2 * I'm tired of doing "vsnprintf()" etc just to open a
3 * file, so here's a "return static buffer with printf"
6 * It's obviously not thread-safe. Sue me. But it's quite
7 * useful for doing things like
9 * f = open(mkpath("%s/%s.git", base, name), O_RDONLY);
11 * which is what it's designed for.
16 static char bad_path[] = "/bad-path/";
18 static char *get_pathname(void)
20 static char pathname_array[4][PATH_MAX];
22 return pathname_array[3 & ++index];
25 static char *cleanup_path(char *path)
28 if (!memcmp(path, "./", 2)) {
36 char *mksnpath(char *buf, size_t n, const char *fmt, ...)
42 len = vsnprintf(buf, n, fmt, args);
45 strlcpy(buf, bad_path, n);
48 return cleanup_path(buf);
51 static char *git_vsnpath(char *buf, size_t n, const char *fmt, va_list args)
53 const char *git_dir = get_git_dir();
56 len = strlen(git_dir);
59 memcpy(buf, git_dir, len);
60 if (len && !is_dir_sep(git_dir[len-1]))
62 len += vsnprintf(buf + len, n - len, fmt, args);
65 return cleanup_path(buf);
67 strlcpy(buf, bad_path, n);
71 char *git_snpath(char *buf, size_t n, const char *fmt, ...)
75 (void)git_vsnpath(buf, n, fmt, args);
80 char *git_pathdup(const char *fmt, ...)
85 (void)git_vsnpath(path, sizeof(path), fmt, args);
90 char *mkpath(const char *fmt, ...)
94 char *pathname = get_pathname();
97 len = vsnprintf(pathname, PATH_MAX, fmt, args);
101 return cleanup_path(pathname);
104 char *git_path(const char *fmt, ...)
106 const char *git_dir = get_git_dir();
107 char *pathname = get_pathname();
111 len = strlen(git_dir);
112 if (len > PATH_MAX-100)
114 memcpy(pathname, git_dir, len);
115 if (len && git_dir[len-1] != '/')
116 pathname[len++] = '/';
118 len += vsnprintf(pathname + len, PATH_MAX - len, fmt, args);
122 return cleanup_path(pathname);
126 /* git_mkstemp() - create tmp file honoring TMPDIR variable */
127 int git_mkstemp(char *path, size_t len, const char *template)
132 tmp = getenv("TMPDIR");
135 n = snprintf(path, len, "%s/%s", tmp, template);
137 errno = ENAMETOOLONG;
140 return mkstemp(path);
143 /* git_mkstemps() - create tmp file with suffix honoring TMPDIR variable. */
144 int git_mkstemps(char *path, size_t len, const char *template, int suffix_len)
149 tmp = getenv("TMPDIR");
152 n = snprintf(path, len, "%s/%s", tmp, template);
154 errno = ENAMETOOLONG;
157 return mkstemps(path, suffix_len);
160 int validate_headref(const char *path)
163 char *buf, buffer[256];
164 unsigned char sha1[20];
168 if (lstat(path, &st) < 0)
171 /* Make sure it is a "refs/.." symlink */
172 if (S_ISLNK(st.st_mode)) {
173 len = readlink(path, buffer, sizeof(buffer)-1);
174 if (len >= 5 && !memcmp("refs/", buffer, 5))
180 * Anything else, just open it and try to see if it is a symbolic ref.
182 fd = open(path, O_RDONLY);
185 len = read_in_full(fd, buffer, sizeof(buffer)-1);
189 * Is it a symbolic ref?
193 if (!memcmp("ref:", buffer, 4)) {
196 while (len && isspace(*buf))
198 if (len >= 5 && !memcmp("refs/", buf, 5))
203 * Is this a detached HEAD?
205 if (!get_sha1_hex(buffer, sha1))
211 static struct passwd *getpw_str(const char *username, size_t len)
214 char *username_z = xmalloc(len + 1);
215 memcpy(username_z, username, len);
216 username_z[len] = '\0';
217 pw = getpwnam(username_z);
223 * Return a string with ~ and ~user expanded via getpw*. If buf != NULL,
224 * then it is a newly allocated string. Returns NULL on getpw failure or
227 char *expand_user_path(const char *path)
229 struct strbuf user_path = STRBUF_INIT;
230 const char *first_slash = strchrnul(path, '/');
231 const char *to_copy = path;
235 if (path[0] == '~') {
236 const char *username = path + 1;
237 size_t username_len = first_slash - username;
238 if (username_len == 0) {
239 const char *home = getenv("HOME");
240 strbuf_add(&user_path, home, strlen(home));
242 struct passwd *pw = getpw_str(username, username_len);
245 strbuf_add(&user_path, pw->pw_dir, strlen(pw->pw_dir));
247 to_copy = first_slash;
249 strbuf_add(&user_path, to_copy, strlen(to_copy));
250 return strbuf_detach(&user_path, NULL);
252 strbuf_release(&user_path);
257 * First, one directory to try is determined by the following algorithm.
259 * (0) If "strict" is given, the path is used as given and no DWIM is
261 * (1) "~/path" to mean path under the running user's home directory;
262 * (2) "~user/path" to mean path under named user's home directory;
263 * (3) "relative/path" to mean cwd relative directory; or
264 * (4) "/absolute/path" to mean absolute directory.
266 * Unless "strict" is given, we try access() for existence of "%s.git/.git",
267 * "%s/.git", "%s.git", "%s" in this order. The first one that exists is
270 * Second, we try chdir() to that. Upon failure, we return NULL.
272 * Then, we try if the current directory is a valid git repository.
273 * Upon failure, we return NULL.
275 * If all goes well, we return the directory we used to chdir() (but
276 * before ~user is expanded), avoiding getcwd() resolving symbolic
277 * links. User relative paths are also returned as they are given,
278 * except DWIM suffixing.
280 char *enter_repo(char *path, int strict)
282 static char used_path[PATH_MAX];
283 static char validated_path[PATH_MAX];
289 static const char *suffix[] = {
290 ".git/.git", "/.git", ".git", "", NULL,
292 int len = strlen(path);
294 while ((1 < len) && (path[len-1] == '/')) {
300 if (path[0] == '~') {
301 char *newpath = expand_user_path(path);
302 if (!newpath || (PATH_MAX - 10 < strlen(newpath))) {
307 * Copy back into the static buffer. A pity
308 * since newpath was not bounded, but other
309 * branches of the if are limited by PATH_MAX
312 strcpy(used_path, newpath); free(newpath);
313 strcpy(validated_path, path);
316 else if (PATH_MAX - 10 < len)
319 path = strcpy(used_path, path);
320 strcpy(validated_path, path);
323 for (i = 0; suffix[i]; i++) {
324 strcpy(path + len, suffix[i]);
325 if (!access(path, F_OK)) {
326 strcat(validated_path, suffix[i]);
330 if (!suffix[i] || chdir(path))
332 path = validated_path;
334 else if (chdir(path))
337 if (access("objects", X_OK) == 0 && access("refs", X_OK) == 0 &&
338 validate_headref("HEAD") == 0) {
339 setenv(GIT_DIR_ENVIRONMENT, ".", 1);
340 check_repository_format();
347 int set_shared_perm(const char *path, int mode)
350 int tweak, shared, orig_mode;
352 if (!shared_repository) {
354 return chmod(path, mode & ~S_IFMT);
358 if (lstat(path, &st) < 0)
364 if (shared_repository < 0)
365 shared = -shared_repository;
367 shared = shared_repository;
370 if (!(mode & S_IWUSR))
373 /* Copy read bits to execute bits */
374 tweak |= (tweak & 0444) >> 2;
375 if (shared_repository < 0)
376 mode = (mode & ~0777) | tweak;
381 /* Copy read bits to execute bits */
382 mode |= (shared & 0444) >> 2;
383 mode |= FORCE_DIR_SET_GID;
386 if (((shared_repository < 0
387 ? (orig_mode & (FORCE_DIR_SET_GID | 0777))
388 : (orig_mode & mode)) != mode) &&
389 chmod(path, (mode & ~S_IFMT)) < 0)
394 const char *make_relative_path(const char *abs, const char *base)
396 static char buf[PATH_MAX + 1];
400 baselen = strlen(base);
401 if (prefixcmp(abs, base))
403 if (abs[baselen] == '/')
405 else if (base[baselen - 1] != '/')
407 strcpy(buf, abs + baselen);
412 * It is okay if dst == src, but they should not overlap otherwise.
414 * Performs the following normalizations on src, storing the result in dst:
415 * - Ensures that components are separated by '/' (Windows only)
416 * - Squashes sequences of '/'.
417 * - Removes "." components.
418 * - Removes ".." components, and the components the precede them.
419 * Returns failure (non-zero) if a ".." component appears as first path
420 * component anytime during the normalization. Otherwise, returns success (0).
422 * Note that this function is purely textual. It does not follow symlinks,
423 * verify the existence of the path, or make any system calls.
425 int normalize_path_copy(char *dst, const char *src)
429 if (has_dos_drive_prefix(src)) {
435 if (is_dir_sep(*src)) {
437 while (is_dir_sep(*src))
445 * A path component that begins with . could be
447 * (1) "." and ends -- ignore and terminate.
448 * (2) "./" -- ignore them, eat slash and continue.
449 * (3) ".." and ends -- strip one and terminate.
450 * (4) "../" -- strip one, eat slash and continue.
456 } else if (is_dir_sep(src[1])) {
459 while (is_dir_sep(*src))
462 } else if (src[1] == '.') {
467 } else if (is_dir_sep(src[2])) {
470 while (is_dir_sep(*src))
477 /* copy up to the next '/', and eat all '/' */
478 while ((c = *src++) != '\0' && !is_dir_sep(c))
482 while (is_dir_sep(c))
491 * dst0..dst is prefix portion, and dst[-1] is '/';
494 dst--; /* go to trailing '/' */
497 /* Windows: dst[-1] cannot be backslash anymore */
498 while (dst0 < dst && dst[-1] != '/')
506 * path = Canonical absolute path
507 * prefix_list = Colon-separated list of absolute paths
509 * Determines, for each path in prefix_list, whether the "prefix" really
510 * is an ancestor directory of path. Returns the length of the longest
511 * ancestor directory, excluding any trailing slashes, or -1 if no prefix
512 * is an ancestor. (Note that this means 0 is returned if prefix_list is
513 * "/".) "/foo" is not considered an ancestor of "/foobar". Directories
514 * are not considered to be their own ancestors. path must be in a
515 * canonical form: empty components, or "." or ".." components are not
516 * allowed. prefix_list may be null, which is like "".
518 int longest_ancestor_length(const char *path, const char *prefix_list)
520 char buf[PATH_MAX+1];
521 const char *ceil, *colon;
522 int len, max_len = -1;
524 if (prefix_list == NULL || !strcmp(path, "/"))
527 for (colon = ceil = prefix_list; *colon; ceil = colon+1) {
528 for (colon = ceil; *colon && *colon != PATH_SEP; colon++);
530 if (len == 0 || len > PATH_MAX || !is_absolute_path(ceil))
532 strlcpy(buf, ceil, len+1);
533 if (normalize_path_copy(buf, buf) < 0)
536 if (len > 0 && buf[len-1] == '/')
539 if (!strncmp(path, buf, len) &&
549 /* strip arbitrary amount of directory separators at end of path */
550 static inline int chomp_trailing_dir_sep(const char *path, int len)
552 while (len && is_dir_sep(path[len - 1]))
558 * If path ends with suffix (complete path components), returns the
559 * part before suffix (sans trailing directory separators).
560 * Otherwise returns NULL.
562 char *strip_path_suffix(const char *path, const char *suffix)
564 int path_len = strlen(path), suffix_len = strlen(suffix);
570 if (is_dir_sep(path[path_len - 1])) {
571 if (!is_dir_sep(suffix[suffix_len - 1]))
573 path_len = chomp_trailing_dir_sep(path, path_len);
574 suffix_len = chomp_trailing_dir_sep(suffix, suffix_len);
576 else if (path[--path_len] != suffix[--suffix_len])
580 if (path_len && !is_dir_sep(path[path_len - 1]))
582 return xstrndup(path, chomp_trailing_dir_sep(path, path_len));
585 int daemon_avoid_alias(const char *p)
590 * This resurrects the belts and suspenders paranoia check by HPA
591 * done in <435560F7.4080006@zytor.com> thread, now enter_repo()
592 * does not do getcwd() based path canonicalizations.
594 * sl becomes true immediately after seeing '/' and continues to
595 * be true as long as dots continue after that without intervening
598 if (!p || (*p != '/' && *p != '~'))
608 else if (ch == '/') {
610 /* reject //, /./ and /../ */
615 if (0 < ndot && ndot < 3)
616 /* reject /.$ and /..$ */
625 else if (ch == '/') {