Fix potential command line overflow in hooks--update
[debian-git.git] / setup.c
blobe9d3f5aab63225df7f1b495a19740408d23973a8
1 #include "cache.h"
3 const char *prefix_path(const char *prefix, int len, const char *path)
5 const char *orig = path;
6 for (;;) {
7 char c;
8 if (*path != '.')
9 break;
10 c = path[1];
11 /* "." */
12 if (!c) {
13 path++;
14 break;
16 /* "./" */
17 if (c == '/') {
18 path += 2;
19 continue;
21 if (c != '.')
22 break;
23 c = path[2];
24 if (!c)
25 path += 2;
26 else if (c == '/')
27 path += 3;
28 else
29 break;
30 /* ".." and "../" */
31 /* Remove last component of the prefix */
32 do {
33 if (!len)
34 die("'%s' is outside repository", orig);
35 len--;
36 } while (len && prefix[len-1] != '/');
37 continue;
39 if (len) {
40 int speclen = strlen(path);
41 char *n = xmalloc(speclen + len + 1);
43 memcpy(n, prefix, len);
44 memcpy(n + len, path, speclen+1);
45 path = n;
47 return path;
50 /*
51 * Unlike prefix_path, this should be used if the named file does
52 * not have to interact with index entry; i.e. name of a random file
53 * on the filesystem.
55 const char *prefix_filename(const char *pfx, int pfx_len, const char *arg)
57 static char path[PATH_MAX];
58 if (!pfx || !*pfx || arg[0] == '/')
59 return arg;
60 memcpy(path, pfx, pfx_len);
61 strcpy(path + pfx_len, arg);
62 return path;
66 * Verify a filename that we got as an argument for a pathspec
67 * entry. Note that a filename that begins with "-" never verifies
68 * as true, because even if such a filename were to exist, we want
69 * it to be preceded by the "--" marker (or we want the user to
70 * use a format like "./-filename")
72 void verify_filename(const char *prefix, const char *arg)
74 const char *name;
75 struct stat st;
77 if (*arg == '-')
78 die("bad flag '%s' used after filename", arg);
79 name = prefix ? prefix_filename(prefix, strlen(prefix), arg) : arg;
80 if (!lstat(name, &st))
81 return;
82 if (errno == ENOENT)
83 die("ambiguous argument '%s': unknown revision or path not in the working tree.\n"
84 "Use '--' to separate paths from revisions", arg);
85 die("'%s': %s", arg, strerror(errno));
89 * Opposite of the above: the command line did not have -- marker
90 * and we parsed the arg as a refname. It should not be interpretable
91 * as a filename.
93 void verify_non_filename(const char *prefix, const char *arg)
95 const char *name;
96 struct stat st;
98 if (is_inside_git_dir())
99 return;
100 if (*arg == '-')
101 return; /* flag */
102 name = prefix ? prefix_filename(prefix, strlen(prefix), arg) : arg;
103 if (!lstat(name, &st))
104 die("ambiguous argument '%s': both revision and filename\n"
105 "Use '--' to separate filenames from revisions", arg);
106 if (errno != ENOENT)
107 die("'%s': %s", arg, strerror(errno));
110 const char **get_pathspec(const char *prefix, const char **pathspec)
112 const char *entry = *pathspec;
113 const char **p;
114 int prefixlen;
116 if (!prefix && !entry)
117 return NULL;
119 if (!entry) {
120 static const char *spec[2];
121 spec[0] = prefix;
122 spec[1] = NULL;
123 return spec;
126 /* Otherwise we have to re-write the entries.. */
127 p = pathspec;
128 prefixlen = prefix ? strlen(prefix) : 0;
129 do {
130 *p = prefix_path(prefix, prefixlen, entry);
131 } while ((entry = *++p) != NULL);
132 return (const char **) pathspec;
136 * Test if it looks like we're at a git directory.
137 * We want to see:
139 * - either a objects/ directory _or_ the proper
140 * GIT_OBJECT_DIRECTORY environment variable
141 * - a refs/ directory
142 * - either a HEAD symlink or a HEAD file that is formatted as
143 * a proper "ref:", or a regular file HEAD that has a properly
144 * formatted sha1 object name.
146 static int is_git_directory(const char *suspect)
148 char path[PATH_MAX];
149 size_t len = strlen(suspect);
151 strcpy(path, suspect);
152 if (getenv(DB_ENVIRONMENT)) {
153 if (access(getenv(DB_ENVIRONMENT), X_OK))
154 return 0;
156 else {
157 strcpy(path + len, "/objects");
158 if (access(path, X_OK))
159 return 0;
162 strcpy(path + len, "/refs");
163 if (access(path, X_OK))
164 return 0;
166 strcpy(path + len, "/HEAD");
167 if (validate_headref(path))
168 return 0;
170 return 1;
173 static int inside_git_dir = -1;
175 int is_inside_git_dir(void)
177 if (inside_git_dir < 0) {
178 char buffer[1024];
180 if (is_bare_repository())
181 return (inside_git_dir = 1);
182 if (getcwd(buffer, sizeof(buffer))) {
183 const char *git_dir = get_git_dir(), *cwd = buffer;
184 while (*git_dir && *git_dir == *cwd) {
185 git_dir++;
186 cwd++;
188 inside_git_dir = !*git_dir;
189 } else
190 inside_git_dir = 0;
192 return inside_git_dir;
195 const char *setup_git_directory_gently(int *nongit_ok)
197 static char cwd[PATH_MAX+1];
198 const char *gitdirenv;
199 int len, offset;
202 * If GIT_DIR is set explicitly, we're not going
203 * to do any discovery, but we still do repository
204 * validation.
206 gitdirenv = getenv(GIT_DIR_ENVIRONMENT);
207 if (gitdirenv) {
208 if (PATH_MAX - 40 < strlen(gitdirenv))
209 die("'$%s' too big", GIT_DIR_ENVIRONMENT);
210 if (is_git_directory(gitdirenv))
211 return NULL;
212 if (nongit_ok) {
213 *nongit_ok = 1;
214 return NULL;
216 die("Not a git repository: '%s'", gitdirenv);
219 if (!getcwd(cwd, sizeof(cwd)) || cwd[0] != '/')
220 die("Unable to read current working directory");
222 offset = len = strlen(cwd);
223 for (;;) {
224 if (is_git_directory(".git"))
225 break;
226 chdir("..");
227 do {
228 if (!offset) {
229 if (is_git_directory(cwd)) {
230 if (chdir(cwd))
231 die("Cannot come back to cwd");
232 setenv(GIT_DIR_ENVIRONMENT, cwd, 1);
233 inside_git_dir = 1;
234 return NULL;
236 if (nongit_ok) {
237 if (chdir(cwd))
238 die("Cannot come back to cwd");
239 *nongit_ok = 1;
240 return NULL;
242 die("Not a git repository");
244 } while (cwd[--offset] != '/');
247 if (offset == len)
248 return NULL;
250 /* Make "offset" point to past the '/', and add a '/' at the end */
251 offset++;
252 cwd[len++] = '/';
253 cwd[len] = 0;
254 inside_git_dir = !strncmp(cwd + offset, ".git/", 5);
255 return cwd + offset;
258 int git_config_perm(const char *var, const char *value)
260 if (value) {
261 if (!strcmp(value, "umask"))
262 return PERM_UMASK;
263 if (!strcmp(value, "group"))
264 return PERM_GROUP;
265 if (!strcmp(value, "all") ||
266 !strcmp(value, "world") ||
267 !strcmp(value, "everybody"))
268 return PERM_EVERYBODY;
270 return git_config_bool(var, value);
273 int check_repository_format_version(const char *var, const char *value)
275 if (strcmp(var, "core.repositoryformatversion") == 0)
276 repository_format_version = git_config_int(var, value);
277 else if (strcmp(var, "core.sharedrepository") == 0)
278 shared_repository = git_config_perm(var, value);
279 return 0;
282 int check_repository_format(void)
284 git_config(check_repository_format_version);
285 if (GIT_REPO_VERSION < repository_format_version)
286 die ("Expected git repo version <= %d, found %d",
287 GIT_REPO_VERSION, repository_format_version);
288 return 0;
291 const char *setup_git_directory(void)
293 const char *retval = setup_git_directory_gently(NULL);
294 check_repository_format();
295 return retval;