contrib/git-credential-gnome-keyring.c: exit non-zero when called incorrectly
[git/raj.git] / path.c
blob9fd28bcd080ef0a64f0b8d8a5d9d680a741d75c3
1 /*
2 * Utilities for paths and pathnames
3 */
4 #include "cache.h"
5 #include "strbuf.h"
6 #include "string-list.h"
8 static int get_st_mode_bits(const char *path, int *mode)
10 struct stat st;
11 if (lstat(path, &st) < 0)
12 return -1;
13 *mode = st.st_mode;
14 return 0;
17 static char bad_path[] = "/bad-path/";
19 static char *get_pathname(void)
21 static char pathname_array[4][PATH_MAX];
22 static int index;
23 return pathname_array[3 & ++index];
26 static char *cleanup_path(char *path)
28 /* Clean it up */
29 if (!memcmp(path, "./", 2)) {
30 path += 2;
31 while (*path == '/')
32 path++;
34 return path;
37 char *mksnpath(char *buf, size_t n, const char *fmt, ...)
39 va_list args;
40 unsigned len;
42 va_start(args, fmt);
43 len = vsnprintf(buf, n, fmt, args);
44 va_end(args);
45 if (len >= n) {
46 strlcpy(buf, bad_path, n);
47 return buf;
49 return cleanup_path(buf);
52 static char *vsnpath(char *buf, size_t n, const char *fmt, va_list args)
54 const char *git_dir = get_git_dir();
55 size_t len;
57 len = strlen(git_dir);
58 if (n < len + 1)
59 goto bad;
60 memcpy(buf, git_dir, len);
61 if (len && !is_dir_sep(git_dir[len-1]))
62 buf[len++] = '/';
63 len += vsnprintf(buf + len, n - len, fmt, args);
64 if (len >= n)
65 goto bad;
66 return cleanup_path(buf);
67 bad:
68 strlcpy(buf, bad_path, n);
69 return buf;
72 char *git_snpath(char *buf, size_t n, const char *fmt, ...)
74 char *ret;
75 va_list args;
76 va_start(args, fmt);
77 ret = vsnpath(buf, n, fmt, args);
78 va_end(args);
79 return ret;
82 char *git_pathdup(const char *fmt, ...)
84 char path[PATH_MAX], *ret;
85 va_list args;
86 va_start(args, fmt);
87 ret = vsnpath(path, sizeof(path), fmt, args);
88 va_end(args);
89 return xstrdup(ret);
92 char *mkpathdup(const char *fmt, ...)
94 char *path;
95 struct strbuf sb = STRBUF_INIT;
96 va_list args;
98 va_start(args, fmt);
99 strbuf_vaddf(&sb, fmt, args);
100 va_end(args);
101 path = xstrdup(cleanup_path(sb.buf));
103 strbuf_release(&sb);
104 return path;
107 char *mkpath(const char *fmt, ...)
109 va_list args;
110 unsigned len;
111 char *pathname = get_pathname();
113 va_start(args, fmt);
114 len = vsnprintf(pathname, PATH_MAX, fmt, args);
115 va_end(args);
116 if (len >= PATH_MAX)
117 return bad_path;
118 return cleanup_path(pathname);
121 char *git_path(const char *fmt, ...)
123 char *pathname = get_pathname();
124 va_list args;
125 char *ret;
127 va_start(args, fmt);
128 ret = vsnpath(pathname, PATH_MAX, fmt, args);
129 va_end(args);
130 return ret;
133 void home_config_paths(char **global, char **xdg, char *file)
135 char *xdg_home = getenv("XDG_CONFIG_HOME");
136 char *home = getenv("HOME");
137 char *to_free = NULL;
139 if (!home) {
140 if (global)
141 *global = NULL;
142 } else {
143 if (!xdg_home) {
144 to_free = mkpathdup("%s/.config", home);
145 xdg_home = to_free;
147 if (global)
148 *global = mkpathdup("%s/.gitconfig", home);
151 if (!xdg_home)
152 *xdg = NULL;
153 else
154 *xdg = mkpathdup("%s/git/%s", xdg_home, file);
156 free(to_free);
159 char *git_path_submodule(const char *path, const char *fmt, ...)
161 char *pathname = get_pathname();
162 struct strbuf buf = STRBUF_INIT;
163 const char *git_dir;
164 va_list args;
165 unsigned len;
167 len = strlen(path);
168 if (len > PATH_MAX-100)
169 return bad_path;
171 strbuf_addstr(&buf, path);
172 if (len && path[len-1] != '/')
173 strbuf_addch(&buf, '/');
174 strbuf_addstr(&buf, ".git");
176 git_dir = read_gitfile(buf.buf);
177 if (git_dir) {
178 strbuf_reset(&buf);
179 strbuf_addstr(&buf, git_dir);
181 strbuf_addch(&buf, '/');
183 if (buf.len >= PATH_MAX)
184 return bad_path;
185 memcpy(pathname, buf.buf, buf.len + 1);
187 strbuf_release(&buf);
188 len = strlen(pathname);
190 va_start(args, fmt);
191 len += vsnprintf(pathname + len, PATH_MAX - len, fmt, args);
192 va_end(args);
193 if (len >= PATH_MAX)
194 return bad_path;
195 return cleanup_path(pathname);
198 int validate_headref(const char *path)
200 struct stat st;
201 char *buf, buffer[256];
202 unsigned char sha1[20];
203 int fd;
204 ssize_t len;
206 if (lstat(path, &st) < 0)
207 return -1;
209 /* Make sure it is a "refs/.." symlink */
210 if (S_ISLNK(st.st_mode)) {
211 len = readlink(path, buffer, sizeof(buffer)-1);
212 if (len >= 5 && !memcmp("refs/", buffer, 5))
213 return 0;
214 return -1;
218 * Anything else, just open it and try to see if it is a symbolic ref.
220 fd = open(path, O_RDONLY);
221 if (fd < 0)
222 return -1;
223 len = read_in_full(fd, buffer, sizeof(buffer)-1);
224 close(fd);
227 * Is it a symbolic ref?
229 if (len < 4)
230 return -1;
231 if (!memcmp("ref:", buffer, 4)) {
232 buf = buffer + 4;
233 len -= 4;
234 while (len && isspace(*buf))
235 buf++, len--;
236 if (len >= 5 && !memcmp("refs/", buf, 5))
237 return 0;
241 * Is this a detached HEAD?
243 if (!get_sha1_hex(buffer, sha1))
244 return 0;
246 return -1;
249 static struct passwd *getpw_str(const char *username, size_t len)
251 struct passwd *pw;
252 char *username_z = xmalloc(len + 1);
253 memcpy(username_z, username, len);
254 username_z[len] = '\0';
255 pw = getpwnam(username_z);
256 free(username_z);
257 return pw;
261 * Return a string with ~ and ~user expanded via getpw*. If buf != NULL,
262 * then it is a newly allocated string. Returns NULL on getpw failure or
263 * if path is NULL.
265 char *expand_user_path(const char *path)
267 struct strbuf user_path = STRBUF_INIT;
268 const char *first_slash = strchrnul(path, '/');
269 const char *to_copy = path;
271 if (path == NULL)
272 goto return_null;
273 if (path[0] == '~') {
274 const char *username = path + 1;
275 size_t username_len = first_slash - username;
276 if (username_len == 0) {
277 const char *home = getenv("HOME");
278 if (!home)
279 goto return_null;
280 strbuf_add(&user_path, home, strlen(home));
281 } else {
282 struct passwd *pw = getpw_str(username, username_len);
283 if (!pw)
284 goto return_null;
285 strbuf_add(&user_path, pw->pw_dir, strlen(pw->pw_dir));
287 to_copy = first_slash;
289 strbuf_add(&user_path, to_copy, strlen(to_copy));
290 return strbuf_detach(&user_path, NULL);
291 return_null:
292 strbuf_release(&user_path);
293 return NULL;
297 * First, one directory to try is determined by the following algorithm.
299 * (0) If "strict" is given, the path is used as given and no DWIM is
300 * done. Otherwise:
301 * (1) "~/path" to mean path under the running user's home directory;
302 * (2) "~user/path" to mean path under named user's home directory;
303 * (3) "relative/path" to mean cwd relative directory; or
304 * (4) "/absolute/path" to mean absolute directory.
306 * Unless "strict" is given, we try access() for existence of "%s.git/.git",
307 * "%s/.git", "%s.git", "%s" in this order. The first one that exists is
308 * what we try.
310 * Second, we try chdir() to that. Upon failure, we return NULL.
312 * Then, we try if the current directory is a valid git repository.
313 * Upon failure, we return NULL.
315 * If all goes well, we return the directory we used to chdir() (but
316 * before ~user is expanded), avoiding getcwd() resolving symbolic
317 * links. User relative paths are also returned as they are given,
318 * except DWIM suffixing.
320 const char *enter_repo(const char *path, int strict)
322 static char used_path[PATH_MAX];
323 static char validated_path[PATH_MAX];
325 if (!path)
326 return NULL;
328 if (!strict) {
329 static const char *suffix[] = {
330 "/.git", "", ".git/.git", ".git", NULL,
332 const char *gitfile;
333 int len = strlen(path);
334 int i;
335 while ((1 < len) && (path[len-1] == '/'))
336 len--;
338 if (PATH_MAX <= len)
339 return NULL;
340 strncpy(used_path, path, len); used_path[len] = 0 ;
341 strcpy(validated_path, used_path);
343 if (used_path[0] == '~') {
344 char *newpath = expand_user_path(used_path);
345 if (!newpath || (PATH_MAX - 10 < strlen(newpath))) {
346 free(newpath);
347 return NULL;
350 * Copy back into the static buffer. A pity
351 * since newpath was not bounded, but other
352 * branches of the if are limited by PATH_MAX
353 * anyway.
355 strcpy(used_path, newpath); free(newpath);
357 else if (PATH_MAX - 10 < len)
358 return NULL;
359 len = strlen(used_path);
360 for (i = 0; suffix[i]; i++) {
361 struct stat st;
362 strcpy(used_path + len, suffix[i]);
363 if (!stat(used_path, &st) &&
364 (S_ISREG(st.st_mode) ||
365 (S_ISDIR(st.st_mode) && is_git_directory(used_path)))) {
366 strcat(validated_path, suffix[i]);
367 break;
370 if (!suffix[i])
371 return NULL;
372 gitfile = read_gitfile(used_path) ;
373 if (gitfile)
374 strcpy(used_path, gitfile);
375 if (chdir(used_path))
376 return NULL;
377 path = validated_path;
379 else if (chdir(path))
380 return NULL;
382 if (access("objects", X_OK) == 0 && access("refs", X_OK) == 0 &&
383 validate_headref("HEAD") == 0) {
384 set_git_dir(".");
385 check_repository_format();
386 return path;
389 return NULL;
392 static int calc_shared_perm(int mode)
394 int tweak;
396 if (shared_repository < 0)
397 tweak = -shared_repository;
398 else
399 tweak = shared_repository;
401 if (!(mode & S_IWUSR))
402 tweak &= ~0222;
403 if (mode & S_IXUSR)
404 /* Copy read bits to execute bits */
405 tweak |= (tweak & 0444) >> 2;
406 if (shared_repository < 0)
407 mode = (mode & ~0777) | tweak;
408 else
409 mode |= tweak;
411 return mode;
415 int adjust_shared_perm(const char *path)
417 int old_mode, new_mode;
419 if (!shared_repository)
420 return 0;
421 if (get_st_mode_bits(path, &old_mode) < 0)
422 return -1;
424 new_mode = calc_shared_perm(old_mode);
425 if (S_ISDIR(old_mode)) {
426 /* Copy read bits to execute bits */
427 new_mode |= (new_mode & 0444) >> 2;
428 new_mode |= FORCE_DIR_SET_GID;
431 if (((old_mode ^ new_mode) & ~S_IFMT) &&
432 chmod(path, (new_mode & ~S_IFMT)) < 0)
433 return -2;
434 return 0;
438 * Give path as relative to prefix.
440 * The strbuf may or may not be used, so do not assume it contains the
441 * returned path.
443 const char *relative_path(const char *in, const char *prefix,
444 struct strbuf *sb)
446 int in_len = in ? strlen(in) : 0;
447 int prefix_len = prefix ? strlen(prefix) : 0;
448 int in_off = 0;
449 int prefix_off = 0;
450 int i = 0, j = 0;
452 if (!in_len)
453 return "./";
454 else if (!prefix_len)
455 return in;
457 while (i < prefix_len && j < in_len && prefix[i] == in[j]) {
458 if (is_dir_sep(prefix[i])) {
459 while (is_dir_sep(prefix[i]))
460 i++;
461 while (is_dir_sep(in[j]))
462 j++;
463 prefix_off = i;
464 in_off = j;
465 } else {
466 i++;
467 j++;
471 if (
472 /* "prefix" seems like prefix of "in" */
473 i >= prefix_len &&
475 * but "/foo" is not a prefix of "/foobar"
476 * (i.e. prefix not end with '/')
478 prefix_off < prefix_len) {
479 if (j >= in_len) {
480 /* in="/a/b", prefix="/a/b" */
481 in_off = in_len;
482 } else if (is_dir_sep(in[j])) {
483 /* in="/a/b/c", prefix="/a/b" */
484 while (is_dir_sep(in[j]))
485 j++;
486 in_off = j;
487 } else {
488 /* in="/a/bbb/c", prefix="/a/b" */
489 i = prefix_off;
491 } else if (
492 /* "in" is short than "prefix" */
493 j >= in_len &&
494 /* "in" not end with '/' */
495 in_off < in_len) {
496 if (is_dir_sep(prefix[i])) {
497 /* in="/a/b", prefix="/a/b/c/" */
498 while (is_dir_sep(prefix[i]))
499 i++;
500 in_off = in_len;
503 in += in_off;
504 in_len -= in_off;
506 if (i >= prefix_len) {
507 if (!in_len)
508 return "./";
509 else
510 return in;
513 strbuf_reset(sb);
514 strbuf_grow(sb, in_len);
516 while (i < prefix_len) {
517 if (is_dir_sep(prefix[i])) {
518 strbuf_addstr(sb, "../");
519 while (is_dir_sep(prefix[i]))
520 i++;
521 continue;
523 i++;
525 if (!is_dir_sep(prefix[prefix_len - 1]))
526 strbuf_addstr(sb, "../");
528 strbuf_addstr(sb, in);
530 return sb->buf;
534 * It is okay if dst == src, but they should not overlap otherwise.
536 * Performs the following normalizations on src, storing the result in dst:
537 * - Ensures that components are separated by '/' (Windows only)
538 * - Squashes sequences of '/'.
539 * - Removes "." components.
540 * - Removes ".." components, and the components the precede them.
541 * Returns failure (non-zero) if a ".." component appears as first path
542 * component anytime during the normalization. Otherwise, returns success (0).
544 * Note that this function is purely textual. It does not follow symlinks,
545 * verify the existence of the path, or make any system calls.
547 * prefix_len != NULL is for a specific case of prefix_pathspec():
548 * assume that src == dst and src[0..prefix_len-1] is already
549 * normalized, any time "../" eats up to the prefix_len part,
550 * prefix_len is reduced. In the end prefix_len is the remaining
551 * prefix that has not been overridden by user pathspec.
553 int normalize_path_copy_len(char *dst, const char *src, int *prefix_len)
555 char *dst0;
557 if (has_dos_drive_prefix(src)) {
558 *dst++ = *src++;
559 *dst++ = *src++;
561 dst0 = dst;
563 if (is_dir_sep(*src)) {
564 *dst++ = '/';
565 while (is_dir_sep(*src))
566 src++;
569 for (;;) {
570 char c = *src;
573 * A path component that begins with . could be
574 * special:
575 * (1) "." and ends -- ignore and terminate.
576 * (2) "./" -- ignore them, eat slash and continue.
577 * (3) ".." and ends -- strip one and terminate.
578 * (4) "../" -- strip one, eat slash and continue.
580 if (c == '.') {
581 if (!src[1]) {
582 /* (1) */
583 src++;
584 } else if (is_dir_sep(src[1])) {
585 /* (2) */
586 src += 2;
587 while (is_dir_sep(*src))
588 src++;
589 continue;
590 } else if (src[1] == '.') {
591 if (!src[2]) {
592 /* (3) */
593 src += 2;
594 goto up_one;
595 } else if (is_dir_sep(src[2])) {
596 /* (4) */
597 src += 3;
598 while (is_dir_sep(*src))
599 src++;
600 goto up_one;
605 /* copy up to the next '/', and eat all '/' */
606 while ((c = *src++) != '\0' && !is_dir_sep(c))
607 *dst++ = c;
608 if (is_dir_sep(c)) {
609 *dst++ = '/';
610 while (is_dir_sep(c))
611 c = *src++;
612 src--;
613 } else if (!c)
614 break;
615 continue;
617 up_one:
619 * dst0..dst is prefix portion, and dst[-1] is '/';
620 * go up one level.
622 dst--; /* go to trailing '/' */
623 if (dst <= dst0)
624 return -1;
625 /* Windows: dst[-1] cannot be backslash anymore */
626 while (dst0 < dst && dst[-1] != '/')
627 dst--;
628 if (prefix_len && *prefix_len > dst - dst0)
629 *prefix_len = dst - dst0;
631 *dst = '\0';
632 return 0;
635 int normalize_path_copy(char *dst, const char *src)
637 return normalize_path_copy_len(dst, src, NULL);
641 * path = Canonical absolute path
642 * prefixes = string_list containing normalized, absolute paths without
643 * trailing slashes (except for the root directory, which is denoted by "/").
645 * Determines, for each path in prefixes, whether the "prefix"
646 * is an ancestor directory of path. Returns the length of the longest
647 * ancestor directory, excluding any trailing slashes, or -1 if no prefix
648 * is an ancestor. (Note that this means 0 is returned if prefixes is
649 * ["/"].) "/foo" is not considered an ancestor of "/foobar". Directories
650 * are not considered to be their own ancestors. path must be in a
651 * canonical form: empty components, or "." or ".." components are not
652 * allowed.
654 int longest_ancestor_length(const char *path, struct string_list *prefixes)
656 int i, max_len = -1;
658 if (!strcmp(path, "/"))
659 return -1;
661 for (i = 0; i < prefixes->nr; i++) {
662 const char *ceil = prefixes->items[i].string;
663 int len = strlen(ceil);
665 if (len == 1 && ceil[0] == '/')
666 len = 0; /* root matches anything, with length 0 */
667 else if (!strncmp(path, ceil, len) && path[len] == '/')
668 ; /* match of length len */
669 else
670 continue; /* no match */
672 if (len > max_len)
673 max_len = len;
676 return max_len;
679 /* strip arbitrary amount of directory separators at end of path */
680 static inline int chomp_trailing_dir_sep(const char *path, int len)
682 while (len && is_dir_sep(path[len - 1]))
683 len--;
684 return len;
688 * If path ends with suffix (complete path components), returns the
689 * part before suffix (sans trailing directory separators).
690 * Otherwise returns NULL.
692 char *strip_path_suffix(const char *path, const char *suffix)
694 int path_len = strlen(path), suffix_len = strlen(suffix);
696 while (suffix_len) {
697 if (!path_len)
698 return NULL;
700 if (is_dir_sep(path[path_len - 1])) {
701 if (!is_dir_sep(suffix[suffix_len - 1]))
702 return NULL;
703 path_len = chomp_trailing_dir_sep(path, path_len);
704 suffix_len = chomp_trailing_dir_sep(suffix, suffix_len);
706 else if (path[--path_len] != suffix[--suffix_len])
707 return NULL;
710 if (path_len && !is_dir_sep(path[path_len - 1]))
711 return NULL;
712 return xstrndup(path, chomp_trailing_dir_sep(path, path_len));
715 int daemon_avoid_alias(const char *p)
717 int sl, ndot;
720 * This resurrects the belts and suspenders paranoia check by HPA
721 * done in <435560F7.4080006@zytor.com> thread, now enter_repo()
722 * does not do getcwd() based path canonicalization.
724 * sl becomes true immediately after seeing '/' and continues to
725 * be true as long as dots continue after that without intervening
726 * non-dot character.
728 if (!p || (*p != '/' && *p != '~'))
729 return -1;
730 sl = 1; ndot = 0;
731 p++;
733 while (1) {
734 char ch = *p++;
735 if (sl) {
736 if (ch == '.')
737 ndot++;
738 else if (ch == '/') {
739 if (ndot < 3)
740 /* reject //, /./ and /../ */
741 return -1;
742 ndot = 0;
744 else if (ch == 0) {
745 if (0 < ndot && ndot < 3)
746 /* reject /.$ and /..$ */
747 return -1;
748 return 0;
750 else
751 sl = ndot = 0;
753 else if (ch == 0)
754 return 0;
755 else if (ch == '/') {
756 sl = 1;
757 ndot = 0;
762 int offset_1st_component(const char *path)
764 if (has_dos_drive_prefix(path))
765 return 2 + is_dir_sep(path[2]);
766 return is_dir_sep(path[0]);