]>
Commit | Line | Data |
---|---|---|
26c8a533 LT |
1 | /* |
2 | * I'm tired of doing "vsnprintf()" etc just to open a | |
3 | * file, so here's a "return static buffer with printf" | |
4 | * interface for paths. | |
5 | * | |
6 | * It's obviously not thread-safe. Sue me. But it's quite | |
7 | * useful for doing things like | |
8 | * | |
9 | * f = open(mkpath("%s/%s.git", base, name), O_RDONLY); | |
10 | * | |
11 | * which is what it's designed for. | |
12 | */ | |
13 | #include "cache.h" | |
395de250 | 14 | #include "strbuf.h" |
26c8a533 | 15 | |
26c8a533 LT |
16 | static char bad_path[] = "/bad-path/"; |
17 | ||
e7676d2f LT |
18 | static char *get_pathname(void) |
19 | { | |
20 | static char pathname_array[4][PATH_MAX]; | |
21 | static int index; | |
22 | return pathname_array[3 & ++index]; | |
23 | } | |
24 | ||
26c8a533 LT |
25 | static char *cleanup_path(char *path) |
26 | { | |
27 | /* Clean it up */ | |
28 | if (!memcmp(path, "./", 2)) { | |
29 | path += 2; | |
30 | while (*path == '/') | |
31 | path++; | |
32 | } | |
33 | return path; | |
34 | } | |
35 | ||
108bebea AR |
36 | char *mksnpath(char *buf, size_t n, const char *fmt, ...) |
37 | { | |
38 | va_list args; | |
39 | unsigned len; | |
40 | ||
41 | va_start(args, fmt); | |
42 | len = vsnprintf(buf, n, fmt, args); | |
43 | va_end(args); | |
44 | if (len >= n) { | |
9db56f71 | 45 | strlcpy(buf, bad_path, n); |
108bebea AR |
46 | return buf; |
47 | } | |
48 | return cleanup_path(buf); | |
49 | } | |
50 | ||
aba13e7c | 51 | static char *git_vsnpath(char *buf, size_t n, const char *fmt, va_list args) |
fe2d7776 AR |
52 | { |
53 | const char *git_dir = get_git_dir(); | |
fe2d7776 AR |
54 | size_t len; |
55 | ||
56 | len = strlen(git_dir); | |
57 | if (n < len + 1) | |
58 | goto bad; | |
59 | memcpy(buf, git_dir, len); | |
60 | if (len && !is_dir_sep(git_dir[len-1])) | |
61 | buf[len++] = '/'; | |
fe2d7776 | 62 | len += vsnprintf(buf + len, n - len, fmt, args); |
fe2d7776 AR |
63 | if (len >= n) |
64 | goto bad; | |
65 | return cleanup_path(buf); | |
66 | bad: | |
9db56f71 | 67 | strlcpy(buf, bad_path, n); |
fe2d7776 AR |
68 | return buf; |
69 | } | |
70 | ||
aba13e7c AR |
71 | char *git_snpath(char *buf, size_t n, const char *fmt, ...) |
72 | { | |
73 | va_list args; | |
74 | va_start(args, fmt); | |
75 | (void)git_vsnpath(buf, n, fmt, args); | |
76 | va_end(args); | |
77 | return buf; | |
78 | } | |
79 | ||
80 | char *git_pathdup(const char *fmt, ...) | |
81 | { | |
82 | char path[PATH_MAX]; | |
83 | va_list args; | |
84 | va_start(args, fmt); | |
85 | (void)git_vsnpath(path, sizeof(path), fmt, args); | |
86 | va_end(args); | |
87 | return xstrdup(path); | |
88 | } | |
89 | ||
26c8a533 LT |
90 | char *mkpath(const char *fmt, ...) |
91 | { | |
92 | va_list args; | |
93 | unsigned len; | |
e7676d2f | 94 | char *pathname = get_pathname(); |
26c8a533 LT |
95 | |
96 | va_start(args, fmt); | |
97 | len = vsnprintf(pathname, PATH_MAX, fmt, args); | |
98 | va_end(args); | |
99 | if (len >= PATH_MAX) | |
100 | return bad_path; | |
101 | return cleanup_path(pathname); | |
102 | } | |
103 | ||
104 | char *git_path(const char *fmt, ...) | |
105 | { | |
5da1606d | 106 | const char *git_dir = get_git_dir(); |
e7676d2f | 107 | char *pathname = get_pathname(); |
26c8a533 LT |
108 | va_list args; |
109 | unsigned len; | |
110 | ||
111 | len = strlen(git_dir); | |
112 | if (len > PATH_MAX-100) | |
113 | return bad_path; | |
114 | memcpy(pathname, git_dir, len); | |
115 | if (len && git_dir[len-1] != '/') | |
116 | pathname[len++] = '/'; | |
117 | va_start(args, fmt); | |
118 | len += vsnprintf(pathname + len, PATH_MAX - len, fmt, args); | |
119 | va_end(args); | |
120 | if (len >= PATH_MAX) | |
121 | return bad_path; | |
122 | return cleanup_path(pathname); | |
123 | } | |
f2db68ed | 124 | |
0bad611b HV |
125 | char *git_path_submodule(const char *path, const char *fmt, ...) |
126 | { | |
127 | char *pathname = get_pathname(); | |
128 | struct strbuf buf = STRBUF_INIT; | |
129 | const char *git_dir; | |
130 | va_list args; | |
131 | unsigned len; | |
132 | ||
133 | len = strlen(path); | |
134 | if (len > PATH_MAX-100) | |
135 | return bad_path; | |
136 | ||
137 | strbuf_addstr(&buf, path); | |
138 | if (len && path[len-1] != '/') | |
139 | strbuf_addch(&buf, '/'); | |
140 | strbuf_addstr(&buf, ".git"); | |
141 | ||
142 | git_dir = read_gitfile_gently(buf.buf); | |
143 | if (git_dir) { | |
144 | strbuf_reset(&buf); | |
145 | strbuf_addstr(&buf, git_dir); | |
146 | } | |
147 | strbuf_addch(&buf, '/'); | |
148 | ||
149 | if (buf.len >= PATH_MAX) | |
150 | return bad_path; | |
151 | memcpy(pathname, buf.buf, buf.len + 1); | |
152 | ||
153 | strbuf_release(&buf); | |
154 | len = strlen(pathname); | |
155 | ||
156 | va_start(args, fmt); | |
157 | len += vsnprintf(pathname + len, PATH_MAX - len, fmt, args); | |
158 | va_end(args); | |
159 | if (len >= PATH_MAX) | |
160 | return bad_path; | |
161 | return cleanup_path(pathname); | |
162 | } | |
f2db68ed HE |
163 | |
164 | /* git_mkstemp() - create tmp file honoring TMPDIR variable */ | |
165 | int git_mkstemp(char *path, size_t len, const char *template) | |
166 | { | |
e7a7be88 JH |
167 | const char *tmp; |
168 | size_t n; | |
169 | ||
170 | tmp = getenv("TMPDIR"); | |
171 | if (!tmp) | |
172 | tmp = "/tmp"; | |
173 | n = snprintf(path, len, "%s/%s", tmp, template); | |
174 | if (len <= n) { | |
175 | errno = ENAMETOOLONG; | |
176 | return -1; | |
35c3c629 | 177 | } |
f2db68ed HE |
178 | return mkstemp(path); |
179 | } | |
180 | ||
003b33a8 DA |
181 | /* git_mkstemps() - create tmp file with suffix honoring TMPDIR variable. */ |
182 | int git_mkstemps(char *path, size_t len, const char *template, int suffix_len) | |
183 | { | |
184 | const char *tmp; | |
185 | size_t n; | |
186 | ||
187 | tmp = getenv("TMPDIR"); | |
188 | if (!tmp) | |
189 | tmp = "/tmp"; | |
190 | n = snprintf(path, len, "%s/%s", tmp, template); | |
191 | if (len <= n) { | |
192 | errno = ENAMETOOLONG; | |
193 | return -1; | |
194 | } | |
195 | return mkstemps(path, suffix_len); | |
196 | } | |
f2db68ed | 197 | |
00787ed5 MM |
198 | /* Adapted from libiberty's mkstemp.c. */ |
199 | ||
200 | #undef TMP_MAX | |
201 | #define TMP_MAX 16384 | |
202 | ||
b862b61c | 203 | int git_mkstemps_mode(char *pattern, int suffix_len, int mode) |
00787ed5 MM |
204 | { |
205 | static const char letters[] = | |
206 | "abcdefghijklmnopqrstuvwxyz" | |
207 | "ABCDEFGHIJKLMNOPQRSTUVWXYZ" | |
208 | "0123456789"; | |
209 | static const int num_letters = 62; | |
210 | uint64_t value; | |
211 | struct timeval tv; | |
212 | char *template; | |
213 | size_t len; | |
214 | int fd, count; | |
215 | ||
216 | len = strlen(pattern); | |
217 | ||
218 | if (len < 6 + suffix_len) { | |
219 | errno = EINVAL; | |
220 | return -1; | |
221 | } | |
222 | ||
223 | if (strncmp(&pattern[len - 6 - suffix_len], "XXXXXX", 6)) { | |
224 | errno = EINVAL; | |
225 | return -1; | |
226 | } | |
227 | ||
228 | /* | |
229 | * Replace pattern's XXXXXX characters with randomness. | |
230 | * Try TMP_MAX different filenames. | |
231 | */ | |
232 | gettimeofday(&tv, NULL); | |
233 | value = ((size_t)(tv.tv_usec << 16)) ^ tv.tv_sec ^ getpid(); | |
234 | template = &pattern[len - 6 - suffix_len]; | |
235 | for (count = 0; count < TMP_MAX; ++count) { | |
236 | uint64_t v = value; | |
237 | /* Fill in the random bits. */ | |
238 | template[0] = letters[v % num_letters]; v /= num_letters; | |
239 | template[1] = letters[v % num_letters]; v /= num_letters; | |
240 | template[2] = letters[v % num_letters]; v /= num_letters; | |
241 | template[3] = letters[v % num_letters]; v /= num_letters; | |
242 | template[4] = letters[v % num_letters]; v /= num_letters; | |
243 | template[5] = letters[v % num_letters]; v /= num_letters; | |
244 | ||
b862b61c | 245 | fd = open(pattern, O_CREAT | O_EXCL | O_RDWR, mode); |
00787ed5 MM |
246 | if (fd > 0) |
247 | return fd; | |
248 | /* | |
249 | * Fatal error (EPERM, ENOSPC etc). | |
250 | * It doesn't make sense to loop. | |
251 | */ | |
252 | if (errno != EEXIST) | |
253 | break; | |
254 | /* | |
255 | * This is a random value. It is only necessary that | |
256 | * the next TMP_MAX values generated by adding 7777 to | |
257 | * VALUE are different with (module 2^32). | |
258 | */ | |
259 | value += 7777; | |
260 | } | |
261 | /* We return the null string if we can't find a unique file name. */ | |
262 | pattern[0] = '\0'; | |
00787ed5 MM |
263 | return -1; |
264 | } | |
265 | ||
b862b61c MM |
266 | int git_mkstemp_mode(char *pattern, int mode) |
267 | { | |
268 | /* mkstemp is just mkstemps with no suffix */ | |
269 | return git_mkstemps_mode(pattern, 0, mode); | |
270 | } | |
271 | ||
272 | int gitmkstemps(char *pattern, int suffix_len) | |
273 | { | |
274 | return git_mkstemps_mode(pattern, suffix_len, 0600); | |
275 | } | |
276 | ||
c847f537 | 277 | int validate_headref(const char *path) |
0870ca7f JH |
278 | { |
279 | struct stat st; | |
280 | char *buf, buffer[256]; | |
c847f537 | 281 | unsigned char sha1[20]; |
0104ca09 HO |
282 | int fd; |
283 | ssize_t len; | |
0870ca7f JH |
284 | |
285 | if (lstat(path, &st) < 0) | |
286 | return -1; | |
287 | ||
288 | /* Make sure it is a "refs/.." symlink */ | |
289 | if (S_ISLNK(st.st_mode)) { | |
290 | len = readlink(path, buffer, sizeof(buffer)-1); | |
222b1673 | 291 | if (len >= 5 && !memcmp("refs/", buffer, 5)) |
0870ca7f JH |
292 | return 0; |
293 | return -1; | |
294 | } | |
295 | ||
296 | /* | |
297 | * Anything else, just open it and try to see if it is a symbolic ref. | |
298 | */ | |
299 | fd = open(path, O_RDONLY); | |
300 | if (fd < 0) | |
301 | return -1; | |
93d26e4c | 302 | len = read_in_full(fd, buffer, sizeof(buffer)-1); |
0870ca7f JH |
303 | close(fd); |
304 | ||
305 | /* | |
306 | * Is it a symbolic ref? | |
307 | */ | |
c847f537 | 308 | if (len < 4) |
0870ca7f | 309 | return -1; |
c847f537 JH |
310 | if (!memcmp("ref:", buffer, 4)) { |
311 | buf = buffer + 4; | |
312 | len -= 4; | |
313 | while (len && isspace(*buf)) | |
314 | buf++, len--; | |
222b1673 | 315 | if (len >= 5 && !memcmp("refs/", buf, 5)) |
c847f537 JH |
316 | return 0; |
317 | } | |
318 | ||
319 | /* | |
320 | * Is this a detached HEAD? | |
321 | */ | |
322 | if (!get_sha1_hex(buffer, sha1)) | |
0870ca7f | 323 | return 0; |
c847f537 | 324 | |
0870ca7f JH |
325 | return -1; |
326 | } | |
327 | ||
395de250 | 328 | static struct passwd *getpw_str(const char *username, size_t len) |
54f4b874 | 329 | { |
d79374c7 | 330 | struct passwd *pw; |
395de250 MM |
331 | char *username_z = xmalloc(len + 1); |
332 | memcpy(username_z, username, len); | |
333 | username_z[len] = '\0'; | |
334 | pw = getpwnam(username_z); | |
335 | free(username_z); | |
336 | return pw; | |
337 | } | |
54f4b874 | 338 | |
395de250 MM |
339 | /* |
340 | * Return a string with ~ and ~user expanded via getpw*. If buf != NULL, | |
341 | * then it is a newly allocated string. Returns NULL on getpw failure or | |
342 | * if path is NULL. | |
343 | */ | |
344 | char *expand_user_path(const char *path) | |
345 | { | |
346 | struct strbuf user_path = STRBUF_INIT; | |
347 | const char *first_slash = strchrnul(path, '/'); | |
348 | const char *to_copy = path; | |
349 | ||
350 | if (path == NULL) | |
351 | goto return_null; | |
352 | if (path[0] == '~') { | |
353 | const char *username = path + 1; | |
354 | size_t username_len = first_slash - username; | |
df2a79f4 MM |
355 | if (username_len == 0) { |
356 | const char *home = getenv("HOME"); | |
79bf1490 JN |
357 | if (!home) |
358 | goto return_null; | |
df2a79f4 MM |
359 | strbuf_add(&user_path, home, strlen(home)); |
360 | } else { | |
361 | struct passwd *pw = getpw_str(username, username_len); | |
362 | if (!pw) | |
363 | goto return_null; | |
364 | strbuf_add(&user_path, pw->pw_dir, strlen(pw->pw_dir)); | |
54f4b874 | 365 | } |
395de250 | 366 | to_copy = first_slash; |
d79374c7 | 367 | } |
395de250 MM |
368 | strbuf_add(&user_path, to_copy, strlen(to_copy)); |
369 | return strbuf_detach(&user_path, NULL); | |
370 | return_null: | |
371 | strbuf_release(&user_path); | |
372 | return NULL; | |
54f4b874 AE |
373 | } |
374 | ||
d79374c7 JH |
375 | /* |
376 | * First, one directory to try is determined by the following algorithm. | |
377 | * | |
378 | * (0) If "strict" is given, the path is used as given and no DWIM is | |
379 | * done. Otherwise: | |
380 | * (1) "~/path" to mean path under the running user's home directory; | |
381 | * (2) "~user/path" to mean path under named user's home directory; | |
382 | * (3) "relative/path" to mean cwd relative directory; or | |
383 | * (4) "/absolute/path" to mean absolute directory. | |
384 | * | |
385 | * Unless "strict" is given, we try access() for existence of "%s.git/.git", | |
386 | * "%s/.git", "%s.git", "%s" in this order. The first one that exists is | |
387 | * what we try. | |
388 | * | |
389 | * Second, we try chdir() to that. Upon failure, we return NULL. | |
390 | * | |
391 | * Then, we try if the current directory is a valid git repository. | |
392 | * Upon failure, we return NULL. | |
393 | * | |
394 | * If all goes well, we return the directory we used to chdir() (but | |
395 | * before ~user is expanded), avoiding getcwd() resolving symbolic | |
396 | * links. User relative paths are also returned as they are given, | |
397 | * except DWIM suffixing. | |
398 | */ | |
54f4b874 AE |
399 | char *enter_repo(char *path, int strict) |
400 | { | |
d79374c7 JH |
401 | static char used_path[PATH_MAX]; |
402 | static char validated_path[PATH_MAX]; | |
403 | ||
404 | if (!path) | |
54f4b874 AE |
405 | return NULL; |
406 | ||
d79374c7 JH |
407 | if (!strict) { |
408 | static const char *suffix[] = { | |
409 | ".git/.git", "/.git", ".git", "", NULL, | |
410 | }; | |
411 | int len = strlen(path); | |
412 | int i; | |
413 | while ((1 < len) && (path[len-1] == '/')) { | |
414 | path[len-1] = 0; | |
415 | len--; | |
416 | } | |
417 | if (PATH_MAX <= len) | |
54f4b874 | 418 | return NULL; |
d79374c7 | 419 | if (path[0] == '~') { |
395de250 MM |
420 | char *newpath = expand_user_path(path); |
421 | if (!newpath || (PATH_MAX - 10 < strlen(newpath))) { | |
422 | free(newpath); | |
d79374c7 | 423 | return NULL; |
395de250 MM |
424 | } |
425 | /* | |
426 | * Copy back into the static buffer. A pity | |
427 | * since newpath was not bounded, but other | |
428 | * branches of the if are limited by PATH_MAX | |
429 | * anyway. | |
430 | */ | |
431 | strcpy(used_path, newpath); free(newpath); | |
d79374c7 JH |
432 | strcpy(validated_path, path); |
433 | path = used_path; | |
434 | } | |
435 | else if (PATH_MAX - 10 < len) | |
436 | return NULL; | |
437 | else { | |
438 | path = strcpy(used_path, path); | |
439 | strcpy(validated_path, path); | |
440 | } | |
441 | len = strlen(path); | |
442 | for (i = 0; suffix[i]; i++) { | |
443 | strcpy(path + len, suffix[i]); | |
444 | if (!access(path, F_OK)) { | |
445 | strcat(validated_path, suffix[i]); | |
446 | break; | |
447 | } | |
448 | } | |
449 | if (!suffix[i] || chdir(path)) | |
0870ca7f | 450 | return NULL; |
d79374c7 | 451 | path = validated_path; |
0870ca7f | 452 | } |
d79374c7 JH |
453 | else if (chdir(path)) |
454 | return NULL; | |
54f4b874 | 455 | |
d79374c7 | 456 | if (access("objects", X_OK) == 0 && access("refs", X_OK) == 0 && |
c847f537 | 457 | validate_headref("HEAD") == 0) { |
717c3972 | 458 | set_git_dir("."); |
1644162a | 459 | check_repository_format(); |
d79374c7 | 460 | return path; |
54f4b874 AE |
461 | } |
462 | ||
463 | return NULL; | |
464 | } | |
138086a7 | 465 | |
17e61b82 | 466 | int set_shared_perm(const char *path, int mode) |
138086a7 JH |
467 | { |
468 | struct stat st; | |
17e61b82 | 469 | int tweak, shared, orig_mode; |
138086a7 | 470 | |
17e61b82 JH |
471 | if (!shared_repository) { |
472 | if (mode) | |
473 | return chmod(path, mode & ~S_IFMT); | |
138086a7 | 474 | return 0; |
17e61b82 JH |
475 | } |
476 | if (!mode) { | |
477 | if (lstat(path, &st) < 0) | |
478 | return -1; | |
479 | mode = st.st_mode; | |
480 | orig_mode = mode; | |
481 | } else | |
482 | orig_mode = 0; | |
5a688fe4 JH |
483 | if (shared_repository < 0) |
484 | shared = -shared_repository; | |
485 | else | |
486 | shared = shared_repository; | |
487 | tweak = shared; | |
488 | ||
489 | if (!(mode & S_IWUSR)) | |
490 | tweak &= ~0222; | |
491 | if (mode & S_IXUSR) | |
492 | /* Copy read bits to execute bits */ | |
493 | tweak |= (tweak & 0444) >> 2; | |
494 | if (shared_repository < 0) | |
495 | mode = (mode & ~0777) | tweak; | |
496 | else | |
8c6202d8 | 497 | mode |= tweak; |
06cbe855 HO |
498 | |
499 | if (S_ISDIR(mode)) { | |
06cbe855 | 500 | /* Copy read bits to execute bits */ |
5a688fe4 JH |
501 | mode |= (shared & 0444) >> 2; |
502 | mode |= FORCE_DIR_SET_GID; | |
06cbe855 HO |
503 | } |
504 | ||
5a688fe4 | 505 | if (((shared_repository < 0 |
17e61b82 JH |
506 | ? (orig_mode & (FORCE_DIR_SET_GID | 0777)) |
507 | : (orig_mode & mode)) != mode) && | |
508 | chmod(path, (mode & ~S_IFMT)) < 0) | |
138086a7 JH |
509 | return -2; |
510 | return 0; | |
511 | } | |
e5392c51 | 512 | |
044bbbcb LT |
513 | const char *make_relative_path(const char *abs, const char *base) |
514 | { | |
515 | static char buf[PATH_MAX + 1]; | |
288123f0 JH |
516 | int i = 0, j = 0; |
517 | ||
518 | if (!base || !base[0]) | |
044bbbcb | 519 | return abs; |
288123f0 JH |
520 | while (base[i]) { |
521 | if (is_dir_sep(base[i])) { | |
522 | if (!is_dir_sep(abs[j])) | |
523 | return abs; | |
524 | while (is_dir_sep(base[i])) | |
525 | i++; | |
526 | while (is_dir_sep(abs[j])) | |
527 | j++; | |
528 | continue; | |
529 | } else if (abs[j] != base[i]) { | |
530 | return abs; | |
531 | } | |
532 | i++; | |
533 | j++; | |
534 | } | |
535 | if ( | |
536 | /* "/foo" is a prefix of "/foo" */ | |
537 | abs[j] && | |
538 | /* "/foo" is not a prefix of "/foobar" */ | |
539 | !is_dir_sep(base[i-1]) && !is_dir_sep(abs[j]) | |
540 | ) | |
044bbbcb | 541 | return abs; |
288123f0 JH |
542 | while (is_dir_sep(abs[j])) |
543 | j++; | |
544 | if (!abs[j]) | |
545 | strcpy(buf, "."); | |
546 | else | |
547 | strcpy(buf, abs + j); | |
044bbbcb LT |
548 | return buf; |
549 | } | |
ae299be0 DR |
550 | |
551 | /* | |
f2a782b8 | 552 | * It is okay if dst == src, but they should not overlap otherwise. |
ae299be0 | 553 | * |
f2a782b8 JS |
554 | * Performs the following normalizations on src, storing the result in dst: |
555 | * - Ensures that components are separated by '/' (Windows only) | |
556 | * - Squashes sequences of '/'. | |
ae299be0 DR |
557 | * - Removes "." components. |
558 | * - Removes ".." components, and the components the precede them. | |
f2a782b8 JS |
559 | * Returns failure (non-zero) if a ".." component appears as first path |
560 | * component anytime during the normalization. Otherwise, returns success (0). | |
ae299be0 DR |
561 | * |
562 | * Note that this function is purely textual. It does not follow symlinks, | |
563 | * verify the existence of the path, or make any system calls. | |
564 | */ | |
f3cad0ad | 565 | int normalize_path_copy(char *dst, const char *src) |
ae299be0 | 566 | { |
f3cad0ad | 567 | char *dst0; |
ae299be0 | 568 | |
f3cad0ad JS |
569 | if (has_dos_drive_prefix(src)) { |
570 | *dst++ = *src++; | |
571 | *dst++ = *src++; | |
ae299be0 | 572 | } |
f3cad0ad | 573 | dst0 = dst; |
ae299be0 | 574 | |
f3cad0ad | 575 | if (is_dir_sep(*src)) { |
ae299be0 | 576 | *dst++ = '/'; |
f3cad0ad JS |
577 | while (is_dir_sep(*src)) |
578 | src++; | |
579 | } | |
580 | ||
581 | for (;;) { | |
582 | char c = *src; | |
583 | ||
584 | /* | |
585 | * A path component that begins with . could be | |
586 | * special: | |
587 | * (1) "." and ends -- ignore and terminate. | |
588 | * (2) "./" -- ignore them, eat slash and continue. | |
589 | * (3) ".." and ends -- strip one and terminate. | |
590 | * (4) "../" -- strip one, eat slash and continue. | |
591 | */ | |
592 | if (c == '.') { | |
593 | if (!src[1]) { | |
594 | /* (1) */ | |
595 | src++; | |
596 | } else if (is_dir_sep(src[1])) { | |
597 | /* (2) */ | |
598 | src += 2; | |
599 | while (is_dir_sep(*src)) | |
600 | src++; | |
601 | continue; | |
602 | } else if (src[1] == '.') { | |
603 | if (!src[2]) { | |
604 | /* (3) */ | |
605 | src += 2; | |
606 | goto up_one; | |
607 | } else if (is_dir_sep(src[2])) { | |
608 | /* (4) */ | |
609 | src += 3; | |
610 | while (is_dir_sep(*src)) | |
611 | src++; | |
612 | goto up_one; | |
613 | } | |
614 | } | |
615 | } | |
ae299be0 | 616 | |
f3cad0ad JS |
617 | /* copy up to the next '/', and eat all '/' */ |
618 | while ((c = *src++) != '\0' && !is_dir_sep(c)) | |
619 | *dst++ = c; | |
620 | if (is_dir_sep(c)) { | |
621 | *dst++ = '/'; | |
622 | while (is_dir_sep(c)) | |
623 | c = *src++; | |
624 | src--; | |
625 | } else if (!c) | |
626 | break; | |
627 | continue; | |
628 | ||
629 | up_one: | |
630 | /* | |
631 | * dst0..dst is prefix portion, and dst[-1] is '/'; | |
632 | * go up one level. | |
633 | */ | |
f42302b4 JS |
634 | dst--; /* go to trailing '/' */ |
635 | if (dst <= dst0) | |
f3cad0ad | 636 | return -1; |
f42302b4 JS |
637 | /* Windows: dst[-1] cannot be backslash anymore */ |
638 | while (dst0 < dst && dst[-1] != '/') | |
639 | dst--; | |
f3cad0ad | 640 | } |
ae299be0 | 641 | *dst = '\0'; |
f3cad0ad | 642 | return 0; |
ae299be0 | 643 | } |
0454dd93 DR |
644 | |
645 | /* | |
646 | * path = Canonical absolute path | |
647 | * prefix_list = Colon-separated list of absolute paths | |
648 | * | |
2860b57a | 649 | * Determines, for each path in prefix_list, whether the "prefix" really |
0454dd93 DR |
650 | * is an ancestor directory of path. Returns the length of the longest |
651 | * ancestor directory, excluding any trailing slashes, or -1 if no prefix | |
652 | * is an ancestor. (Note that this means 0 is returned if prefix_list is | |
653 | * "/".) "/foo" is not considered an ancestor of "/foobar". Directories | |
654 | * are not considered to be their own ancestors. path must be in a | |
655 | * canonical form: empty components, or "." or ".." components are not | |
656 | * allowed. prefix_list may be null, which is like "". | |
657 | */ | |
658 | int longest_ancestor_length(const char *path, const char *prefix_list) | |
659 | { | |
660 | char buf[PATH_MAX+1]; | |
661 | const char *ceil, *colon; | |
662 | int len, max_len = -1; | |
663 | ||
664 | if (prefix_list == NULL || !strcmp(path, "/")) | |
665 | return -1; | |
666 | ||
667 | for (colon = ceil = prefix_list; *colon; ceil = colon+1) { | |
43a7ddb5 | 668 | for (colon = ceil; *colon && *colon != PATH_SEP; colon++); |
0454dd93 DR |
669 | len = colon - ceil; |
670 | if (len == 0 || len > PATH_MAX || !is_absolute_path(ceil)) | |
671 | continue; | |
672 | strlcpy(buf, ceil, len+1); | |
43a7ddb5 RS |
673 | if (normalize_path_copy(buf, buf) < 0) |
674 | continue; | |
675 | len = strlen(buf); | |
676 | if (len > 0 && buf[len-1] == '/') | |
677 | buf[--len] = '\0'; | |
0454dd93 DR |
678 | |
679 | if (!strncmp(path, buf, len) && | |
680 | path[len] == '/' && | |
681 | len > max_len) { | |
682 | max_len = len; | |
683 | } | |
684 | } | |
685 | ||
686 | return max_len; | |
687 | } | |
4fcc86b0 JS |
688 | |
689 | /* strip arbitrary amount of directory separators at end of path */ | |
690 | static inline int chomp_trailing_dir_sep(const char *path, int len) | |
691 | { | |
692 | while (len && is_dir_sep(path[len - 1])) | |
693 | len--; | |
694 | return len; | |
695 | } | |
696 | ||
697 | /* | |
698 | * If path ends with suffix (complete path components), returns the | |
699 | * part before suffix (sans trailing directory separators). | |
700 | * Otherwise returns NULL. | |
701 | */ | |
702 | char *strip_path_suffix(const char *path, const char *suffix) | |
703 | { | |
704 | int path_len = strlen(path), suffix_len = strlen(suffix); | |
705 | ||
706 | while (suffix_len) { | |
707 | if (!path_len) | |
708 | return NULL; | |
709 | ||
710 | if (is_dir_sep(path[path_len - 1])) { | |
711 | if (!is_dir_sep(suffix[suffix_len - 1])) | |
712 | return NULL; | |
713 | path_len = chomp_trailing_dir_sep(path, path_len); | |
714 | suffix_len = chomp_trailing_dir_sep(suffix, suffix_len); | |
715 | } | |
716 | else if (path[--path_len] != suffix[--suffix_len]) | |
717 | return NULL; | |
718 | } | |
719 | ||
720 | if (path_len && !is_dir_sep(path[path_len - 1])) | |
721 | return NULL; | |
722 | return xstrndup(path, chomp_trailing_dir_sep(path, path_len)); | |
723 | } | |
34b6cb8b SP |
724 | |
725 | int daemon_avoid_alias(const char *p) | |
726 | { | |
727 | int sl, ndot; | |
728 | ||
729 | /* | |
730 | * This resurrects the belts and suspenders paranoia check by HPA | |
731 | * done in <435560F7.4080006@zytor.com> thread, now enter_repo() | |
9517e6b8 | 732 | * does not do getcwd() based path canonicalization. |
34b6cb8b SP |
733 | * |
734 | * sl becomes true immediately after seeing '/' and continues to | |
735 | * be true as long as dots continue after that without intervening | |
736 | * non-dot character. | |
737 | */ | |
738 | if (!p || (*p != '/' && *p != '~')) | |
739 | return -1; | |
740 | sl = 1; ndot = 0; | |
741 | p++; | |
742 | ||
743 | while (1) { | |
744 | char ch = *p++; | |
745 | if (sl) { | |
746 | if (ch == '.') | |
747 | ndot++; | |
748 | else if (ch == '/') { | |
749 | if (ndot < 3) | |
750 | /* reject //, /./ and /../ */ | |
751 | return -1; | |
752 | ndot = 0; | |
753 | } | |
754 | else if (ch == 0) { | |
755 | if (0 < ndot && ndot < 3) | |
756 | /* reject /.$ and /..$ */ | |
757 | return -1; | |
758 | return 0; | |
759 | } | |
760 | else | |
761 | sl = ndot = 0; | |
762 | } | |
763 | else if (ch == 0) | |
764 | return 0; | |
765 | else if (ch == '/') { | |
766 | sl = 1; | |
767 | ndot = 0; | |
768 | } | |
769 | } | |
770 | } | |
4bb43de2 NTND |
771 | |
772 | int offset_1st_component(const char *path) | |
773 | { | |
774 | if (has_dos_drive_prefix(path)) | |
775 | return 2 + is_dir_sep(path[2]); | |
776 | return is_dir_sep(path[0]); | |
777 | } |