Do not DWIM in userpath library under strict mode.
[git] / refs.c
1 #include "refs.h"
2 #include "cache.h"
3
4 #include <errno.h>
5
6 /* We allow "recursive" symbolic refs. Only within reason, though */
7 #define MAXDEPTH 5
8
9 #ifndef USE_SYMLINK_HEAD
10 #define USE_SYMLINK_HEAD 1
11 #endif
12
13 const char *resolve_ref(const char *path, unsigned char *sha1, int reading)
14 {
15         int depth = MAXDEPTH, len;
16         char buffer[256];
17
18         for (;;) {
19                 struct stat st;
20                 char *buf;
21                 int fd;
22
23                 if (--depth < 0)
24                         return NULL;
25
26                 /* Special case: non-existing file.
27                  * Not having the refs/heads/new-branch is OK
28                  * if we are writing into it, so is .git/HEAD
29                  * that points at refs/heads/master still to be
30                  * born.  It is NOT OK if we are resolving for
31                  * reading.
32                  */
33                 if (lstat(path, &st) < 0) {
34                         if (reading || errno != ENOENT)
35                                 return NULL;
36                         memset(sha1, 0, 20);
37                         return path;
38                 }
39
40                 /* Follow "normalized" - ie "refs/.." symlinks by hand */
41                 if (S_ISLNK(st.st_mode)) {
42                         len = readlink(path, buffer, sizeof(buffer)-1);
43                         if (len >= 5 && !memcmp("refs/", buffer, 5)) {
44                                 path = git_path("%.*s", len, buffer);
45                                 continue;
46                         }
47                 }
48
49                 /*
50                  * Anything else, just open it and try to use it as
51                  * a ref
52                  */
53                 fd = open(path, O_RDONLY);
54                 if (fd < 0)
55                         return NULL;
56                 len = read(fd, buffer, sizeof(buffer)-1);
57                 close(fd);
58
59                 /*
60                  * Is it a symbolic ref?
61                  */
62                 if (len < 4 || memcmp("ref:", buffer, 4))
63                         break;
64                 buf = buffer + 4;
65                 len -= 4;
66                 while (len && isspace(*buf))
67                         buf++, len--;
68                 while (len && isspace(buf[len-1]))
69                         buf[--len] = 0;
70                 path = git_path("%.*s", len, buf);
71         }
72         if (len < 40 || get_sha1_hex(buffer, sha1))
73                 return NULL;
74         return path;
75 }
76
77 int create_symref(const char *git_HEAD, const char *refs_heads_master)
78 {
79         const char *lockpath;
80         char ref[1000];
81         int fd, len, written;
82
83 #if USE_SYMLINK_HEAD
84         if (!only_use_symrefs) {
85                 unlink(git_HEAD);
86                 if (!symlink(refs_heads_master, git_HEAD))
87                         return 0;
88                 fprintf(stderr, "no symlink - falling back to symbolic ref\n");
89         }
90 #endif
91
92         len = snprintf(ref, sizeof(ref), "ref: %s\n", refs_heads_master);
93         if (sizeof(ref) <= len) {
94                 error("refname too long: %s", refs_heads_master);
95                 return -1;
96         }
97         lockpath = mkpath("%s.lock", git_HEAD);
98         fd = open(lockpath, O_CREAT | O_EXCL | O_WRONLY, 0666); 
99         written = write(fd, ref, len);
100         close(fd);
101         if (written != len) {
102                 unlink(lockpath);
103                 error("Unable to write to %s", lockpath);
104                 return -2;
105         }
106         if (rename(lockpath, git_HEAD) < 0) {
107                 unlink(lockpath);
108                 error("Unable to create %s", git_HEAD);
109                 return -3;
110         }
111         return 0;
112 }
113
114 int read_ref(const char *filename, unsigned char *sha1)
115 {
116         if (resolve_ref(filename, sha1, 1))
117                 return 0;
118         return -1;
119 }
120
121 static int do_for_each_ref(const char *base, int (*fn)(const char *path, const unsigned char *sha1))
122 {
123         int retval = 0;
124         DIR *dir = opendir(git_path("%s", base));
125
126         if (dir) {
127                 struct dirent *de;
128                 int baselen = strlen(base);
129                 char *path = xmalloc(baselen + 257);
130
131                 if (!strncmp(base, "./", 2)) {
132                         base += 2;
133                         baselen -= 2;
134                 }
135                 memcpy(path, base, baselen);
136                 if (baselen && base[baselen-1] != '/')
137                         path[baselen++] = '/';
138
139                 while ((de = readdir(dir)) != NULL) {
140                         unsigned char sha1[20];
141                         struct stat st;
142                         int namelen;
143
144                         if (de->d_name[0] == '.')
145                                 continue;
146                         namelen = strlen(de->d_name);
147                         if (namelen > 255)
148                                 continue;
149                         memcpy(path + baselen, de->d_name, namelen+1);
150                         if (stat(git_path("%s", path), &st) < 0)
151                                 continue;
152                         if (S_ISDIR(st.st_mode)) {
153                                 retval = do_for_each_ref(path, fn);
154                                 if (retval)
155                                         break;
156                                 continue;
157                         }
158                         if (read_ref(git_path("%s", path), sha1) < 0)
159                                 continue;
160                         if (!has_sha1_file(sha1))
161                                 continue;
162                         retval = fn(path, sha1);
163                         if (retval)
164                                 break;
165                 }
166                 free(path);
167                 closedir(dir);
168         }
169         return retval;
170 }
171
172 int head_ref(int (*fn)(const char *path, const unsigned char *sha1))
173 {
174         unsigned char sha1[20];
175         if (!read_ref(git_path("HEAD"), sha1))
176                 return fn("HEAD", sha1);
177         return 0;
178 }
179
180 int for_each_ref(int (*fn)(const char *path, const unsigned char *sha1))
181 {
182         return do_for_each_ref("refs", fn);
183 }
184
185 static char *ref_file_name(const char *ref)
186 {
187         char *base = get_refs_directory();
188         int baselen = strlen(base);
189         int reflen = strlen(ref);
190         char *ret = xmalloc(baselen + 2 + reflen);
191         sprintf(ret, "%s/%s", base, ref);
192         return ret;
193 }
194
195 static char *ref_lock_file_name(const char *ref)
196 {
197         char *base = get_refs_directory();
198         int baselen = strlen(base);
199         int reflen = strlen(ref);
200         char *ret = xmalloc(baselen + 7 + reflen);
201         sprintf(ret, "%s/%s.lock", base, ref);
202         return ret;
203 }
204
205 int get_ref_sha1(const char *ref, unsigned char *sha1)
206 {
207         const char *filename;
208
209         if (check_ref_format(ref))
210                 return -1;
211         filename = git_path("refs/%s", ref);
212         return read_ref(filename, sha1);
213 }
214
215 static int lock_ref_file(const char *filename, const char *lock_filename,
216                          const unsigned char *old_sha1)
217 {
218         int fd = open(lock_filename, O_WRONLY | O_CREAT | O_EXCL, 0666);
219         unsigned char current_sha1[20];
220         int retval;
221         if (fd < 0) {
222                 return error("Couldn't open lock file for %s: %s",
223                              filename, strerror(errno));
224         }
225         retval = read_ref(filename, current_sha1);
226         if (old_sha1) {
227                 if (retval) {
228                         close(fd);
229                         unlink(lock_filename);
230                         return error("Could not read the current value of %s",
231                                      filename);
232                 }
233                 if (memcmp(current_sha1, old_sha1, 20)) {
234                         close(fd);
235                         unlink(lock_filename);
236                         error("The current value of %s is %s",
237                               filename, sha1_to_hex(current_sha1));
238                         return error("Expected %s",
239                                      sha1_to_hex(old_sha1));
240                 }
241         } else {
242                 if (!retval) {
243                         close(fd);
244                         unlink(lock_filename);
245                         return error("Unexpectedly found a value of %s for %s",
246                                      sha1_to_hex(current_sha1), filename);
247                 }
248         }
249         return fd;
250 }
251
252 int lock_ref_sha1(const char *ref, const unsigned char *old_sha1)
253 {
254         char *filename;
255         char *lock_filename;
256         int retval;
257         if (check_ref_format(ref))
258                 return -1;
259         filename = ref_file_name(ref);
260         lock_filename = ref_lock_file_name(ref);
261         retval = lock_ref_file(filename, lock_filename, old_sha1);
262         free(filename);
263         free(lock_filename);
264         return retval;
265 }
266
267 static int write_ref_file(const char *filename,
268                           const char *lock_filename, int fd,
269                           const unsigned char *sha1)
270 {
271         char *hex = sha1_to_hex(sha1);
272         char term = '\n';
273         if (write(fd, hex, 40) < 40 ||
274             write(fd, &term, 1) < 1) {
275                 error("Couldn't write %s\n", filename);
276                 close(fd);
277                 return -1;
278         }
279         close(fd);
280         rename(lock_filename, filename);
281         return 0;
282 }
283
284 int write_ref_sha1(const char *ref, int fd, const unsigned char *sha1)
285 {
286         char *filename;
287         char *lock_filename;
288         int retval;
289         if (fd < 0)
290                 return -1;
291         if (check_ref_format(ref))
292                 return -1;
293         filename = ref_file_name(ref);
294         lock_filename = ref_lock_file_name(ref);
295         retval = write_ref_file(filename, lock_filename, fd, sha1);
296         free(filename);
297         free(lock_filename);
298         return retval;
299 }
300
301 /*
302  * Make sure "ref" is something reasonable to have under ".git/refs/";
303  * We do not like it if:
304  *
305  * - any path component of it begins with ".", or
306  * - it has double dots "..", or
307  * - it has ASCII control character, "~", "^", ":" or SP, anywhere, or
308  * - it ends with a "/".
309  */
310
311 static inline int bad_ref_char(int ch)
312 {
313         return (((unsigned) ch) <= ' ' ||
314                 ch == '~' || ch == '^' || ch == ':');
315 }
316
317 int check_ref_format(const char *ref)
318 {
319         int ch, level;
320         const char *cp = ref;
321
322         level = 0;
323         while (1) {
324                 while ((ch = *cp++) == '/')
325                         ; /* tolerate duplicated slashes */
326                 if (!ch)
327                         return -1; /* should not end with slashes */
328
329                 /* we are at the beginning of the path component */
330                 if (ch == '.' || bad_ref_char(ch))
331                         return -1;
332
333                 /* scan the rest of the path component */
334                 while ((ch = *cp++) != 0) {
335                         if (bad_ref_char(ch))
336                                 return -1;
337                         if (ch == '/')
338                                 break;
339                         if (ch == '.' && *cp == '.')
340                                 return -1;
341                 }
342                 level++;
343                 if (!ch) {
344                         if (level < 2)
345                                 return -1; /* at least of form "heads/blah" */
346                         return 0;
347                 }
348         }
349 }
350
351 int write_ref_sha1_unlocked(const char *ref, const unsigned char *sha1)
352 {
353         char *filename;
354         char *lock_filename;
355         int fd;
356         int retval;
357         if (check_ref_format(ref))
358                 return -1;
359         filename = ref_file_name(ref);
360         lock_filename = ref_lock_file_name(ref);
361         fd = open(lock_filename, O_WRONLY | O_CREAT | O_EXCL, 0666);
362         if (fd < 0) {
363                 error("Writing %s", lock_filename);
364                 perror("Open");
365         }
366         retval = write_ref_file(filename, lock_filename, fd, sha1);
367         free(filename);
368         free(lock_filename);
369         return retval;
370 }