setup.con commit Tighten refspec processing (ef00d15)
   1#include "cache.h"
   2#include "dir.h"
   3
   4static int inside_git_dir = -1;
   5static int inside_work_tree = -1;
   6
   7static int sanitary_path_copy(char *dst, const char *src)
   8{
   9        char *dst0 = dst;
  10
  11        if (*src == '/') {
  12                *dst++ = '/';
  13                while (*src == '/')
  14                        src++;
  15        }
  16
  17        for (;;) {
  18                char c = *src;
  19
  20                /*
  21                 * A path component that begins with . could be
  22                 * special:
  23                 * (1) "." and ends   -- ignore and terminate.
  24                 * (2) "./"           -- ignore them, eat slash and continue.
  25                 * (3) ".." and ends  -- strip one and terminate.
  26                 * (4) "../"          -- strip one, eat slash and continue.
  27                 */
  28                if (c == '.') {
  29                        switch (src[1]) {
  30                        case '\0':
  31                                /* (1) */
  32                                src++;
  33                                break;
  34                        case '/':
  35                                /* (2) */
  36                                src += 2;
  37                                while (*src == '/')
  38                                        src++;
  39                                continue;
  40                        case '.':
  41                                switch (src[2]) {
  42                                case '\0':
  43                                        /* (3) */
  44                                        src += 2;
  45                                        goto up_one;
  46                                case '/':
  47                                        /* (4) */
  48                                        src += 3;
  49                                        while (*src == '/')
  50                                                src++;
  51                                        goto up_one;
  52                                }
  53                        }
  54                }
  55
  56                /* copy up to the next '/', and eat all '/' */
  57                while ((c = *src++) != '\0' && c != '/')
  58                        *dst++ = c;
  59                if (c == '/') {
  60                        *dst++ = c;
  61                        while (c == '/')
  62                                c = *src++;
  63                        src--;
  64                } else if (!c)
  65                        break;
  66                continue;
  67
  68        up_one:
  69                /*
  70                 * dst0..dst is prefix portion, and dst[-1] is '/';
  71                 * go up one level.
  72                 */
  73                dst -= 2; /* go past trailing '/' if any */
  74                if (dst < dst0)
  75                        return -1;
  76                while (1) {
  77                        if (dst <= dst0)
  78                                break;
  79                        c = *dst--;
  80                        if (c == '/') {
  81                                dst += 2;
  82                                break;
  83                        }
  84                }
  85        }
  86        *dst = '\0';
  87        return 0;
  88}
  89
  90const char *prefix_path(const char *prefix, int len, const char *path)
  91{
  92        const char *orig = path;
  93        char *sanitized = xmalloc(len + strlen(path) + 1);
  94        if (is_absolute_path(orig))
  95                strcpy(sanitized, path);
  96        else {
  97                if (len)
  98                        memcpy(sanitized, prefix, len);
  99                strcpy(sanitized + len, path);
 100        }
 101        if (sanitary_path_copy(sanitized, sanitized))
 102                goto error_out;
 103        if (is_absolute_path(orig)) {
 104                const char *work_tree = get_git_work_tree();
 105                size_t len = strlen(work_tree);
 106                size_t total = strlen(sanitized) + 1;
 107                if (strncmp(sanitized, work_tree, len) ||
 108                    (sanitized[len] != '\0' && sanitized[len] != '/')) {
 109                error_out:
 110                        error("'%s' is outside repository", orig);
 111                        free(sanitized);
 112                        return NULL;
 113                }
 114                if (sanitized[len] == '/')
 115                        len++;
 116                memmove(sanitized, sanitized + len, total - len);
 117        }
 118        return sanitized;
 119}
 120
 121/*
 122 * Unlike prefix_path, this should be used if the named file does
 123 * not have to interact with index entry; i.e. name of a random file
 124 * on the filesystem.
 125 */
 126const char *prefix_filename(const char *pfx, int pfx_len, const char *arg)
 127{
 128        static char path[PATH_MAX];
 129        if (!pfx || !*pfx || is_absolute_path(arg))
 130                return arg;
 131        memcpy(path, pfx, pfx_len);
 132        strcpy(path + pfx_len, arg);
 133        return path;
 134}
 135
 136/*
 137 * Verify a filename that we got as an argument for a pathspec
 138 * entry. Note that a filename that begins with "-" never verifies
 139 * as true, because even if such a filename were to exist, we want
 140 * it to be preceded by the "--" marker (or we want the user to
 141 * use a format like "./-filename")
 142 */
 143void verify_filename(const char *prefix, const char *arg)
 144{
 145        const char *name;
 146        struct stat st;
 147
 148        if (*arg == '-')
 149                die("bad flag '%s' used after filename", arg);
 150        name = prefix ? prefix_filename(prefix, strlen(prefix), arg) : arg;
 151        if (!lstat(name, &st))
 152                return;
 153        if (errno == ENOENT)
 154                die("ambiguous argument '%s': unknown revision or path not in the working tree.\n"
 155                    "Use '--' to separate paths from revisions", arg);
 156        die("'%s': %s", arg, strerror(errno));
 157}
 158
 159/*
 160 * Opposite of the above: the command line did not have -- marker
 161 * and we parsed the arg as a refname.  It should not be interpretable
 162 * as a filename.
 163 */
 164void verify_non_filename(const char *prefix, const char *arg)
 165{
 166        const char *name;
 167        struct stat st;
 168
 169        if (!is_inside_work_tree() || is_inside_git_dir())
 170                return;
 171        if (*arg == '-')
 172                return; /* flag */
 173        name = prefix ? prefix_filename(prefix, strlen(prefix), arg) : arg;
 174        if (!lstat(name, &st))
 175                die("ambiguous argument '%s': both revision and filename\n"
 176                    "Use '--' to separate filenames from revisions", arg);
 177        if (errno != ENOENT && errno != ENOTDIR)
 178                die("'%s': %s", arg, strerror(errno));
 179}
 180
 181const char **get_pathspec(const char *prefix, const char **pathspec)
 182{
 183        const char *entry = *pathspec;
 184        const char **src, **dst;
 185        int prefixlen;
 186
 187        if (!prefix && !entry)
 188                return NULL;
 189
 190        if (!entry) {
 191                static const char *spec[2];
 192                spec[0] = prefix;
 193                spec[1] = NULL;
 194                return spec;
 195        }
 196
 197        /* Otherwise we have to re-write the entries.. */
 198        src = pathspec;
 199        dst = pathspec;
 200        prefixlen = prefix ? strlen(prefix) : 0;
 201        while (*src) {
 202                const char *p = prefix_path(prefix, prefixlen, *src);
 203                if (p)
 204                        *(dst++) = p;
 205                else
 206                        exit(128); /* error message already given */
 207                src++;
 208        }
 209        *dst = NULL;
 210        if (!*pathspec)
 211                return NULL;
 212        return pathspec;
 213}
 214
 215/*
 216 * Test if it looks like we're at a git directory.
 217 * We want to see:
 218 *
 219 *  - either an objects/ directory _or_ the proper
 220 *    GIT_OBJECT_DIRECTORY environment variable
 221 *  - a refs/ directory
 222 *  - either a HEAD symlink or a HEAD file that is formatted as
 223 *    a proper "ref:", or a regular file HEAD that has a properly
 224 *    formatted sha1 object name.
 225 */
 226static int is_git_directory(const char *suspect)
 227{
 228        char path[PATH_MAX];
 229        size_t len = strlen(suspect);
 230
 231        strcpy(path, suspect);
 232        if (getenv(DB_ENVIRONMENT)) {
 233                if (access(getenv(DB_ENVIRONMENT), X_OK))
 234                        return 0;
 235        }
 236        else {
 237                strcpy(path + len, "/objects");
 238                if (access(path, X_OK))
 239                        return 0;
 240        }
 241
 242        strcpy(path + len, "/refs");
 243        if (access(path, X_OK))
 244                return 0;
 245
 246        strcpy(path + len, "/HEAD");
 247        if (validate_headref(path))
 248                return 0;
 249
 250        return 1;
 251}
 252
 253int is_inside_git_dir(void)
 254{
 255        if (inside_git_dir < 0)
 256                inside_git_dir = is_inside_dir(get_git_dir());
 257        return inside_git_dir;
 258}
 259
 260int is_inside_work_tree(void)
 261{
 262        if (inside_work_tree < 0)
 263                inside_work_tree = is_inside_dir(get_git_work_tree());
 264        return inside_work_tree;
 265}
 266
 267/*
 268 * set_work_tree() is only ever called if you set GIT_DIR explicitely.
 269 * The old behaviour (which we retain here) is to set the work tree root
 270 * to the cwd, unless overridden by the config, the command line, or
 271 * GIT_WORK_TREE.
 272 */
 273static const char *set_work_tree(const char *dir)
 274{
 275        char buffer[PATH_MAX + 1];
 276
 277        if (!getcwd(buffer, sizeof(buffer)))
 278                die ("Could not get the current working directory");
 279        git_work_tree_cfg = xstrdup(buffer);
 280        inside_work_tree = 1;
 281
 282        return NULL;
 283}
 284
 285void setup_work_tree(void)
 286{
 287        const char *work_tree, *git_dir;
 288        static int initialized = 0;
 289
 290        if (initialized)
 291                return;
 292        work_tree = get_git_work_tree();
 293        git_dir = get_git_dir();
 294        if (!is_absolute_path(git_dir))
 295                set_git_dir(make_absolute_path(git_dir));
 296        if (!work_tree || chdir(work_tree))
 297                die("This operation must be run in a work tree");
 298        initialized = 1;
 299}
 300
 301static int check_repository_format_gently(int *nongit_ok)
 302{
 303        git_config(check_repository_format_version);
 304        if (GIT_REPO_VERSION < repository_format_version) {
 305                if (!nongit_ok)
 306                        die ("Expected git repo version <= %d, found %d",
 307                             GIT_REPO_VERSION, repository_format_version);
 308                warning("Expected git repo version <= %d, found %d",
 309                        GIT_REPO_VERSION, repository_format_version);
 310                warning("Please upgrade Git");
 311                *nongit_ok = -1;
 312                return -1;
 313        }
 314        return 0;
 315}
 316
 317/*
 318 * We cannot decide in this function whether we are in the work tree or
 319 * not, since the config can only be read _after_ this function was called.
 320 */
 321const char *setup_git_directory_gently(int *nongit_ok)
 322{
 323        const char *work_tree_env = getenv(GIT_WORK_TREE_ENVIRONMENT);
 324        static char cwd[PATH_MAX+1];
 325        const char *gitdirenv;
 326        int len, offset;
 327
 328        /*
 329         * If GIT_DIR is set explicitly, we're not going
 330         * to do any discovery, but we still do repository
 331         * validation.
 332         */
 333        gitdirenv = getenv(GIT_DIR_ENVIRONMENT);
 334        if (gitdirenv) {
 335                if (PATH_MAX - 40 < strlen(gitdirenv))
 336                        die("'$%s' too big", GIT_DIR_ENVIRONMENT);
 337                if (is_git_directory(gitdirenv)) {
 338                        static char buffer[1024 + 1];
 339                        const char *retval;
 340
 341                        if (!work_tree_env) {
 342                                retval = set_work_tree(gitdirenv);
 343                                /* config may override worktree */
 344                                if (check_repository_format_gently(nongit_ok))
 345                                        return NULL;
 346                                return retval;
 347                        }
 348                        if (check_repository_format_gently(nongit_ok))
 349                                return NULL;
 350                        retval = get_relative_cwd(buffer, sizeof(buffer) - 1,
 351                                        get_git_work_tree());
 352                        if (!retval || !*retval)
 353                                return NULL;
 354                        set_git_dir(make_absolute_path(gitdirenv));
 355                        if (chdir(work_tree_env) < 0)
 356                                die ("Could not chdir to %s", work_tree_env);
 357                        strcat(buffer, "/");
 358                        return retval;
 359                }
 360                if (nongit_ok) {
 361                        *nongit_ok = 1;
 362                        return NULL;
 363                }
 364                die("Not a git repository: '%s'", gitdirenv);
 365        }
 366
 367        if (!getcwd(cwd, sizeof(cwd)-1))
 368                die("Unable to read current working directory");
 369
 370        /*
 371         * Test in the following order (relative to the cwd):
 372         * - .git/
 373         * - ./ (bare)
 374         * - ../.git/
 375         * - ../ (bare)
 376         * - ../../.git/
 377         *   etc.
 378         */
 379        offset = len = strlen(cwd);
 380        for (;;) {
 381                if (is_git_directory(DEFAULT_GIT_DIR_ENVIRONMENT))
 382                        break;
 383                if (is_git_directory(".")) {
 384                        inside_git_dir = 1;
 385                        if (!work_tree_env)
 386                                inside_work_tree = 0;
 387                        setenv(GIT_DIR_ENVIRONMENT, ".", 1);
 388                        check_repository_format_gently(nongit_ok);
 389                        return NULL;
 390                }
 391                chdir("..");
 392                do {
 393                        if (!offset) {
 394                                if (nongit_ok) {
 395                                        if (chdir(cwd))
 396                                                die("Cannot come back to cwd");
 397                                        *nongit_ok = 1;
 398                                        return NULL;
 399                                }
 400                                die("Not a git repository");
 401                        }
 402                } while (cwd[--offset] != '/');
 403        }
 404
 405        inside_git_dir = 0;
 406        if (!work_tree_env)
 407                inside_work_tree = 1;
 408        git_work_tree_cfg = xstrndup(cwd, offset);
 409        if (check_repository_format_gently(nongit_ok))
 410                return NULL;
 411        if (offset == len)
 412                return NULL;
 413
 414        /* Make "offset" point to past the '/', and add a '/' at the end */
 415        offset++;
 416        cwd[len++] = '/';
 417        cwd[len] = 0;
 418        return cwd + offset;
 419}
 420
 421int git_config_perm(const char *var, const char *value)
 422{
 423        if (value) {
 424                int i;
 425                if (!strcmp(value, "umask"))
 426                        return PERM_UMASK;
 427                if (!strcmp(value, "group"))
 428                        return PERM_GROUP;
 429                if (!strcmp(value, "all") ||
 430                    !strcmp(value, "world") ||
 431                    !strcmp(value, "everybody"))
 432                        return PERM_EVERYBODY;
 433                i = atoi(value);
 434                if (i > 1)
 435                        return i;
 436        }
 437        return git_config_bool(var, value);
 438}
 439
 440int check_repository_format_version(const char *var, const char *value)
 441{
 442        if (strcmp(var, "core.repositoryformatversion") == 0)
 443                repository_format_version = git_config_int(var, value);
 444        else if (strcmp(var, "core.sharedrepository") == 0)
 445                shared_repository = git_config_perm(var, value);
 446        else if (strcmp(var, "core.bare") == 0) {
 447                is_bare_repository_cfg = git_config_bool(var, value);
 448                if (is_bare_repository_cfg == 1)
 449                        inside_work_tree = -1;
 450        } else if (strcmp(var, "core.worktree") == 0) {
 451                if (!value)
 452                        return config_error_nonbool(var);
 453                free(git_work_tree_cfg);
 454                git_work_tree_cfg = xstrdup(value);
 455                inside_work_tree = -1;
 456        }
 457        return 0;
 458}
 459
 460int check_repository_format(void)
 461{
 462        return check_repository_format_gently(NULL);
 463}
 464
 465const char *setup_git_directory(void)
 466{
 467        const char *retval = setup_git_directory_gently(NULL);
 468
 469        /* If the work tree is not the default one, recompute prefix */
 470        if (inside_work_tree < 0) {
 471                static char buffer[PATH_MAX + 1];
 472                char *rel;
 473                if (retval && chdir(retval))
 474                        die ("Could not jump back into original cwd");
 475                rel = get_relative_cwd(buffer, PATH_MAX, get_git_work_tree());
 476                return rel && *rel ? strcat(rel, "/") : NULL;
 477        }
 478
 479        return retval;
 480}