtin_diff_usage);
  44                argv++; argc--;
  45        }
  46        /*
  47         * Make sure there are NO revision (i.e. pending object) parameter,
  48         * specified rev.max_count is reasonable (0 <= n <= 3), and
  49         * there is no other revision filtering parameter.
  50         */
  51        if (revs->pending.nr ||
  52            revs->min_age != -1 ||
  53            revs->max_age != -1 ||
  54            3 < revs->max_count)
  55                usage(builtin_diff_usage);
  56        if (revs->max_count < 0 &&
  57            (revs->diffopt.output_format & DIFF_FORMAT_PATCH))
  58                revs->combine_merges = revs->dense_combined_merges = 1;
  59        /*
  60         * Backward compatibility wart - "diff-files -s" used to
  61         * defeat the common diff option "-s" which asked for
  62         * DIFF_FORMAT_NO_OUTPUT.
  63         */
  64        if (revs->diffopt.output_format == DIFF_FORMAT_NO_OUTPUT)
  65                revs->diffopt.output_format = DIFF_FORMAT_RAW;
  66        return run_diff_files(revs, silent);
  67}
  68
  69static void stuff_change(struct diff_options *opt,
  70                         unsigned old_mode, unsigned new_mode,
  71                         const unsigned char *old_sha1,
  72                         const unsigned char *new_sha1,
  73                         const char *old_name,
  74                         const char *new_name)
  75{
  76        struct diff_filespec *one, *two;
  77
  78        if (memcmp(null_sha1, old_sha1, 20) &&
  79            memcmp(null_sha1, new_sha1, 20) &&
  80            !memcmp(old_sha1, new_sha1, 20))
  81                return;
  82
  83        if (opt->reverse_diff) {
  84                unsigned tmp;
  85                const unsigned char *tmp_u;
  86                const char *tmp_c;
  87                tmp = old_mode; old_mode = new_mode; new_mode = tmp;
  88                tmp_u = old_sha1; old_sha1 = new_sha1; new_sha1 = tmp_u;
  89                tmp_c = old_name; old_name = new_name; new_name = tmp_c;
  90        }
  91        one = alloc_filespec(old_name);
  92        two = alloc_filespec(new_name);
  93        fill_filespec(one, old_sha1, old_mode);
  94        fill_filespec(two, new_sha1, new_mode);
  95
  96        /* NEEDSWORK: shouldn't this part of diffopt??? */
  97        diff_queue(&diff_queued_diff, one, two);
  98}
  99
 100static int builtin_diff_b_f(struct rev_info *revs,
 101                            int argc, const char **argv,
 102                            struct blobinfo *blob,
 103                            const char *path)
 104{
 105        /* Blob vs file in the working tree*/
 106        struct stat st;
 107
 108        if (argc > 1)
 109                usage(builtin_diff_usage);
 110
 111        if (lstat(path, &st))
 112                die("'%s': %s", path, strerror(errno));
 113        if (!(S_ISREG(st.st_mode) || S_ISLNK(st.st_mode)))
 114                die("'%s': not a regular file or symlink", path);
 115        stuff_change(&revs->diffopt,
 116                     canon_mode(st.st_mode), canon_mode(st.st_mode),
 117                     blob[0].sha1, null_sha1,
 118                     path, path);
 119        diffcore_std(&revs->diffopt);
 120        diff_flush(&revs->diffopt);
 121        return 0;
 122}
 123
 124static int builtin_diff_blobs(struct rev_info *revs,
 125                              int argc, const char **argv,
 126                              struct blobinfo *blob)
 127{
 128        /* Blobs: the arguments are reversed when setup_revisions()
 129         * picked them up.
 130         */
 131        unsigned mode = canon_mode(S_IFREG | 0644);
 132
 133        if (argc > 1)
 134                usage(builtin_diff_usage);
 135
 136        stuff_change(&revs->diffopt,
 137                     mode, mode,
 138                     blob[1].sha1, blob[0].sha1,
 139                     blob[0].name, blob[0].name);
 140        diffcore_std(&revs->diffopt);
 141        diff_flush(&revs->diffopt);
 142        return 0;
 143}
 144
 145static int builtin_diff_index(struct rev_info *revs,
 146                              int argc, const char **argv)
 147{
 148        int cached = 0;
 149        while (1 < argc) {
 150                const char *arg = argv[1];
 151                if (!strcmp(arg, "--cached"))
 152                        cached = 1;
 153                else
 154                        usage(builtin_diff_usage);
 155                argv++; argc--;
 156        }
 157        /*
 158         * Make sure there is one revision (i.e. pending object),
 159         * and there is no revision filtering parameters.
 160         */
 161        if (revs->pending.nr != 1 ||
 162            revs->max_count != -1 || revs->min_age != -1 ||
 163            revs->max_age != -1)
 164                usage(builtin_diff_usage);
 165        return run_diff_index(revs, cached);
 166}
 167
 168static int builtin_diff_tree(struct rev_info *revs,
 169                             int argc, const char **argv,
 170                             struct object_array_entry *ent)
 171{
 172        const unsigned char *(sha1[2]);
 173        int swap = 0;
 174
 175        if (argc > 1)
 176                usage(builtin_diff_usage);
 177
 178        /* We saw two trees, ent[0] and ent[1].
 179         * if ent[1] is uninteresting, they are swapped
 180         */
 181        if (ent[1].item->flags & UNINTERESTING)
 182                swap = 1;
 183        sha1[swap] = ent[0].item->sha1;
 184        sha1[1-swap] = ent[1].item->sha1;
 185        diff_tree_sha1(sha1[0], sha1[1], "", &revs->diffopt);
 186        log_tree_diff_flush(revs);
 187        return 0;
 188}
 189
 190static int builtin_diff_combined(struct rev_info *revs,
 191                                 int argc, const char **argv,
 192                                 struct object_array_entry *ent,
 193                                 int ents)
 194{
 195        const unsigned char (*parent)[20];
 196        int i;
 197
 198        if (argc > 1)
 199                usage(builtin_diff_usage);
 200
 201        if (!revs->dense_combined_merges && !revs->combine_merges)
 202                revs->dense_combined_merges = revs->combine_merges = 1;
 203        parent = xmalloc(ents * sizeof(*parent));
 204        /* Again, the revs are all reverse */
 205        for (i = 0; i < ents; i++)
 206                memcpy(parent + i, ent[ents - 1 - i].item->sha1, 20);
 207        diff_tree_combined(parent[0], parent + 1, ents - 1,
 208                           revs->dense_combined_merges, revs);
 209        return 0;
 210}
 211
 212void add_head(struct rev_info *revs)
 213{
 214        unsigned char sha1[20];
 215        struct object *obj;
 216        if (get_sha1("HEAD", sha1))
 217                return;
 218        obj = parse_object(sha1);
 219        if (!obj)
 220                return;
 221        add_pending_object(revs, obj, "HEAD");
 222}
 223
 224int cmd_diff(int argc, const char **argv, const char *prefix)
 225{
 226        int i;
 227        struct rev_info rev;
 228        struct object_array_entry ent[100];
 229        int ents = 0, blobs = 0, paths = 0;
 230        const char *path = NULL;
 231        struct blobinfo blob[2];
 232
 233        /*
 234         * We could get N tree-ish in the rev.pending_objects list.
 235         * Also there could be M blobs there, and P pathspecs.
 236         *
 237         * N=0, M=0:
 238         *      cache vs files (diff-files)
 239         * N=0, M=2:
 240         *      compare two random blobs.  P must be zero.
 241         * N=0, M=1, P=1:
 242         *      compare a blob with a working tree file.
 243         *
 244         * N=1, M=0:
 245         *      tree vs cache (diff-index --cached)
 246         *
 247         * N=2, M=0:
 248         *      tree vs tree (diff-tree)
 249         *
 250         * Other cases are errors.
 251         */
 252
 253        git_config(git_diff_ui_config);
 254        init_revisions(&rev, prefix);
 255
 256        argc = setup_revisions(argc, argv, &rev, NULL);
 257        if (!rev.diffopt.output_format) {
 258                rev.diffopt.output_format = DIFF_FORMAT_PATCH;
 259                diff_setup_done(&rev.diffopt);
 260        }
 261
 262        /* Do we have --cached and not have a pending object, then
 263         * default to HEAD by hand.  Eek.
 264         */
 265        if (!rev.pending.nr) {
 266                int i;
 267                for (i = 1; i < argc; i++) {
 268                        const char *arg = argv[i];
 269                        if (!strcmp(arg, "--"))
 270                                break;
 271                        else if (!strcmp(arg, "--cached")) {
 272                                add_head(&rev);
 273                                break;
 274                        }
 275                }
 276        }
 277
 278        for (i = 0; i < rev.pending.nr; i++) {
 279                struct object_array_entry *list = rev.pending.objects+i;
 280                struct object *obj = list->item;
 281                const char *name = list->name;
 282                int flags = (obj->flags & UNINTERESTING);
 283                if (!obj->parsed)
 284                        obj = parse_object(obj->sha1);
 285                obj = deref_tag(obj, NULL, 0);
 286                if (!obj)
 287                        die("invalid object '%s' given.", name);
 288                if (obj->type == OBJ_COMMIT)
 289                        obj = &((struct commit *)obj)->tree->object;
 290                if (obj->type == OBJ_TREE) {
 291                        if (ARRAY_SIZE(ent) <= ents)
 292                                die("more than %d trees given: '%s'",
 293                                    (int) ARRAY_SIZE(ent), name);
 294                        obj->flags |= flags;
 295                        ent[ents].item = obj;
 296                        ent[ents].name = name;
 297                        ents++;
 298                        continue;
 299                }
 300                if (obj->type == OBJ_BLOB) {
 301                        if (2 <= blobs)
 302                                die("more than two blobs given: '%s'", name);
 303                        memcpy(blob[blobs].sha1, obj->sha1, 20);
 304                        blob[blobs].name = name;
 305                        blobs++;
 306                        continue;
 307
 308                }
 309                die("unhandled object '%s' given.", name);
 310        }
 311        if (rev.prune_data) {
 312                const char **pathspec = rev.prune_data;
 313                while (*pathspec) {
 314                        if (!path)
 315                                path = *pathspec;
 316                        paths++;
 317                        pathspec++;
 318                }
 319        }
 320
 321        /*
 322         * Now, do the arguments look reasonable?
 323         */
 324        if (!ents) {
 325                switch (blobs) {
 326                case 0:
 327                        return builtin_diff_files(&rev, argc, argv);
 328                        break;
 329                case 1:
 330                        if (paths != 1)
 331                                usage(builtin_diff_usage);
 332                        return builtin_diff_b_f(&rev, argc, argv, blob, path);
 333                        break;
 334                case 2:
 335                        if (paths)
 336                                usage(builtin_diff_usage);
 337                        return builtin_diff_blobs(&rev, argc, argv, blob);
 338                        break;
 339                default:
 340                        usage(builtin_diff_usage);
 341                }
 342        }
 343        else if (blobs)
 344                usage(builtin_diff_usage);
 345        else if (ents == 1)
 346                return builtin_diff_index(&rev, argc, argv);
 347        else if (ents == 2)
 348                return builtin_diff_tree(&rev, argc, argv, ent);
 349        else if ((ents == 3) && (ent[0].item->flags & UNINTERESTING)) {
 350                /* diff A...B where there is one sane merge base between
 351                 * A and B.  We have ent[0] == merge-base, ent[1] == A,
 352                 * and ent[2] == B.  Show diff between the base and B.
 353                 */
 354                return builtin_diff_tree(&rev, argc, argv, ent);
 355        }
 356        else
 357                return builtin_diff_combined(&rev, argc, argv,
 358                                             ent, ents);
 359        usage(builtin_diff_usage);
 360}