git wrapper: more careful argument stuffing

- Use stderr for error output - Build git_command more careful - ENOENT is good enough for check of failed exec to show usage, no access() check needed [jc: Originally from Alex Riesen with inputs from Sven Verdoolaege mixed in.] Signed-off-by: Junio C Hamano <junkio@cox.net>
git-mirror · Dec 2, 2005 · 10b15b8 · 10b15b8
1 parent ce3ca27
commit 10b15b8
Showing 1 changed file with 12 additions and 7 deletions.
diff --git a/git.c b/git.c
@@ -283,16 +283,21 @@ int main(int argc, char **argv, char **envp)
 	len = strlen(git_command);
 	prepend_to_path(git_command, len);
 
-	strncat(&git_command[len], "/git-", sizeof(git_command) - len);
-	len += 5;
-	strncat(&git_command[len], argv[i], sizeof(git_command) - len);
-
-	if (access(git_command, X_OK))
-		usage(exec_path, "'%s' is not a git-command", argv[i]);
+	len += snprintf(git_command + len, sizeof(git_command) - len,
+			"/git-%s", argv[i]);
+	if (sizeof(git_command) <= len) {
+		fprintf(stderr, "git: command name given is too long (%d)\n", len);
+		exit(1);
+	}
 
 	/* execve() can only ever return if it fails */
 	execve(git_command, &argv[i], envp);
-	printf("Failed to run command '%s': %s\n", git_command, strerror(errno));
+
+	if (errno == ENOENT)
+		usage(exec_path, "'%s' is not a git-command", argv[i]);
+
+	fprintf(stderr, "Failed to run command '%s': %s\n",
+		git_command, strerror(errno));
 
 	return 1;
 }