[thirdparty/git.git] / wrapper.c

/*
 * Various trivial helper wrappers around standard functions
 */
#include "cache.h"
#include "config.h"

static int memory_limit_check(size_t size, int gentle)
{
	static size_t limit = 0;
	if (!limit) {
		limit = git_env_ulong("GIT_ALLOC_LIMIT", 0);
		if (!limit)
			limit = SIZE_MAX;
	}
	if (size > limit) {
		if (gentle) {
			error("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX,
			      (uintmax_t)size, (uintmax_t)limit);
			return -1;
		} else
			die("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX,
			    (uintmax_t)size, (uintmax_t)limit);
	}
	return 0;
}

char *xstrdup(const char *str)
{
	char *ret = strdup(str);
	if (!ret)
		die("Out of memory, strdup failed");
	return ret;
}

static void *do_xmalloc(size_t size, int gentle)
{
	void *ret;

	if (memory_limit_check(size, gentle))
		return NULL;
	ret = malloc(size);
	if (!ret && !size)
		ret = malloc(1);
	if (!ret) {
		if (!gentle)
			die("Out of memory, malloc failed (tried to allocate %lu bytes)",
			    (unsigned long)size);
		else {
			error("Out of memory, malloc failed (tried to allocate %lu bytes)",
			      (unsigned long)size);
			return NULL;
		}
	}
#ifdef XMALLOC_POISON
	memset(ret, 0xA5, size);
#endif
	return ret;
}

void *xmalloc(size_t size)
{
	return do_xmalloc(size, 0);
}

static void *do_xmallocz(size_t size, int gentle)
{
	void *ret;
	if (unsigned_add_overflows(size, 1)) {
		if (gentle) {
			error("Data too large to fit into virtual memory space.");
			return NULL;
		} else
			die("Data too large to fit into virtual memory space.");
	}
	ret = do_xmalloc(size + 1, gentle);
	if (ret)
		((char*)ret)[size] = 0;
	return ret;
}

void *xmallocz(size_t size)
{
	return do_xmallocz(size, 0);
}

void *xmallocz_gently(size_t size)
{
	return do_xmallocz(size, 1);
}

/*
 * xmemdupz() allocates (len + 1) bytes of memory, duplicates "len" bytes of
 * "data" to the allocated memory, zero terminates the allocated memory,
 * and returns a pointer to the allocated memory. If the allocation fails,
 * the program dies.
 */
void *xmemdupz(const void *data, size_t len)
{
	return memcpy(xmallocz(len), data, len);
}

char *xstrndup(const char *str, size_t len)
{
	char *p = memchr(str, '\0', len);
	return xmemdupz(str, p ? p - str : len);
}

int xstrncmpz(const char *s, const char *t, size_t len)
{
	int res = strncmp(s, t, len);
	if (res)
		return res;
	return s[len] == '\0' ? 0 : 1;
}

void *xrealloc(void *ptr, size_t size)
{
	void *ret;

	if (!size) {
		free(ptr);
		return xmalloc(0);
	}

	memory_limit_check(size, 0);
	ret = realloc(ptr, size);
	if (!ret)
		die("Out of memory, realloc failed");
	return ret;
}

void *xcalloc(size_t nmemb, size_t size)
{
	void *ret;

	if (unsigned_mult_overflows(nmemb, size))
		die("data too large to fit into virtual memory space");

	memory_limit_check(size * nmemb, 0);
	ret = calloc(nmemb, size);
	if (!ret && (!nmemb || !size))
		ret = calloc(1, 1);
	if (!ret)
		die("Out of memory, calloc failed");
	return ret;
}

void xsetenv(const char *name, const char *value, int overwrite)
{
	if (setenv(name, value, overwrite))
		die_errno(_("could not setenv '%s'"), name ? name : "(null)");
}

void xunsetenv(const char *name)
{
	if (!unsetenv(name))
		die_errno(_("could not unsetenv '%s'"), name ? name : "(null)");
}

/*
 * Limit size of IO chunks, because huge chunks only cause pain.  OS X
 * 64-bit is buggy, returning EINVAL if len >= INT_MAX; and even in
 * the absence of bugs, large chunks can result in bad latencies when
 * you decide to kill the process.
 *
 * We pick 8 MiB as our default, but if the platform defines SSIZE_MAX
 * that is smaller than that, clip it to SSIZE_MAX, as a call to
 * read(2) or write(2) larger than that is allowed to fail.  As the last
 * resort, we allow a port to pass via CFLAGS e.g. "-DMAX_IO_SIZE=value"
 * to override this, if the definition of SSIZE_MAX given by the platform
 * is broken.
 */
#ifndef MAX_IO_SIZE
# define MAX_IO_SIZE_DEFAULT (8*1024*1024)
# if defined(SSIZE_MAX) && (SSIZE_MAX < MAX_IO_SIZE_DEFAULT)
#  define MAX_IO_SIZE SSIZE_MAX
# else
#  define MAX_IO_SIZE MAX_IO_SIZE_DEFAULT
# endif
#endif

/**
 * xopen() is the same as open(), but it die()s if the open() fails.
 */
int xopen(const char *path, int oflag, ...)
{
	mode_t mode = 0;
	va_list ap;

	/*
	 * va_arg() will have undefined behavior if the specified type is not
	 * compatible with the argument type. Since integers are promoted to
	 * ints, we fetch the next argument as an int, and then cast it to a
	 * mode_t to avoid undefined behavior.
	 */
	va_start(ap, oflag);
	if (oflag & O_CREAT)
		mode = va_arg(ap, int);
	va_end(ap);

	for (;;) {
		int fd = open(path, oflag, mode);
		if (fd >= 0)
			return fd;
		if (errno == EINTR)
			continue;

		if ((oflag & (O_CREAT | O_EXCL)) == (O_CREAT | O_EXCL))
			die_errno(_("unable to create '%s'"), path);
		else if ((oflag & O_RDWR) == O_RDWR)
			die_errno(_("could not open '%s' for reading and writing"), path);
		else if ((oflag & O_WRONLY) == O_WRONLY)
			die_errno(_("could not open '%s' for writing"), path);
		else
			die_errno(_("could not open '%s' for reading"), path);
	}
}

static int handle_nonblock(int fd, short poll_events, int err)
{
	struct pollfd pfd;

	if (err != EAGAIN && err != EWOULDBLOCK)
		return 0;

	pfd.fd = fd;
	pfd.events = poll_events;

	/*
	 * no need to check for errors, here;
	 * a subsequent read/write will detect unrecoverable errors
	 */
	poll(&pfd, 1, -1);
	return 1;
}

/*
 * xread() is the same a read(), but it automatically restarts read()
 * operations with a recoverable error (EAGAIN and EINTR). xread()
 * DOES NOT GUARANTEE that "len" bytes is read even if the data is available.
 */
ssize_t xread(int fd, void *buf, size_t len)
{
	ssize_t nr;
	if (len > MAX_IO_SIZE)
		len = MAX_IO_SIZE;
	while (1) {
		nr = read(fd, buf, len);
		if (nr < 0) {
			if (errno == EINTR)
				continue;
			if (handle_nonblock(fd, POLLIN, errno))
				continue;
		}
		return nr;
	}
}

/*
 * xwrite() is the same a write(), but it automatically restarts write()
 * operations with a recoverable error (EAGAIN and EINTR). xwrite() DOES NOT
 * GUARANTEE that "len" bytes is written even if the operation is successful.
 */
ssize_t xwrite(int fd, const void *buf, size_t len)
{
	ssize_t nr;
	if (len > MAX_IO_SIZE)
		len = MAX_IO_SIZE;
	while (1) {
		nr = write(fd, buf, len);
		if (nr < 0) {
			if (errno == EINTR)
				continue;
			if (handle_nonblock(fd, POLLOUT, errno))
				continue;
		}

		return nr;
	}
}

/*
 * xpread() is the same as pread(), but it automatically restarts pread()
 * operations with a recoverable error (EAGAIN and EINTR). xpread() DOES
 * NOT GUARANTEE that "len" bytes is read even if the data is available.
 */
ssize_t xpread(int fd, void *buf, size_t len, off_t offset)
{
	ssize_t nr;
	if (len > MAX_IO_SIZE)
		len = MAX_IO_SIZE;
	while (1) {
		nr = pread(fd, buf, len, offset);
		if ((nr < 0) && (errno == EAGAIN || errno == EINTR))
			continue;
		return nr;
	}
}

ssize_t read_in_full(int fd, void *buf, size_t count)
{
	char *p = buf;
	ssize_t total = 0;

	while (count > 0) {
		ssize_t loaded = xread(fd, p, count);
		if (loaded < 0)
			return -1;
		if (loaded == 0)
			return total;
		count -= loaded;
		p += loaded;
		total += loaded;
	}

	return total;
}

ssize_t write_in_full(int fd, const void *buf, size_t count)
{
	const char *p = buf;
	ssize_t total = 0;

	while (count > 0) {
		ssize_t written = xwrite(fd, p, count);
		if (written < 0)
			return -1;
		if (!written) {
			errno = ENOSPC;
			return -1;
		}
		count -= written;
		p += written;
		total += written;
	}

	return total;
}

ssize_t pread_in_full(int fd, void *buf, size_t count, off_t offset)
{
	char *p = buf;
	ssize_t total = 0;

	while (count > 0) {
		ssize_t loaded = xpread(fd, p, count, offset);
		if (loaded < 0)
			return -1;
		if (loaded == 0)
			return total;
		count -= loaded;
		p += loaded;
		total += loaded;
		offset += loaded;
	}

	return total;
}

int xdup(int fd)
{
	int ret = dup(fd);
	if (ret < 0)
		die_errno("dup failed");
	return ret;
}

/**
 * xfopen() is the same as fopen(), but it die()s if the fopen() fails.
 */
FILE *xfopen(const char *path, const char *mode)
{
	for (;;) {
		FILE *fp = fopen(path, mode);
		if (fp)
			return fp;
		if (errno == EINTR)
			continue;

		if (*mode && mode[1] == '+')
			die_errno(_("could not open '%s' for reading and writing"), path);
		else if (*mode == 'w' || *mode == 'a')
			die_errno(_("could not open '%s' for writing"), path);
		else
			die_errno(_("could not open '%s' for reading"), path);
	}
}

FILE *xfdopen(int fd, const char *mode)
{
	FILE *stream = fdopen(fd, mode);
	if (stream == NULL)
		die_errno("Out of memory? fdopen failed");
	return stream;
}

FILE *fopen_for_writing(const char *path)
{
	FILE *ret = fopen(path, "w");

	if (!ret && errno == EPERM) {
		if (!unlink(path))
			ret = fopen(path, "w");
		else
			errno = EPERM;
	}
	return ret;
}

static void warn_on_inaccessible(const char *path)
{
	warning_errno(_("unable to access '%s'"), path);
}

int warn_on_fopen_errors(const char *path)
{
	if (errno != ENOENT && errno != ENOTDIR) {
		warn_on_inaccessible(path);
		return -1;
	}

	return 0;
}

FILE *fopen_or_warn(const char *path, const char *mode)
{
	FILE *fp = fopen(path, mode);

	if (fp)
		return fp;

	warn_on_fopen_errors(path);
	return NULL;
}

int xmkstemp(char *filename_template)
{
	int fd;
	char origtemplate[PATH_MAX];
	strlcpy(origtemplate, filename_template, sizeof(origtemplate));

	fd = mkstemp(filename_template);
	if (fd < 0) {
		int saved_errno = errno;
		const char *nonrelative_template;

		if (strlen(filename_template) != strlen(origtemplate))
			filename_template = origtemplate;

		nonrelative_template = absolute_path(filename_template);
		errno = saved_errno;
		die_errno("Unable to create temporary file '%s'",
			nonrelative_template);
	}
	return fd;
}

/* Adapted from libiberty's mkstemp.c. */

#undef TMP_MAX
#define TMP_MAX 16384

int git_mkstemps_mode(char *pattern, int suffix_len, int mode)
{
	static const char letters[] =
		"abcdefghijklmnopqrstuvwxyz"
		"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
		"0123456789";
	static const int num_letters = ARRAY_SIZE(letters) - 1;
	static const char x_pattern[] = "XXXXXX";
	static const int num_x = ARRAY_SIZE(x_pattern) - 1;
	uint64_t value;
	struct timeval tv;
	char *filename_template;
	size_t len;
	int fd, count;

	len = strlen(pattern);

	if (len < num_x + suffix_len) {
		errno = EINVAL;
		return -1;
	}

	if (strncmp(&pattern[len - num_x - suffix_len], x_pattern, num_x)) {
		errno = EINVAL;
		return -1;
	}

	/*
	 * Replace pattern's XXXXXX characters with randomness.
	 * Try TMP_MAX different filenames.
	 */
	gettimeofday(&tv, NULL);
	value = ((uint64_t)tv.tv_usec << 16) ^ tv.tv_sec ^ getpid();
	filename_template = &pattern[len - num_x - suffix_len];
	for (count = 0; count < TMP_MAX; ++count) {
		uint64_t v = value;
		int i;
		/* Fill in the random bits. */
		for (i = 0; i < num_x; i++) {
			filename_template[i] = letters[v % num_letters];
			v /= num_letters;
		}

		fd = open(pattern, O_CREAT | O_EXCL | O_RDWR, mode);
		if (fd >= 0)
			return fd;
		/*
		 * Fatal error (EPERM, ENOSPC etc).
		 * It doesn't make sense to loop.
		 */
		if (errno != EEXIST)
			break;
		/*
		 * This is a random value.  It is only necessary that
		 * the next TMP_MAX values generated by adding 7777 to
		 * VALUE are different with (module 2^32).
		 */
		value += 7777;
	}
	/* We return the null string if we can't find a unique file name.  */
	pattern[0] = '\0';
	return -1;
}

int git_mkstemp_mode(char *pattern, int mode)
{
	/* mkstemp is just mkstemps with no suffix */
	return git_mkstemps_mode(pattern, 0, mode);
}

int xmkstemp_mode(char *filename_template, int mode)
{
	int fd;
	char origtemplate[PATH_MAX];
	strlcpy(origtemplate, filename_template, sizeof(origtemplate));

	fd = git_mkstemp_mode(filename_template, mode);
	if (fd < 0) {
		int saved_errno = errno;
		const char *nonrelative_template;

		if (!filename_template[0])
			filename_template = origtemplate;

		nonrelative_template = absolute_path(filename_template);
		errno = saved_errno;
		die_errno("Unable to create temporary file '%s'",
			nonrelative_template);
	}
	return fd;
}

static int warn_if_unremovable(const char *op, const char *file, int rc)
{
	int err;
	if (!rc || errno == ENOENT)
		return 0;
	err = errno;
	warning_errno("unable to %s '%s'", op, file);
	errno = err;
	return rc;
}

int unlink_or_msg(const char *file, struct strbuf *err)
{
	int rc = unlink(file);

	assert(err);

	if (!rc || errno == ENOENT)
		return 0;

	strbuf_addf(err, "unable to unlink '%s': %s",
		    file, strerror(errno));
	return -1;
}

int unlink_or_warn(const char *file)
{
	return warn_if_unremovable("unlink", file, unlink(file));
}

int rmdir_or_warn(const char *file)
{
	return warn_if_unremovable("rmdir", file, rmdir(file));
}

int remove_or_warn(unsigned int mode, const char *file)
{
	return S_ISGITLINK(mode) ? rmdir_or_warn(file) : unlink_or_warn(file);
}

static int access_error_is_ok(int err, unsigned flag)
{
	return (is_missing_file_error(err) ||
		((flag & ACCESS_EACCES_OK) && err == EACCES));
}

int access_or_warn(const char *path, int mode, unsigned flag)
{
	int ret = access(path, mode);
	if (ret && !access_error_is_ok(errno, flag))
		warn_on_inaccessible(path);
	return ret;
}

int access_or_die(const char *path, int mode, unsigned flag)
{
	int ret = access(path, mode);
	if (ret && !access_error_is_ok(errno, flag))
		die_errno(_("unable to access '%s'"), path);
	return ret;
}

char *xgetcwd(void)
{
	struct strbuf sb = STRBUF_INIT;
	if (strbuf_getcwd(&sb))
		die_errno(_("unable to get current working directory"));
	return strbuf_detach(&sb, NULL);
}

int xsnprintf(char *dst, size_t max, const char *fmt, ...)
{
	va_list ap;
	int len;

	va_start(ap, fmt);
	len = vsnprintf(dst, max, fmt, ap);
	va_end(ap);

	if (len < 0)
		BUG("your snprintf is broken");
	if (len >= max)
		BUG("attempt to snprintf into too-small buffer");
	return len;
}

void write_file_buf(const char *path, const char *buf, size_t len)
{
	int fd = xopen(path, O_WRONLY | O_CREAT | O_TRUNC, 0666);
	if (write_in_full(fd, buf, len) < 0)
		die_errno(_("could not write to '%s'"), path);
	if (close(fd))
		die_errno(_("could not close '%s'"), path);
}

void write_file(const char *path, const char *fmt, ...)
{
	va_list params;
	struct strbuf sb = STRBUF_INIT;

	va_start(params, fmt);
	strbuf_vaddf(&sb, fmt, params);
	va_end(params);

	strbuf_complete_line(&sb);

	write_file_buf(path, sb.buf, sb.len);
	strbuf_release(&sb);
}

void sleep_millisec(int millisec)
{
	poll(NULL, 0, millisec);
}

int xgethostname(char *buf, size_t len)
{
	/*
	 * If the full hostname doesn't fit in buf, POSIX does not
	 * specify whether the buffer will be null-terminated, so to
	 * be safe, do it ourselves.
	 */
	int ret = gethostname(buf, len);
	if (!ret)
		buf[len - 1] = 0;
	return ret;
}

int is_empty_or_missing_file(const char *filename)
{
	struct stat st;

	if (stat(filename, &st) < 0) {
		if (errno == ENOENT)
			return 1;
		die_errno(_("could not stat %s"), filename);
	}

	return !st.st_size;
}

int open_nofollow(const char *path, int flags)
{
#ifdef O_NOFOLLOW
	return open(path, flags | O_NOFOLLOW);
#else
	struct stat st;
	if (lstat(path, &st) < 0)
		return -1;
	if (S_ISLNK(st.st_mode)) {
		errno = ELOOP;
		return -1;
	}
	return open(path, flags);
#endif
}
Commit	Line	Data
112db553 LT	1	/*
	2	* Various trivial helper wrappers around standard functions
	3	*/
	4	#include "cache.h"
b2141fc1	5	#include "config.h"
112db553	6
f8bb1d94	7	static int memory_limit_check(size_t size, int gentle)
d41489a6	8	{
9927d962 SP	9	static size_t limit = 0;
	10	if (!limit) {
	11	limit = git_env_ulong("GIT_ALLOC_LIMIT", 0);
	12	if (!limit)
	13	limit = SIZE_MAX;
d41489a6	14	}
f0d89001	15	if (size > limit) {
f8bb1d94	16	if (gentle) {
f0d89001 JH	17	error("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX,
f0d89001 JH	18	(uintmax_t)size, (uintmax_t)limit);
f8bb1d94 NTND	19	return -1;
f8bb1d94 NTND	20	} else
f0d89001 JH	21	die("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX,
f0d89001 JH	22	(uintmax_t)size, (uintmax_t)limit);
f8bb1d94 NTND	23	}
f8bb1d94 NTND	24	return 0;
d41489a6 NTND	25	}
d41489a6 NTND	26
112db553 LT	27	char xstrdup(const char str)
	28	{
	29	char *ret = strdup(str);
9827d4c1 JK	30	if (!ret)
9827d4c1 JK	31	die("Out of memory, strdup failed");
112db553 LT	32	return ret;
	33	}
	34
f8bb1d94	35	static void *do_xmalloc(size_t size, int gentle)
112db553	36	{
d41489a6 NTND	37	void *ret;
d41489a6 NTND	38
f8bb1d94 NTND	39	if (memory_limit_check(size, gentle))
f8bb1d94 NTND	40	return NULL;
d41489a6	41	ret = malloc(size);
112db553 LT	42	if (!ret && !size)
	43	ret = malloc(1);
	44	if (!ret) {
9827d4c1 JK	45	if (!gentle)
	46	die("Out of memory, malloc failed (tried to allocate %lu bytes)",
	47	(unsigned long)size);
	48	else {
	49	error("Out of memory, malloc failed (tried to allocate %lu bytes)",
	50	(unsigned long)size);
	51	return NULL;
f8bb1d94	52	}
112db553 LT	53	}
	54	#ifdef XMALLOC_POISON
	55	memset(ret, 0xA5, size);
	56	#endif
	57	return ret;
	58	}
	59
f8bb1d94 NTND	60	void *xmalloc(size_t size)
	61	{
	62	return do_xmalloc(size, 0);
	63	}
	64
	65	static void *do_xmallocz(size_t size, int gentle)
5bf9219d IL	66	{
5bf9219d IL	67	void *ret;
f8bb1d94 NTND	68	if (unsigned_add_overflows(size, 1)) {
	69	if (gentle) {
	70	error("Data too large to fit into virtual memory space.");
	71	return NULL;
	72	} else
	73	die("Data too large to fit into virtual memory space.");
	74	}
	75	ret = do_xmalloc(size + 1, gentle);
	76	if (ret)
	77	((char*)ret)[size] = 0;
5bf9219d IL	78	return ret;
	79	}
	80
f8bb1d94 NTND	81	void *xmallocz(size_t size)
	82	{
	83	return do_xmallocz(size, 0);
	84	}
	85
	86	void *xmallocz_gently(size_t size)
	87	{
	88	return do_xmallocz(size, 1);
	89	}
	90
112db553 LT	91	/*
	92	* xmemdupz() allocates (len + 1) bytes of memory, duplicates "len" bytes of
	93	* "data" to the allocated memory, zero terminates the allocated memory,
	94	* and returns a pointer to the allocated memory. If the allocation fails,
	95	* the program dies.
	96	*/
	97	void xmemdupz(const void data, size_t len)
	98	{
5bf9219d	99	return memcpy(xmallocz(len), data, len);
112db553 LT	100	}
	101
	102	char xstrndup(const char str, size_t len)
	103	{
	104	char *p = memchr(str, '\0', len);
	105	return xmemdupz(str, p ? p - str : len);
	106	}
	107
14570dc6	108	int xstrncmpz(const char s, const char t, size_t len)
	109	{
	110	int res = strncmp(s, t, len);
	111	if (res)
	112	return res;
	113	return s[len] == '\0' ? 0 : 1;
	114	}
	115
112db553 LT	116	void xrealloc(void ptr, size_t size)
112db553 LT	117	{
d41489a6 NTND	118	void *ret;
d41489a6 NTND	119
6479ea4a JK	120	if (!size) {
	121	free(ptr);
	122	return xmalloc(0);
	123	}
	124
f8bb1d94	125	memory_limit_check(size, 0);
d41489a6	126	ret = realloc(ptr, size);
9827d4c1 JK	127	if (!ret)
9827d4c1 JK	128	die("Out of memory, realloc failed");
112db553 LT	129	return ret;
	130	}
	131
	132	void *xcalloc(size_t nmemb, size_t size)
	133	{
d41489a6 NTND	134	void *ret;
d41489a6 NTND	135
e7792a74 JK	136	if (unsigned_mult_overflows(nmemb, size))
	137	die("data too large to fit into virtual memory space");
	138
f8bb1d94	139	memory_limit_check(size * nmemb, 0);
d41489a6	140	ret = calloc(nmemb, size);
112db553 LT	141	if (!ret && (!nmemb \|\| !size))
112db553 LT	142	ret = calloc(1, 1);
9827d4c1 JK	143	if (!ret)
9827d4c1 JK	144	die("Out of memory, calloc failed");
112db553 LT	145	return ret;
	146	}
	147
3540c71e ÆAB	148	void xsetenv(const char name, const char value, int overwrite)
	149	{
	150	if (setenv(name, value, overwrite))
	151	die_errno(_("could not setenv '%s'"), name ? name : "(null)");
	152	}
	153
	154	void xunsetenv(const char *name)
	155	{
	156	if (!unsetenv(name))
	157	die_errno(_("could not unsetenv '%s'"), name ? name : "(null)");
	158	}
	159
0b6806b9 SP	160	/*
	161	* Limit size of IO chunks, because huge chunks only cause pain. OS X
	162	* 64-bit is buggy, returning EINVAL if len >= INT_MAX; and even in
382d20e3	163	* the absence of bugs, large chunks can result in bad latencies when
0b6806b9	164	* you decide to kill the process.
a983e6ac JH	165	*
	166	* We pick 8 MiB as our default, but if the platform defines SSIZE_MAX
	167	* that is smaller than that, clip it to SSIZE_MAX, as a call to
	168	* read(2) or write(2) larger than that is allowed to fail. As the last
	169	* resort, we allow a port to pass via CFLAGS e.g. "-DMAX_IO_SIZE=value"
	170	* to override this, if the definition of SSIZE_MAX given by the platform
	171	* is broken.
0b6806b9	172	*/
a983e6ac JH	173	#ifndef MAX_IO_SIZE
	174	# define MAX_IO_SIZE_DEFAULT (810241024)
	175	# if defined(SSIZE_MAX) && (SSIZE_MAX < MAX_IO_SIZE_DEFAULT)
	176	# define MAX_IO_SIZE SSIZE_MAX
	177	# else
	178	# define MAX_IO_SIZE MAX_IO_SIZE_DEFAULT
	179	# endif
	180	#endif
0b6806b9	181
3ff53df7 PT	182	/**
	183	* xopen() is the same as open(), but it die()s if the open() fails.
	184	*/
	185	int xopen(const char *path, int oflag, ...)
	186	{
	187	mode_t mode = 0;
	188	va_list ap;
	189
	190	/*
	191	* va_arg() will have undefined behavior if the specified type is not
	192	* compatible with the argument type. Since integers are promoted to
	193	* ints, we fetch the next argument as an int, and then cast it to a
	194	* mode_t to avoid undefined behavior.
	195	*/
	196	va_start(ap, oflag);
	197	if (oflag & O_CREAT)
	198	mode = va_arg(ap, int);
	199	va_end(ap);
	200
	201	for (;;) {
	202	int fd = open(path, oflag, mode);
	203	if (fd >= 0)
	204	return fd;
	205	if (errno == EINTR)
	206	continue;
	207
a7439d0f RS	208	if ((oflag & (O_CREAT \| O_EXCL)) == (O_CREAT \| O_EXCL))
	209	die_errno(_("unable to create '%s'"), path);
	210	else if ((oflag & O_RDWR) == O_RDWR)
3ff53df7 PT	211	die_errno(_("could not open '%s' for reading and writing"), path);
	212	else if ((oflag & O_WRONLY) == O_WRONLY)
	213	die_errno(_("could not open '%s' for writing"), path);
	214	else
	215	die_errno(_("could not open '%s' for reading"), path);
	216	}
	217	}
	218
d751dd11 EW	219	static int handle_nonblock(int fd, short poll_events, int err)
	220	{
	221	struct pollfd pfd;
	222
	223	if (err != EAGAIN && err != EWOULDBLOCK)
	224	return 0;
	225
	226	pfd.fd = fd;
	227	pfd.events = poll_events;
	228
	229	/*
	230	* no need to check for errors, here;
	231	* a subsequent read/write will detect unrecoverable errors
	232	*/
	233	poll(&pfd, 1, -1);
	234	return 1;
	235	}
	236
112db553 LT	237	/*
	238	* xread() is the same a read(), but it automatically restarts read()
	239	* operations with a recoverable error (EAGAIN and EINTR). xread()
	240	* DOES NOT GUARANTEE that "len" bytes is read even if the data is available.
	241	*/
	242	ssize_t xread(int fd, void *buf, size_t len)
	243	{
	244	ssize_t nr;
0b6806b9	245	if (len > MAX_IO_SIZE)
7cd54d37	246	len = MAX_IO_SIZE;
112db553 LT	247	while (1) {
112db553 LT	248	nr = read(fd, buf, len);
1079c4be SB	249	if (nr < 0) {
	250	if (errno == EINTR)
	251	continue;
d751dd11	252	if (handle_nonblock(fd, POLLIN, errno))
c22f6202	253	continue;
1079c4be	254	}
112db553 LT	255	return nr;
	256	}
	257	}
	258
	259	/*
	260	* xwrite() is the same a write(), but it automatically restarts write()
	261	* operations with a recoverable error (EAGAIN and EINTR). xwrite() DOES NOT
	262	* GUARANTEE that "len" bytes is written even if the operation is successful.
	263	*/
	264	ssize_t xwrite(int fd, const void *buf, size_t len)
	265	{
	266	ssize_t nr;
0b6806b9	267	if (len > MAX_IO_SIZE)
7cd54d37	268	len = MAX_IO_SIZE;
112db553 LT	269	while (1) {
112db553 LT	270	nr = write(fd, buf, len);
ef1cf016 EW	271	if (nr < 0) {
	272	if (errno == EINTR)
	273	continue;
d751dd11	274	if (handle_nonblock(fd, POLLOUT, errno))
ef1cf016	275	continue;
ef1cf016 EW	276	}
ef1cf016 EW	277
9aa91af0 YM	278	return nr;
	279	}
	280	}
	281
	282	/*
	283	* xpread() is the same as pread(), but it automatically restarts pread()
	284	* operations with a recoverable error (EAGAIN and EINTR). xpread() DOES
	285	* NOT GUARANTEE that "len" bytes is read even if the data is available.
	286	*/
	287	ssize_t xpread(int fd, void *buf, size_t len, off_t offset)
	288	{
	289	ssize_t nr;
	290	if (len > MAX_IO_SIZE)
	291	len = MAX_IO_SIZE;
	292	while (1) {
	293	nr = pread(fd, buf, len, offset);
	294	if ((nr < 0) && (errno == EAGAIN \|\| errno == EINTR))
112db553 LT	295	continue;
	296	return nr;
	297	}
	298	}
	299
559e840b JH	300	ssize_t read_in_full(int fd, void *buf, size_t count)
	301	{
	302	char *p = buf;
	303	ssize_t total = 0;
	304
	305	while (count > 0) {
	306	ssize_t loaded = xread(fd, p, count);
56d7c27a JK	307	if (loaded < 0)
	308	return -1;
	309	if (loaded == 0)
	310	return total;
559e840b JH	311	count -= loaded;
	312	p += loaded;
	313	total += loaded;
	314	}
	315
	316	return total;
	317	}
	318
	319	ssize_t write_in_full(int fd, const void *buf, size_t count)
	320	{
	321	const char *p = buf;
	322	ssize_t total = 0;
	323
	324	while (count > 0) {
	325	ssize_t written = xwrite(fd, p, count);
	326	if (written < 0)
	327	return -1;
	328	if (!written) {
	329	errno = ENOSPC;
	330	return -1;
	331	}
	332	count -= written;
	333	p += written;
	334	total += written;
	335	}
	336
	337	return total;
	338	}
	339
426ddeea YM	340	ssize_t pread_in_full(int fd, void *buf, size_t count, off_t offset)
	341	{
	342	char *p = buf;
	343	ssize_t total = 0;
	344
	345	while (count > 0) {
	346	ssize_t loaded = xpread(fd, p, count, offset);
	347	if (loaded < 0)
	348	return -1;
	349	if (loaded == 0)
	350	return total;
	351	count -= loaded;
	352	p += loaded;
	353	total += loaded;
	354	offset += loaded;
	355	}
	356
	357	return total;
	358	}
	359
112db553 LT	360	int xdup(int fd)
	361	{
	362	int ret = dup(fd);
	363	if (ret < 0)
d824cbba	364	die_errno("dup failed");
112db553 LT	365	return ret;
	366	}
	367
260eec29 PT	368	/**
	369	* xfopen() is the same as fopen(), but it die()s if the fopen() fails.
	370	*/
	371	FILE xfopen(const char path, const char *mode)
	372	{
	373	for (;;) {
	374	FILE *fp = fopen(path, mode);
	375	if (fp)
	376	return fp;
	377	if (errno == EINTR)
	378	continue;
	379
	380	if (*mode && mode[1] == '+')
	381	die_errno(_("could not open '%s' for reading and writing"), path);
	382	else if (mode == 'w' \|\| mode == 'a')
	383	die_errno(_("could not open '%s' for writing"), path);
	384	else
	385	die_errno(_("could not open '%s' for reading"), path);
	386	}
	387	}
	388
112db553 LT	389	FILE xfdopen(int fd, const char mode)
	390	{
	391	FILE *stream = fdopen(fd, mode);
	392	if (stream == NULL)
d824cbba	393	die_errno("Out of memory? fdopen failed");
112db553 LT	394	return stream;
	395	}
	396
79d7582e JS	397	FILE fopen_for_writing(const char path)
	398	{
	399	FILE *ret = fopen(path, "w");
	400
	401	if (!ret && errno == EPERM) {
	402	if (!unlink(path))
	403	ret = fopen(path, "w");
	404	else
	405	errno = EPERM;
	406	}
	407	return ret;
	408	}
	409
382fb07f NTND	410	static void warn_on_inaccessible(const char *path)
	411	{
	412	warning_errno(_("unable to access '%s'"), path);
	413	}
	414
11dc1fcb NTND	415	int warn_on_fopen_errors(const char *path)
	416	{
	417	if (errno != ENOENT && errno != ENOTDIR) {
	418	warn_on_inaccessible(path);
	419	return -1;
	420	}
	421
	422	return 0;
	423	}
	424
e9d983f1 NTND	425	FILE fopen_or_warn(const char path, const char *mode)
	426	{
	427	FILE *fp = fopen(path, mode);
	428
	429	if (fp)
	430	return fp;
	431
	432	warn_on_fopen_errors(path);
	433	return NULL;
	434	}
	435
eb78e23f	436	int xmkstemp(char *filename_template)
112db553 LT	437	{
112db553 LT	438	int fd;
6cf6bb3e	439	char origtemplate[PATH_MAX];
eb78e23f	440	strlcpy(origtemplate, filename_template, sizeof(origtemplate));
112db553	441
eb78e23f	442	fd = mkstemp(filename_template);
6cf6bb3e AE	443	if (fd < 0) {
	444	int saved_errno = errno;
	445	const char *nonrelative_template;
	446
eb78e23f BW	447	if (strlen(filename_template) != strlen(origtemplate))
eb78e23f BW	448	filename_template = origtemplate;
6cf6bb3e	449
eb78e23f	450	nonrelative_template = absolute_path(filename_template);
6cf6bb3e AE	451	errno = saved_errno;
	452	die_errno("Unable to create temporary file '%s'",
	453	nonrelative_template);
	454	}
112db553 LT	455	return fd;
112db553 LT	456	}
39c68542	457
33f23936 JN	458	/* Adapted from libiberty's mkstemp.c. */
	459
	460	#undef TMP_MAX
	461	#define TMP_MAX 16384
	462
	463	int git_mkstemps_mode(char *pattern, int suffix_len, int mode)
	464	{
	465	static const char letters[] =
	466	"abcdefghijklmnopqrstuvwxyz"
	467	"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
	468	"0123456789";
53d687bf JK	469	static const int num_letters = ARRAY_SIZE(letters) - 1;
	470	static const char x_pattern[] = "XXXXXX";
	471	static const int num_x = ARRAY_SIZE(x_pattern) - 1;
33f23936 JN	472	uint64_t value;
33f23936 JN	473	struct timeval tv;
eb78e23f	474	char *filename_template;
33f23936 JN	475	size_t len;
	476	int fd, count;
	477
	478	len = strlen(pattern);
	479
53d687bf	480	if (len < num_x + suffix_len) {
33f23936 JN	481	errno = EINVAL;
	482	return -1;
	483	}
	484
53d687bf	485	if (strncmp(&pattern[len - num_x - suffix_len], x_pattern, num_x)) {
33f23936 JN	486	errno = EINVAL;
	487	return -1;
	488	}
	489
	490	/*
	491	* Replace pattern's XXXXXX characters with randomness.
	492	* Try TMP_MAX different filenames.
	493	*/
	494	gettimeofday(&tv, NULL);
729a9b55	495	value = ((uint64_t)tv.tv_usec << 16) ^ tv.tv_sec ^ getpid();
53d687bf	496	filename_template = &pattern[len - num_x - suffix_len];
33f23936 JN	497	for (count = 0; count < TMP_MAX; ++count) {
33f23936 JN	498	uint64_t v = value;
54a80a9a	499	int i;
33f23936	500	/* Fill in the random bits. */
53d687bf	501	for (i = 0; i < num_x; i++) {
54a80a9a AH	502	filename_template[i] = letters[v % num_letters];
	503	v /= num_letters;
	504	}
33f23936 JN	505
33f23936 JN	506	fd = open(pattern, O_CREAT \| O_EXCL \| O_RDWR, mode);
a2cb86c1	507	if (fd >= 0)
33f23936 JN	508	return fd;
	509	/*
	510	* Fatal error (EPERM, ENOSPC etc).
	511	* It doesn't make sense to loop.
	512	*/
	513	if (errno != EEXIST)
	514	break;
	515	/*
	516	* This is a random value. It is only necessary that
	517	* the next TMP_MAX values generated by adding 7777 to
	518	* VALUE are different with (module 2^32).
	519	*/
	520	value += 7777;
	521	}
	522	/* We return the null string if we can't find a unique file name. */
	523	pattern[0] = '\0';
	524	return -1;
	525	}
	526
	527	int git_mkstemp_mode(char *pattern, int mode)
	528	{
	529	/* mkstemp is just mkstemps with no suffix */
	530	return git_mkstemps_mode(pattern, 0, mode);
	531	}
	532
eb78e23f	533	int xmkstemp_mode(char *filename_template, int mode)
b862b61c MM	534	{
b862b61c MM	535	int fd;
6cf6bb3e	536	char origtemplate[PATH_MAX];
eb78e23f	537	strlcpy(origtemplate, filename_template, sizeof(origtemplate));
b862b61c	538
eb78e23f	539	fd = git_mkstemp_mode(filename_template, mode);
6cf6bb3e AE	540	if (fd < 0) {
	541	int saved_errno = errno;
	542	const char *nonrelative_template;
	543
eb78e23f BW	544	if (!filename_template[0])
eb78e23f BW	545	filename_template = origtemplate;
6cf6bb3e	546
eb78e23f	547	nonrelative_template = absolute_path(filename_template);
6cf6bb3e AE	548	errno = saved_errno;
	549	die_errno("Unable to create temporary file '%s'",
	550	nonrelative_template);
	551	}
b862b61c MM	552	return fd;
	553	}
	554
10e13ec8	555	static int warn_if_unremovable(const char op, const char file, int rc)
fc71db39	556	{
1054af7d RS	557	int err;
	558	if (!rc \|\| errno == ENOENT)
	559	return 0;
	560	err = errno;
0a288d1e	561	warning_errno("unable to %s '%s'", op, file);
1054af7d	562	errno = err;
fc71db39 AR	563	return rc;
	564	}
	565
9ccc0c08 RS	566	int unlink_or_msg(const char file, struct strbuf err)
	567	{
	568	int rc = unlink(file);
	569
	570	assert(err);
	571
	572	if (!rc \|\| errno == ENOENT)
	573	return 0;
	574
0a288d1e	575	strbuf_addf(err, "unable to unlink '%s': %s",
9ccc0c08 RS	576	file, strerror(errno));
	577	return -1;
	578	}
	579
10e13ec8 PC	580	int unlink_or_warn(const char *file)
	581	{
	582	return warn_if_unremovable("unlink", file, unlink(file));
	583	}
d1723296 PC	584
	585	int rmdir_or_warn(const char *file)
	586	{
	587	return warn_if_unremovable("rmdir", file, rmdir(file));
	588	}
80d706af PC	589
	590	int remove_or_warn(unsigned int mode, const char *file)
	591	{
	592	return S_ISGITLINK(mode) ? rmdir_or_warn(file) : unlink_or_warn(file);
	593	}
2f705875	594
4698c8fe JN	595	static int access_error_is_ok(int err, unsigned flag)
4698c8fe JN	596	{
c7054209 JH	597	return (is_missing_file_error(err) \|\|
c7054209 JH	598	((flag & ACCESS_EACCES_OK) && err == EACCES));
4698c8fe JN	599	}
	600
	601	int access_or_warn(const char *path, int mode, unsigned flag)
ba8bd830 JK	602	{
ba8bd830 JK	603	int ret = access(path, mode);
4698c8fe	604	if (ret && !access_error_is_ok(errno, flag))
55b38a48	605	warn_on_inaccessible(path);
ba8bd830 JK	606	return ret;
	607	}
	608
4698c8fe	609	int access_or_die(const char *path, int mode, unsigned flag)
96b9e0e3 JN	610	{
96b9e0e3 JN	611	int ret = access(path, mode);
4698c8fe	612	if (ret && !access_error_is_ok(errno, flag))
96b9e0e3 JN	613	die_errno(_("unable to access '%s'"), path);
	614	return ret;
	615	}
	616
aa14e980 RS	617	char *xgetcwd(void)
	618	{
	619	struct strbuf sb = STRBUF_INIT;
	620	if (strbuf_getcwd(&sb))
	621	die_errno(_("unable to get current working directory"));
	622	return strbuf_detach(&sb, NULL);
	623	}
316e53e6	624
7b03c89e JK	625	int xsnprintf(char dst, size_t max, const char fmt, ...)
	626	{
	627	va_list ap;
	628	int len;
	629
	630	va_start(ap, fmt);
	631	len = vsnprintf(dst, max, fmt, ap);
	632	va_end(ap);
	633
	634	if (len < 0)
033abf97	635	BUG("your snprintf is broken");
7b03c89e	636	if (len >= max)
033abf97	637	BUG("attempt to snprintf into too-small buffer");
7b03c89e JK	638	return len;
	639	}
	640
52563d7e	641	void write_file_buf(const char path, const char buf, size_t len)
316e53e6	642	{
52563d7e	643	int fd = xopen(path, O_WRONLY \| O_CREAT \| O_TRUNC, 0666);
06f46f23	644	if (write_in_full(fd, buf, len) < 0)
0a288d1e	645	die_errno(_("could not write to '%s'"), path);
52563d7e	646	if (close(fd))
0a288d1e	647	die_errno(_("could not close '%s'"), path);
316e53e6	648	}
2024d317	649
ef22318c	650	void write_file(const char path, const char fmt, ...)
12d6ce1d	651	{
12d6ce1d	652	va_list params;
316e53e6	653	struct strbuf sb = STRBUF_INIT;
12d6ce1d JH	654
12d6ce1d JH	655	va_start(params, fmt);
ef22318c	656	strbuf_vaddf(&sb, fmt, params);
12d6ce1d	657	va_end(params);
12d6ce1d	658
ef22318c	659	strbuf_complete_line(&sb);
12d6ce1d	660
52563d7e	661	write_file_buf(path, sb.buf, sb.len);
ef22318c	662	strbuf_release(&sb);
12d6ce1d JH	663	}
12d6ce1d JH	664
2024d317 JS	665	void sleep_millisec(int millisec)
	666	{
	667	poll(NULL, 0, millisec);
	668	}
5781a9a2 DT	669
	670	int xgethostname(char *buf, size_t len)
	671	{
	672	/*
	673	* If the full hostname doesn't fit in buf, POSIX does not
	674	* specify whether the buffer will be null-terminated, so to
	675	* be safe, do it ourselves.
	676	*/
	677	int ret = gethostname(buf, len);
	678	if (!ret)
	679	buf[len - 1] = 0;
	680	return ret;
	681	}
e3b1e3bd PB	682
	683	int is_empty_or_missing_file(const char *filename)
	684	{
	685	struct stat st;
	686
	687	if (stat(filename, &st) < 0) {
	688	if (errno == ENOENT)
	689	return 1;
	690	die_errno(_("could not stat %s"), filename);
	691	}
	692
	693	return !st.st_size;
	694	}
00611d84 JK	695
	696	int open_nofollow(const char *path, int flags)
	697	{
	698	#ifdef O_NOFOLLOW
	699	return open(path, flags \| O_NOFOLLOW);
	700	#else
	701	struct stat st;
	702	if (lstat(path, &st) < 0)
	703	return -1;
	704	if (S_ISLNK(st.st_mode)) {
	705	errno = ELOOP;
	706	return -1;
	707	}
	708	return open(path, flags);
	709	#endif
	710	}