Merge branch 'nd/index-pack-l10n-buf-overflow' into maint-1.8.1
[git/jnareb-git.git] / pack-write.c
blobca9e63be18f9333bf0f603ddb9ddd923588be0aa
1 #include "cache.h"
2 #include "pack.h"
3 #include "csum-file.h"
5 void reset_pack_idx_option(struct pack_idx_option *opts)
7 memset(opts, 0, sizeof(*opts));
8 opts->version = 2;
9 opts->off32_limit = 0x7fffffff;
12 static int sha1_compare(const void *_a, const void *_b)
14 struct pack_idx_entry *a = *(struct pack_idx_entry **)_a;
15 struct pack_idx_entry *b = *(struct pack_idx_entry **)_b;
16 return hashcmp(a->sha1, b->sha1);
19 static int cmp_uint32(const void *a_, const void *b_)
21 uint32_t a = *((uint32_t *)a_);
22 uint32_t b = *((uint32_t *)b_);
24 return (a < b) ? -1 : (a != b);
27 static int need_large_offset(off_t offset, const struct pack_idx_option *opts)
29 uint32_t ofsval;
31 if ((offset >> 31) || (opts->off32_limit < offset))
32 return 1;
33 if (!opts->anomaly_nr)
34 return 0;
35 ofsval = offset;
36 return !!bsearch(&ofsval, opts->anomaly, opts->anomaly_nr,
37 sizeof(ofsval), cmp_uint32);
41 * On entry *sha1 contains the pack content SHA1 hash, on exit it is
42 * the SHA1 hash of sorted object names. The objects array passed in
43 * will be sorted by SHA1 on exit.
45 const char *write_idx_file(const char *index_name, struct pack_idx_entry **objects,
46 int nr_objects, const struct pack_idx_option *opts,
47 unsigned char *sha1)
49 struct sha1file *f;
50 struct pack_idx_entry **sorted_by_sha, **list, **last;
51 off_t last_obj_offset = 0;
52 uint32_t array[256];
53 int i, fd;
54 git_SHA_CTX ctx;
55 uint32_t index_version;
57 if (nr_objects) {
58 sorted_by_sha = objects;
59 list = sorted_by_sha;
60 last = sorted_by_sha + nr_objects;
61 for (i = 0; i < nr_objects; ++i) {
62 if (objects[i]->offset > last_obj_offset)
63 last_obj_offset = objects[i]->offset;
65 qsort(sorted_by_sha, nr_objects, sizeof(sorted_by_sha[0]),
66 sha1_compare);
68 else
69 sorted_by_sha = list = last = NULL;
71 if (opts->flags & WRITE_IDX_VERIFY) {
72 assert(index_name);
73 f = sha1fd_check(index_name);
74 } else {
75 if (!index_name) {
76 static char tmp_file[PATH_MAX];
77 fd = odb_mkstemp(tmp_file, sizeof(tmp_file), "pack/tmp_idx_XXXXXX");
78 index_name = xstrdup(tmp_file);
79 } else {
80 unlink(index_name);
81 fd = open(index_name, O_CREAT|O_EXCL|O_WRONLY, 0600);
83 if (fd < 0)
84 die_errno("unable to create '%s'", index_name);
85 f = sha1fd(fd, index_name);
88 /* if last object's offset is >= 2^31 we should use index V2 */
89 index_version = need_large_offset(last_obj_offset, opts) ? 2 : opts->version;
91 /* index versions 2 and above need a header */
92 if (index_version >= 2) {
93 struct pack_idx_header hdr;
94 hdr.idx_signature = htonl(PACK_IDX_SIGNATURE);
95 hdr.idx_version = htonl(index_version);
96 sha1write(f, &hdr, sizeof(hdr));
100 * Write the first-level table (the list is sorted,
101 * but we use a 256-entry lookup to be able to avoid
102 * having to do eight extra binary search iterations).
104 for (i = 0; i < 256; i++) {
105 struct pack_idx_entry **next = list;
106 while (next < last) {
107 struct pack_idx_entry *obj = *next;
108 if (obj->sha1[0] != i)
109 break;
110 next++;
112 array[i] = htonl(next - sorted_by_sha);
113 list = next;
115 sha1write(f, array, 256 * 4);
117 /* compute the SHA1 hash of sorted object names. */
118 git_SHA1_Init(&ctx);
121 * Write the actual SHA1 entries..
123 list = sorted_by_sha;
124 for (i = 0; i < nr_objects; i++) {
125 struct pack_idx_entry *obj = *list++;
126 if (index_version < 2) {
127 uint32_t offset = htonl(obj->offset);
128 sha1write(f, &offset, 4);
130 sha1write(f, obj->sha1, 20);
131 git_SHA1_Update(&ctx, obj->sha1, 20);
132 if ((opts->flags & WRITE_IDX_STRICT) &&
133 (i && !hashcmp(list[-2]->sha1, obj->sha1)))
134 die("The same object %s appears twice in the pack",
135 sha1_to_hex(obj->sha1));
138 if (index_version >= 2) {
139 unsigned int nr_large_offset = 0;
141 /* write the crc32 table */
142 list = sorted_by_sha;
143 for (i = 0; i < nr_objects; i++) {
144 struct pack_idx_entry *obj = *list++;
145 uint32_t crc32_val = htonl(obj->crc32);
146 sha1write(f, &crc32_val, 4);
149 /* write the 32-bit offset table */
150 list = sorted_by_sha;
151 for (i = 0; i < nr_objects; i++) {
152 struct pack_idx_entry *obj = *list++;
153 uint32_t offset;
155 offset = (need_large_offset(obj->offset, opts)
156 ? (0x80000000 | nr_large_offset++)
157 : obj->offset);
158 offset = htonl(offset);
159 sha1write(f, &offset, 4);
162 /* write the large offset table */
163 list = sorted_by_sha;
164 while (nr_large_offset) {
165 struct pack_idx_entry *obj = *list++;
166 uint64_t offset = obj->offset;
167 uint32_t split[2];
169 if (!need_large_offset(offset, opts))
170 continue;
171 split[0] = htonl(offset >> 32);
172 split[1] = htonl(offset & 0xffffffff);
173 sha1write(f, split, 8);
174 nr_large_offset--;
178 sha1write(f, sha1, 20);
179 sha1close(f, NULL, ((opts->flags & WRITE_IDX_VERIFY)
180 ? CSUM_CLOSE : CSUM_FSYNC));
181 git_SHA1_Final(sha1, &ctx);
182 return index_name;
185 off_t write_pack_header(struct sha1file *f, uint32_t nr_entries)
187 struct pack_header hdr;
189 hdr.hdr_signature = htonl(PACK_SIGNATURE);
190 hdr.hdr_version = htonl(PACK_VERSION);
191 hdr.hdr_entries = htonl(nr_entries);
192 if (sha1write(f, &hdr, sizeof(hdr)))
193 return 0;
194 return sizeof(hdr);
198 * Update pack header with object_count and compute new SHA1 for pack data
199 * associated to pack_fd, and write that SHA1 at the end. That new SHA1
200 * is also returned in new_pack_sha1.
202 * If partial_pack_sha1 is non null, then the SHA1 of the existing pack
203 * (without the header update) is computed and validated against the
204 * one provided in partial_pack_sha1. The validation is performed at
205 * partial_pack_offset bytes in the pack file. The SHA1 of the remaining
206 * data (i.e. from partial_pack_offset to the end) is then computed and
207 * returned in partial_pack_sha1.
209 * Note that new_pack_sha1 is updated last, so both new_pack_sha1 and
210 * partial_pack_sha1 can refer to the same buffer if the caller is not
211 * interested in the resulting SHA1 of pack data above partial_pack_offset.
213 void fixup_pack_header_footer(int pack_fd,
214 unsigned char *new_pack_sha1,
215 const char *pack_name,
216 uint32_t object_count,
217 unsigned char *partial_pack_sha1,
218 off_t partial_pack_offset)
220 int aligned_sz, buf_sz = 8 * 1024;
221 git_SHA_CTX old_sha1_ctx, new_sha1_ctx;
222 struct pack_header hdr;
223 char *buf;
225 git_SHA1_Init(&old_sha1_ctx);
226 git_SHA1_Init(&new_sha1_ctx);
228 if (lseek(pack_fd, 0, SEEK_SET) != 0)
229 die_errno("Failed seeking to start of '%s'", pack_name);
230 if (read_in_full(pack_fd, &hdr, sizeof(hdr)) != sizeof(hdr))
231 die_errno("Unable to reread header of '%s'", pack_name);
232 if (lseek(pack_fd, 0, SEEK_SET) != 0)
233 die_errno("Failed seeking to start of '%s'", pack_name);
234 git_SHA1_Update(&old_sha1_ctx, &hdr, sizeof(hdr));
235 hdr.hdr_entries = htonl(object_count);
236 git_SHA1_Update(&new_sha1_ctx, &hdr, sizeof(hdr));
237 write_or_die(pack_fd, &hdr, sizeof(hdr));
238 partial_pack_offset -= sizeof(hdr);
240 buf = xmalloc(buf_sz);
241 aligned_sz = buf_sz - sizeof(hdr);
242 for (;;) {
243 ssize_t m, n;
244 m = (partial_pack_sha1 && partial_pack_offset < aligned_sz) ?
245 partial_pack_offset : aligned_sz;
246 n = xread(pack_fd, buf, m);
247 if (!n)
248 break;
249 if (n < 0)
250 die_errno("Failed to checksum '%s'", pack_name);
251 git_SHA1_Update(&new_sha1_ctx, buf, n);
253 aligned_sz -= n;
254 if (!aligned_sz)
255 aligned_sz = buf_sz;
257 if (!partial_pack_sha1)
258 continue;
260 git_SHA1_Update(&old_sha1_ctx, buf, n);
261 partial_pack_offset -= n;
262 if (partial_pack_offset == 0) {
263 unsigned char sha1[20];
264 git_SHA1_Final(sha1, &old_sha1_ctx);
265 if (hashcmp(sha1, partial_pack_sha1) != 0)
266 die("Unexpected checksum for %s "
267 "(disk corruption?)", pack_name);
269 * Now let's compute the SHA1 of the remainder of the
270 * pack, which also means making partial_pack_offset
271 * big enough not to matter anymore.
273 git_SHA1_Init(&old_sha1_ctx);
274 partial_pack_offset = ~partial_pack_offset;
275 partial_pack_offset -= MSB(partial_pack_offset, 1);
278 free(buf);
280 if (partial_pack_sha1)
281 git_SHA1_Final(partial_pack_sha1, &old_sha1_ctx);
282 git_SHA1_Final(new_pack_sha1, &new_sha1_ctx);
283 write_or_die(pack_fd, new_pack_sha1, 20);
284 fsync_or_die(pack_fd, pack_name);
287 char *index_pack_lockfile(int ip_out)
289 char packname[46];
292 * The first thing we expect from index-pack's output
293 * is "pack\t%40s\n" or "keep\t%40s\n" (46 bytes) where
294 * %40s is the newly created pack SHA1 name. In the "keep"
295 * case, we need it to remove the corresponding .keep file
296 * later on. If we don't get that then tough luck with it.
298 if (read_in_full(ip_out, packname, 46) == 46 && packname[45] == '\n' &&
299 memcmp(packname, "keep\t", 5) == 0) {
300 char path[PATH_MAX];
301 packname[45] = 0;
302 snprintf(path, sizeof(path), "%s/pack/pack-%s.keep",
303 get_object_directory(), packname + 5);
304 return xstrdup(path);
306 return NULL;
310 * The per-object header is a pretty dense thing, which is
311 * - first byte: low four bits are "size", then three bits of "type",
312 * and the high bit is "size continues".
313 * - each byte afterwards: low seven bits are size continuation,
314 * with the high bit being "size continues"
316 int encode_in_pack_object_header(enum object_type type, uintmax_t size, unsigned char *hdr)
318 int n = 1;
319 unsigned char c;
321 if (type < OBJ_COMMIT || type > OBJ_REF_DELTA)
322 die("bad type %d", type);
324 c = (type << 4) | (size & 15);
325 size >>= 4;
326 while (size) {
327 *hdr++ = c | 0x80;
328 c = size & 0x7f;
329 size >>= 7;
330 n++;
332 *hdr = c;
333 return n;
336 struct sha1file *create_tmp_packfile(char **pack_tmp_name)
338 char tmpname[PATH_MAX];
339 int fd;
341 fd = odb_mkstemp(tmpname, sizeof(tmpname), "pack/tmp_pack_XXXXXX");
342 *pack_tmp_name = xstrdup(tmpname);
343 return sha1fd(fd, *pack_tmp_name);
346 void finish_tmp_packfile(char *name_buffer,
347 const char *pack_tmp_name,
348 struct pack_idx_entry **written_list,
349 uint32_t nr_written,
350 struct pack_idx_option *pack_idx_opts,
351 unsigned char sha1[])
353 const char *idx_tmp_name;
354 char *end_of_name_prefix = strrchr(name_buffer, 0);
356 if (adjust_shared_perm(pack_tmp_name))
357 die_errno("unable to make temporary pack file readable");
359 idx_tmp_name = write_idx_file(NULL, written_list, nr_written,
360 pack_idx_opts, sha1);
361 if (adjust_shared_perm(idx_tmp_name))
362 die_errno("unable to make temporary index file readable");
364 sprintf(end_of_name_prefix, "%s.pack", sha1_to_hex(sha1));
365 free_pack_by_name(name_buffer);
367 if (rename(pack_tmp_name, name_buffer))
368 die_errno("unable to rename temporary pack file");
370 sprintf(end_of_name_prefix, "%s.idx", sha1_to_hex(sha1));
371 if (rename(idx_tmp_name, name_buffer))
372 die_errno("unable to rename temporary index file");
374 free((void *)idx_tmp_name);