FS.runInShell(): handle quoted filters and hooksPath containing blanks

Revert commit 2323d7a. Using $0 in the shell command call results in
the command string being taken literally. That was introduced to fix
a problem with backslashes, but is actually not correct.

First, the problem with backslashes occurred only on Win32/Cygwin,
and has been properly fixed in commit 6f268f8.

Second, this is used only for hooks (which don't have backslashes in
their names) and filter commands from the git config, where the user
is responsible for properly quoting or escaping such that the commands
work.

Third, using $0 actually breaks correctly quoted filter commands
like in the bug report. The shell really takes the command literally,
and then doesn't find the command because of quotes.

So revert this change.

At the same time there's a related problem with hooks. If the path to
the hook contains blanks, runInShell() would also fail to find the
hook. In this case, the command doesn't come from user input but is
just a Java File object with an absolute path containing blanks. (Can
occur if core.hooksPath points to such a path with blanks, or if the
repository has such a path.)

The path to the hook as obtained from the file system must be quoted.

Add a test for a hook path with a blank.

This reverts commit 2323d7a1ef909f9deb3f21329cf30bd1173ee9cf.

Bug: 561666
Change-Id: I4d7df13e6c9b245fe1706e191e4316685a8a9d59
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>

4 files changed, 61 insertions, 4 deletions

diff --git a/org.eclipse.jgit.test/tst/org/eclipse/jgit/util/HookTest.java b/org.eclipse.jgit.test/tst/org/eclipse/jgit/util/HookTest.java
index 70a2dbbfe8..26653dbcc8 100644
--- a/org.eclipse.jgit.test/tst/org/eclipse/jgit/util/HookTest.java
+++ b/org.eclipse.jgit.test/tst/org/eclipse/jgit/util/HookTest.java
@@ -292,6 +292,38 @@ public class HookTest extends RepositoryTestCase {
 	}
 
 	@Test
+	public void testHookPathWithBlank() throws Exception {
+		assumeSupportedPlatform();
+
+		File file = writeHookFile("../../a directory/" + PreCommitHook.NAME,
+				"#!/bin/sh\necho \"test $1 $2\"\nread INPUT\necho $INPUT\n"
+						+ "echo $GIT_DIR\necho $GIT_WORK_TREE\necho 1>&2 \"stderr\"");
+		StoredConfig cfg = db.getConfig();
+		cfg.load();
+		cfg.setString(ConfigConstants.CONFIG_CORE_SECTION, null,
+				ConfigConstants.CONFIG_KEY_HOOKS_PATH,
+				file.getParentFile().getAbsolutePath());
+		cfg.save();
+		try (ByteArrayOutputStream out = new ByteArrayOutputStream();
+				ByteArrayOutputStream err = new ByteArrayOutputStream()) {
+			ProcessResult res = FS.DETECTED.runHookIfPresent(db,
+					PreCommitHook.NAME, new String[] { "arg1", "arg2" },
+					new PrintStream(out), new PrintStream(err), "stdin");
+
+			assertEquals("unexpected hook output",
+					"test arg1 arg2\nstdin\n"
+							+ db.getDirectory().getAbsolutePath() + '\n'
+							+ db.getWorkTree().getAbsolutePath() + '\n',
+					out.toString("UTF-8"));
+			assertEquals("unexpected output on stderr stream", "stderr\n",
+					err.toString("UTF-8"));
+			assertEquals("unexpected exit code", 0, res.getExitCode());
+			assertEquals("unexpected process status", ProcessResult.Status.OK,
+					res.getStatus());
+		}
+	}
+
+	@Test
 	public void testFailedPreCommitHookBlockCommit() throws Exception {
 		assumeSupportedPlatform();
 
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/util/FS.java b/org.eclipse.jgit/src/org/eclipse/jgit/util/FS.java
index 2446de4c1e..41bfde9914 100644
--- a/org.eclipse.jgit/src/org/eclipse/jgit/util/FS.java
+++ b/org.eclipse.jgit/src/org/eclipse/jgit/util/FS.java
@@ -1747,7 +1747,7 @@ public abstract class FS {
 			return new ProcessResult(Status.NOT_PRESENT);
 		}
 		String cmd = hookFile.getAbsolutePath();
-		ProcessBuilder hookProcess = runInShell(cmd, args);
+		ProcessBuilder hookProcess = runInShell(shellQuote(cmd), args);
 		hookProcess.directory(runDirectory.getAbsoluteFile());
 		Map<String, String> environment = hookProcess.environment();
 		environment.put(Constants.GIT_DIR_KEY,
@@ -1770,6 +1770,21 @@ public abstract class FS {
 		}
 	}
 
+	/**
+	 * Quote a string (such as a file system path obtained from a Java
+	 * {@link File} or {@link Path} object) such that it can be passed as first
+	 * argument to {@link #runInShell(String, String[])}.
+	 * <p>
+	 * This default implementation returns the string unchanged.
+	 * </p>
+	 *
+	 * @param cmd
+	 *            the String to quote
+	 * @return the quoted string
+	 */
+	String shellQuote(String cmd) {
+		return cmd;
+	}
 
 	/**
 	 * Tries to find a hook matching the given one in the given repository.
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_POSIX.java b/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_POSIX.java
index 79c095fc10..9c8dab68cd 100644
--- a/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_POSIX.java
+++ b/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_POSIX.java
@@ -261,7 +261,7 @@ public class FS_POSIX extends FS {
 		List<String> argv = new ArrayList<>(4 + args.length);
 		argv.add("sh"); //$NON-NLS-1$
 		argv.add("-c"); //$NON-NLS-1$
-		argv.add("$0 \"$@\""); //$NON-NLS-1$
+		argv.add(cmd + " \"$@\""); //$NON-NLS-1$
 		argv.add(cmd);
 		argv.addAll(Arrays.asList(args));
 		ProcessBuilder proc = new ProcessBuilder();
@@ -269,6 +269,11 @@ public class FS_POSIX extends FS {
 		return proc;
 	}
 
+	@Override
+	String shellQuote(String cmd) {
+		return QuotedString.BOURNE.quote(cmd);
+	}
+
 	/** {@inheritDoc} */
 	@Override
 	public ProcessResult runHookIfPresent(Repository repository, String hookName,
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_Win32_Cygwin.java b/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_Win32_Cygwin.java
index 41c239f1ac..ac788a6684 100644
--- a/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_Win32_Cygwin.java
+++ b/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_Win32_Cygwin.java
@@ -149,14 +149,19 @@ public class FS_Win32_Cygwin extends FS_Win32 {
 		List<String> argv = new ArrayList<>(4 + args.length);
 		argv.add("sh.exe"); //$NON-NLS-1$
 		argv.add("-c"); //$NON-NLS-1$
-		argv.add("$0 \"$@\""); //$NON-NLS-1$
-		argv.add(cmd.replace(File.separatorChar, '/'));
+		argv.add(cmd + " \"$@\""); //$NON-NLS-1$
+		argv.add(cmd);
 		argv.addAll(Arrays.asList(args));
 		ProcessBuilder proc = new ProcessBuilder();
 		proc.command(argv);
 		return proc;
 	}
 
+	@Override
+	String shellQuote(String cmd) {
+		return QuotedString.BOURNE.quote(cmd.replace(File.separatorChar, '/'));
+	}
+
 	/** {@inheritDoc} */
 	@Override
 	public String relativize(String base, String other) {