]> git.ipfire.org Git - thirdparty/git.git/blob - sha1_file.c
Merge branch 'jh/fsck-promisors'
[thirdparty/git.git] / sha1_file.c
1 /*
2 * GIT - The information manager from hell
3 *
4 * Copyright (C) Linus Torvalds, 2005
5 *
6 * This handles basic git sha1 object files - packing, unpacking,
7 * creation etc.
8 */
9 #include "cache.h"
10 #include "config.h"
11 #include "string-list.h"
12 #include "lockfile.h"
13 #include "delta.h"
14 #include "pack.h"
15 #include "blob.h"
16 #include "commit.h"
17 #include "run-command.h"
18 #include "tag.h"
19 #include "tree.h"
20 #include "tree-walk.h"
21 #include "refs.h"
22 #include "pack-revindex.h"
23 #include "sha1-lookup.h"
24 #include "bulk-checkin.h"
25 #include "streaming.h"
26 #include "dir.h"
27 #include "mru.h"
28 #include "list.h"
29 #include "mergesort.h"
30 #include "quote.h"
31 #include "packfile.h"
32 #include "fetch-object.h"
33
34 const unsigned char null_sha1[GIT_MAX_RAWSZ];
35 const struct object_id null_oid;
36 const struct object_id empty_tree_oid = {
37 EMPTY_TREE_SHA1_BIN_LITERAL
38 };
39 const struct object_id empty_blob_oid = {
40 EMPTY_BLOB_SHA1_BIN_LITERAL
41 };
42
43 static void git_hash_sha1_init(void *ctx)
44 {
45 git_SHA1_Init((git_SHA_CTX *)ctx);
46 }
47
48 static void git_hash_sha1_update(void *ctx, const void *data, size_t len)
49 {
50 git_SHA1_Update((git_SHA_CTX *)ctx, data, len);
51 }
52
53 static void git_hash_sha1_final(unsigned char *hash, void *ctx)
54 {
55 git_SHA1_Final(hash, (git_SHA_CTX *)ctx);
56 }
57
58 static void git_hash_unknown_init(void *ctx)
59 {
60 die("trying to init unknown hash");
61 }
62
63 static void git_hash_unknown_update(void *ctx, const void *data, size_t len)
64 {
65 die("trying to update unknown hash");
66 }
67
68 static void git_hash_unknown_final(unsigned char *hash, void *ctx)
69 {
70 die("trying to finalize unknown hash");
71 }
72
73 const struct git_hash_algo hash_algos[GIT_HASH_NALGOS] = {
74 {
75 NULL,
76 0x00000000,
77 0,
78 0,
79 0,
80 git_hash_unknown_init,
81 git_hash_unknown_update,
82 git_hash_unknown_final,
83 NULL,
84 NULL,
85 },
86 {
87 "sha-1",
88 /* "sha1", big-endian */
89 0x73686131,
90 sizeof(git_SHA_CTX),
91 GIT_SHA1_RAWSZ,
92 GIT_SHA1_HEXSZ,
93 git_hash_sha1_init,
94 git_hash_sha1_update,
95 git_hash_sha1_final,
96 &empty_tree_oid,
97 &empty_blob_oid,
98 },
99 };
100
101 /*
102 * This is meant to hold a *small* number of objects that you would
103 * want read_sha1_file() to be able to return, but yet you do not want
104 * to write them into the object store (e.g. a browse-only
105 * application).
106 */
107 static struct cached_object {
108 unsigned char sha1[20];
109 enum object_type type;
110 void *buf;
111 unsigned long size;
112 } *cached_objects;
113 static int cached_object_nr, cached_object_alloc;
114
115 static struct cached_object empty_tree = {
116 EMPTY_TREE_SHA1_BIN_LITERAL,
117 OBJ_TREE,
118 "",
119 0
120 };
121
122 static struct cached_object *find_cached_object(const unsigned char *sha1)
123 {
124 int i;
125 struct cached_object *co = cached_objects;
126
127 for (i = 0; i < cached_object_nr; i++, co++) {
128 if (!hashcmp(co->sha1, sha1))
129 return co;
130 }
131 if (!hashcmp(sha1, empty_tree.sha1))
132 return &empty_tree;
133 return NULL;
134 }
135
136
137 static enum safe_crlf get_safe_crlf(unsigned flags)
138 {
139 if (flags & HASH_RENORMALIZE)
140 return SAFE_CRLF_RENORMALIZE;
141 else if (flags & HASH_WRITE_OBJECT)
142 return safe_crlf;
143 else
144 return SAFE_CRLF_FALSE;
145 }
146
147
148 int mkdir_in_gitdir(const char *path)
149 {
150 if (mkdir(path, 0777)) {
151 int saved_errno = errno;
152 struct stat st;
153 struct strbuf sb = STRBUF_INIT;
154
155 if (errno != EEXIST)
156 return -1;
157 /*
158 * Are we looking at a path in a symlinked worktree
159 * whose original repository does not yet have it?
160 * e.g. .git/rr-cache pointing at its original
161 * repository in which the user hasn't performed any
162 * conflict resolution yet?
163 */
164 if (lstat(path, &st) || !S_ISLNK(st.st_mode) ||
165 strbuf_readlink(&sb, path, st.st_size) ||
166 !is_absolute_path(sb.buf) ||
167 mkdir(sb.buf, 0777)) {
168 strbuf_release(&sb);
169 errno = saved_errno;
170 return -1;
171 }
172 strbuf_release(&sb);
173 }
174 return adjust_shared_perm(path);
175 }
176
177 enum scld_error safe_create_leading_directories(char *path)
178 {
179 char *next_component = path + offset_1st_component(path);
180 enum scld_error ret = SCLD_OK;
181
182 while (ret == SCLD_OK && next_component) {
183 struct stat st;
184 char *slash = next_component, slash_character;
185
186 while (*slash && !is_dir_sep(*slash))
187 slash++;
188
189 if (!*slash)
190 break;
191
192 next_component = slash + 1;
193 while (is_dir_sep(*next_component))
194 next_component++;
195 if (!*next_component)
196 break;
197
198 slash_character = *slash;
199 *slash = '\0';
200 if (!stat(path, &st)) {
201 /* path exists */
202 if (!S_ISDIR(st.st_mode)) {
203 errno = ENOTDIR;
204 ret = SCLD_EXISTS;
205 }
206 } else if (mkdir(path, 0777)) {
207 if (errno == EEXIST &&
208 !stat(path, &st) && S_ISDIR(st.st_mode))
209 ; /* somebody created it since we checked */
210 else if (errno == ENOENT)
211 /*
212 * Either mkdir() failed because
213 * somebody just pruned the containing
214 * directory, or stat() failed because
215 * the file that was in our way was
216 * just removed. Either way, inform
217 * the caller that it might be worth
218 * trying again:
219 */
220 ret = SCLD_VANISHED;
221 else
222 ret = SCLD_FAILED;
223 } else if (adjust_shared_perm(path)) {
224 ret = SCLD_PERMS;
225 }
226 *slash = slash_character;
227 }
228 return ret;
229 }
230
231 enum scld_error safe_create_leading_directories_const(const char *path)
232 {
233 int save_errno;
234 /* path points to cache entries, so xstrdup before messing with it */
235 char *buf = xstrdup(path);
236 enum scld_error result = safe_create_leading_directories(buf);
237
238 save_errno = errno;
239 free(buf);
240 errno = save_errno;
241 return result;
242 }
243
244 int raceproof_create_file(const char *path, create_file_fn fn, void *cb)
245 {
246 /*
247 * The number of times we will try to remove empty directories
248 * in the way of path. This is only 1 because if another
249 * process is racily creating directories that conflict with
250 * us, we don't want to fight against them.
251 */
252 int remove_directories_remaining = 1;
253
254 /*
255 * The number of times that we will try to create the
256 * directories containing path. We are willing to attempt this
257 * more than once, because another process could be trying to
258 * clean up empty directories at the same time as we are
259 * trying to create them.
260 */
261 int create_directories_remaining = 3;
262
263 /* A scratch copy of path, filled lazily if we need it: */
264 struct strbuf path_copy = STRBUF_INIT;
265
266 int ret, save_errno;
267
268 /* Sanity check: */
269 assert(*path);
270
271 retry_fn:
272 ret = fn(path, cb);
273 save_errno = errno;
274 if (!ret)
275 goto out;
276
277 if (errno == EISDIR && remove_directories_remaining-- > 0) {
278 /*
279 * A directory is in the way. Maybe it is empty; try
280 * to remove it:
281 */
282 if (!path_copy.len)
283 strbuf_addstr(&path_copy, path);
284
285 if (!remove_dir_recursively(&path_copy, REMOVE_DIR_EMPTY_ONLY))
286 goto retry_fn;
287 } else if (errno == ENOENT && create_directories_remaining-- > 0) {
288 /*
289 * Maybe the containing directory didn't exist, or
290 * maybe it was just deleted by a process that is
291 * racing with us to clean up empty directories. Try
292 * to create it:
293 */
294 enum scld_error scld_result;
295
296 if (!path_copy.len)
297 strbuf_addstr(&path_copy, path);
298
299 do {
300 scld_result = safe_create_leading_directories(path_copy.buf);
301 if (scld_result == SCLD_OK)
302 goto retry_fn;
303 } while (scld_result == SCLD_VANISHED && create_directories_remaining-- > 0);
304 }
305
306 out:
307 strbuf_release(&path_copy);
308 errno = save_errno;
309 return ret;
310 }
311
312 static void fill_sha1_path(struct strbuf *buf, const unsigned char *sha1)
313 {
314 int i;
315 for (i = 0; i < 20; i++) {
316 static char hex[] = "0123456789abcdef";
317 unsigned int val = sha1[i];
318 strbuf_addch(buf, hex[val >> 4]);
319 strbuf_addch(buf, hex[val & 0xf]);
320 if (!i)
321 strbuf_addch(buf, '/');
322 }
323 }
324
325 const char *sha1_file_name(const unsigned char *sha1)
326 {
327 static struct strbuf buf = STRBUF_INIT;
328
329 strbuf_reset(&buf);
330 strbuf_addf(&buf, "%s/", get_object_directory());
331
332 fill_sha1_path(&buf, sha1);
333 return buf.buf;
334 }
335
336 struct strbuf *alt_scratch_buf(struct alternate_object_database *alt)
337 {
338 strbuf_setlen(&alt->scratch, alt->base_len);
339 return &alt->scratch;
340 }
341
342 static const char *alt_sha1_path(struct alternate_object_database *alt,
343 const unsigned char *sha1)
344 {
345 struct strbuf *buf = alt_scratch_buf(alt);
346 fill_sha1_path(buf, sha1);
347 return buf->buf;
348 }
349
350 struct alternate_object_database *alt_odb_list;
351 static struct alternate_object_database **alt_odb_tail;
352
353 /*
354 * Return non-zero iff the path is usable as an alternate object database.
355 */
356 static int alt_odb_usable(struct strbuf *path, const char *normalized_objdir)
357 {
358 struct alternate_object_database *alt;
359
360 /* Detect cases where alternate disappeared */
361 if (!is_directory(path->buf)) {
362 error("object directory %s does not exist; "
363 "check .git/objects/info/alternates.",
364 path->buf);
365 return 0;
366 }
367
368 /*
369 * Prevent the common mistake of listing the same
370 * thing twice, or object directory itself.
371 */
372 for (alt = alt_odb_list; alt; alt = alt->next) {
373 if (!fspathcmp(path->buf, alt->path))
374 return 0;
375 }
376 if (!fspathcmp(path->buf, normalized_objdir))
377 return 0;
378
379 return 1;
380 }
381
382 /*
383 * Prepare alternate object database registry.
384 *
385 * The variable alt_odb_list points at the list of struct
386 * alternate_object_database. The elements on this list come from
387 * non-empty elements from colon separated ALTERNATE_DB_ENVIRONMENT
388 * environment variable, and $GIT_OBJECT_DIRECTORY/info/alternates,
389 * whose contents is similar to that environment variable but can be
390 * LF separated. Its base points at a statically allocated buffer that
391 * contains "/the/directory/corresponding/to/.git/objects/...", while
392 * its name points just after the slash at the end of ".git/objects/"
393 * in the example above, and has enough space to hold 40-byte hex
394 * SHA1, an extra slash for the first level indirection, and the
395 * terminating NUL.
396 */
397 static void read_info_alternates(const char * relative_base, int depth);
398 static int link_alt_odb_entry(const char *entry, const char *relative_base,
399 int depth, const char *normalized_objdir)
400 {
401 struct alternate_object_database *ent;
402 struct strbuf pathbuf = STRBUF_INIT;
403
404 if (!is_absolute_path(entry) && relative_base) {
405 strbuf_realpath(&pathbuf, relative_base, 1);
406 strbuf_addch(&pathbuf, '/');
407 }
408 strbuf_addstr(&pathbuf, entry);
409
410 if (strbuf_normalize_path(&pathbuf) < 0 && relative_base) {
411 error("unable to normalize alternate object path: %s",
412 pathbuf.buf);
413 strbuf_release(&pathbuf);
414 return -1;
415 }
416
417 /*
418 * The trailing slash after the directory name is given by
419 * this function at the end. Remove duplicates.
420 */
421 while (pathbuf.len && pathbuf.buf[pathbuf.len - 1] == '/')
422 strbuf_setlen(&pathbuf, pathbuf.len - 1);
423
424 if (!alt_odb_usable(&pathbuf, normalized_objdir)) {
425 strbuf_release(&pathbuf);
426 return -1;
427 }
428
429 ent = alloc_alt_odb(pathbuf.buf);
430
431 /* add the alternate entry */
432 *alt_odb_tail = ent;
433 alt_odb_tail = &(ent->next);
434 ent->next = NULL;
435
436 /* recursively add alternates */
437 read_info_alternates(pathbuf.buf, depth + 1);
438
439 strbuf_release(&pathbuf);
440 return 0;
441 }
442
443 static const char *parse_alt_odb_entry(const char *string,
444 int sep,
445 struct strbuf *out)
446 {
447 const char *end;
448
449 strbuf_reset(out);
450
451 if (*string == '#') {
452 /* comment; consume up to next separator */
453 end = strchrnul(string, sep);
454 } else if (*string == '"' && !unquote_c_style(out, string, &end)) {
455 /*
456 * quoted path; unquote_c_style has copied the
457 * data for us and set "end". Broken quoting (e.g.,
458 * an entry that doesn't end with a quote) falls
459 * back to the unquoted case below.
460 */
461 } else {
462 /* normal, unquoted path */
463 end = strchrnul(string, sep);
464 strbuf_add(out, string, end - string);
465 }
466
467 if (*end)
468 end++;
469 return end;
470 }
471
472 static void link_alt_odb_entries(const char *alt, int sep,
473 const char *relative_base, int depth)
474 {
475 struct strbuf objdirbuf = STRBUF_INIT;
476 struct strbuf entry = STRBUF_INIT;
477
478 if (!alt || !*alt)
479 return;
480
481 if (depth > 5) {
482 error("%s: ignoring alternate object stores, nesting too deep.",
483 relative_base);
484 return;
485 }
486
487 strbuf_add_absolute_path(&objdirbuf, get_object_directory());
488 if (strbuf_normalize_path(&objdirbuf) < 0)
489 die("unable to normalize object directory: %s",
490 objdirbuf.buf);
491
492 while (*alt) {
493 alt = parse_alt_odb_entry(alt, sep, &entry);
494 if (!entry.len)
495 continue;
496 link_alt_odb_entry(entry.buf, relative_base, depth, objdirbuf.buf);
497 }
498 strbuf_release(&entry);
499 strbuf_release(&objdirbuf);
500 }
501
502 static void read_info_alternates(const char * relative_base, int depth)
503 {
504 char *path;
505 struct strbuf buf = STRBUF_INIT;
506
507 path = xstrfmt("%s/info/alternates", relative_base);
508 if (strbuf_read_file(&buf, path, 1024) < 0) {
509 warn_on_fopen_errors(path);
510 free(path);
511 return;
512 }
513
514 link_alt_odb_entries(buf.buf, '\n', relative_base, depth);
515 strbuf_release(&buf);
516 free(path);
517 }
518
519 struct alternate_object_database *alloc_alt_odb(const char *dir)
520 {
521 struct alternate_object_database *ent;
522
523 FLEX_ALLOC_STR(ent, path, dir);
524 strbuf_init(&ent->scratch, 0);
525 strbuf_addf(&ent->scratch, "%s/", dir);
526 ent->base_len = ent->scratch.len;
527
528 return ent;
529 }
530
531 void add_to_alternates_file(const char *reference)
532 {
533 struct lock_file lock = LOCK_INIT;
534 char *alts = git_pathdup("objects/info/alternates");
535 FILE *in, *out;
536 int found = 0;
537
538 hold_lock_file_for_update(&lock, alts, LOCK_DIE_ON_ERROR);
539 out = fdopen_lock_file(&lock, "w");
540 if (!out)
541 die_errno("unable to fdopen alternates lockfile");
542
543 in = fopen(alts, "r");
544 if (in) {
545 struct strbuf line = STRBUF_INIT;
546
547 while (strbuf_getline(&line, in) != EOF) {
548 if (!strcmp(reference, line.buf)) {
549 found = 1;
550 break;
551 }
552 fprintf_or_die(out, "%s\n", line.buf);
553 }
554
555 strbuf_release(&line);
556 fclose(in);
557 }
558 else if (errno != ENOENT)
559 die_errno("unable to read alternates file");
560
561 if (found) {
562 rollback_lock_file(&lock);
563 } else {
564 fprintf_or_die(out, "%s\n", reference);
565 if (commit_lock_file(&lock))
566 die_errno("unable to move new alternates file into place");
567 if (alt_odb_tail)
568 link_alt_odb_entries(reference, '\n', NULL, 0);
569 }
570 free(alts);
571 }
572
573 void add_to_alternates_memory(const char *reference)
574 {
575 /*
576 * Make sure alternates are initialized, or else our entry may be
577 * overwritten when they are.
578 */
579 prepare_alt_odb();
580
581 link_alt_odb_entries(reference, '\n', NULL, 0);
582 }
583
584 /*
585 * Compute the exact path an alternate is at and returns it. In case of
586 * error NULL is returned and the human readable error is added to `err`
587 * `path` may be relative and should point to $GITDIR.
588 * `err` must not be null.
589 */
590 char *compute_alternate_path(const char *path, struct strbuf *err)
591 {
592 char *ref_git = NULL;
593 const char *repo, *ref_git_s;
594 int seen_error = 0;
595
596 ref_git_s = real_path_if_valid(path);
597 if (!ref_git_s) {
598 seen_error = 1;
599 strbuf_addf(err, _("path '%s' does not exist"), path);
600 goto out;
601 } else
602 /*
603 * Beware: read_gitfile(), real_path() and mkpath()
604 * return static buffer
605 */
606 ref_git = xstrdup(ref_git_s);
607
608 repo = read_gitfile(ref_git);
609 if (!repo)
610 repo = read_gitfile(mkpath("%s/.git", ref_git));
611 if (repo) {
612 free(ref_git);
613 ref_git = xstrdup(repo);
614 }
615
616 if (!repo && is_directory(mkpath("%s/.git/objects", ref_git))) {
617 char *ref_git_git = mkpathdup("%s/.git", ref_git);
618 free(ref_git);
619 ref_git = ref_git_git;
620 } else if (!is_directory(mkpath("%s/objects", ref_git))) {
621 struct strbuf sb = STRBUF_INIT;
622 seen_error = 1;
623 if (get_common_dir(&sb, ref_git)) {
624 strbuf_addf(err,
625 _("reference repository '%s' as a linked "
626 "checkout is not supported yet."),
627 path);
628 goto out;
629 }
630
631 strbuf_addf(err, _("reference repository '%s' is not a "
632 "local repository."), path);
633 goto out;
634 }
635
636 if (!access(mkpath("%s/shallow", ref_git), F_OK)) {
637 strbuf_addf(err, _("reference repository '%s' is shallow"),
638 path);
639 seen_error = 1;
640 goto out;
641 }
642
643 if (!access(mkpath("%s/info/grafts", ref_git), F_OK)) {
644 strbuf_addf(err,
645 _("reference repository '%s' is grafted"),
646 path);
647 seen_error = 1;
648 goto out;
649 }
650
651 out:
652 if (seen_error) {
653 FREE_AND_NULL(ref_git);
654 }
655
656 return ref_git;
657 }
658
659 int foreach_alt_odb(alt_odb_fn fn, void *cb)
660 {
661 struct alternate_object_database *ent;
662 int r = 0;
663
664 prepare_alt_odb();
665 for (ent = alt_odb_list; ent; ent = ent->next) {
666 r = fn(ent, cb);
667 if (r)
668 break;
669 }
670 return r;
671 }
672
673 void prepare_alt_odb(void)
674 {
675 const char *alt;
676
677 if (alt_odb_tail)
678 return;
679
680 alt = getenv(ALTERNATE_DB_ENVIRONMENT);
681
682 alt_odb_tail = &alt_odb_list;
683 link_alt_odb_entries(alt, PATH_SEP, NULL, 0);
684
685 read_info_alternates(get_object_directory(), 0);
686 }
687
688 /* Returns 1 if we have successfully freshened the file, 0 otherwise. */
689 static int freshen_file(const char *fn)
690 {
691 struct utimbuf t;
692 t.actime = t.modtime = time(NULL);
693 return !utime(fn, &t);
694 }
695
696 /*
697 * All of the check_and_freshen functions return 1 if the file exists and was
698 * freshened (if freshening was requested), 0 otherwise. If they return
699 * 0, you should not assume that it is safe to skip a write of the object (it
700 * either does not exist on disk, or has a stale mtime and may be subject to
701 * pruning).
702 */
703 int check_and_freshen_file(const char *fn, int freshen)
704 {
705 if (access(fn, F_OK))
706 return 0;
707 if (freshen && !freshen_file(fn))
708 return 0;
709 return 1;
710 }
711
712 static int check_and_freshen_local(const unsigned char *sha1, int freshen)
713 {
714 return check_and_freshen_file(sha1_file_name(sha1), freshen);
715 }
716
717 static int check_and_freshen_nonlocal(const unsigned char *sha1, int freshen)
718 {
719 struct alternate_object_database *alt;
720 prepare_alt_odb();
721 for (alt = alt_odb_list; alt; alt = alt->next) {
722 const char *path = alt_sha1_path(alt, sha1);
723 if (check_and_freshen_file(path, freshen))
724 return 1;
725 }
726 return 0;
727 }
728
729 static int check_and_freshen(const unsigned char *sha1, int freshen)
730 {
731 return check_and_freshen_local(sha1, freshen) ||
732 check_and_freshen_nonlocal(sha1, freshen);
733 }
734
735 int has_loose_object_nonlocal(const unsigned char *sha1)
736 {
737 return check_and_freshen_nonlocal(sha1, 0);
738 }
739
740 static int has_loose_object(const unsigned char *sha1)
741 {
742 return check_and_freshen(sha1, 0);
743 }
744
745 static void mmap_limit_check(size_t length)
746 {
747 static size_t limit = 0;
748 if (!limit) {
749 limit = git_env_ulong("GIT_MMAP_LIMIT", 0);
750 if (!limit)
751 limit = SIZE_MAX;
752 }
753 if (length > limit)
754 die("attempting to mmap %"PRIuMAX" over limit %"PRIuMAX,
755 (uintmax_t)length, (uintmax_t)limit);
756 }
757
758 void *xmmap_gently(void *start, size_t length,
759 int prot, int flags, int fd, off_t offset)
760 {
761 void *ret;
762
763 mmap_limit_check(length);
764 ret = mmap(start, length, prot, flags, fd, offset);
765 if (ret == MAP_FAILED) {
766 if (!length)
767 return NULL;
768 release_pack_memory(length);
769 ret = mmap(start, length, prot, flags, fd, offset);
770 }
771 return ret;
772 }
773
774 void *xmmap(void *start, size_t length,
775 int prot, int flags, int fd, off_t offset)
776 {
777 void *ret = xmmap_gently(start, length, prot, flags, fd, offset);
778 if (ret == MAP_FAILED)
779 die_errno("mmap failed");
780 return ret;
781 }
782
783 /*
784 * With an in-core object data in "map", rehash it to make sure the
785 * object name actually matches "sha1" to detect object corruption.
786 * With "map" == NULL, try reading the object named with "sha1" using
787 * the streaming interface and rehash it to do the same.
788 */
789 int check_sha1_signature(const unsigned char *sha1, void *map,
790 unsigned long size, const char *type)
791 {
792 unsigned char real_sha1[20];
793 enum object_type obj_type;
794 struct git_istream *st;
795 git_SHA_CTX c;
796 char hdr[32];
797 int hdrlen;
798
799 if (map) {
800 hash_sha1_file(map, size, type, real_sha1);
801 return hashcmp(sha1, real_sha1) ? -1 : 0;
802 }
803
804 st = open_istream(sha1, &obj_type, &size, NULL);
805 if (!st)
806 return -1;
807
808 /* Generate the header */
809 hdrlen = xsnprintf(hdr, sizeof(hdr), "%s %lu", typename(obj_type), size) + 1;
810
811 /* Sha1.. */
812 git_SHA1_Init(&c);
813 git_SHA1_Update(&c, hdr, hdrlen);
814 for (;;) {
815 char buf[1024 * 16];
816 ssize_t readlen = read_istream(st, buf, sizeof(buf));
817
818 if (readlen < 0) {
819 close_istream(st);
820 return -1;
821 }
822 if (!readlen)
823 break;
824 git_SHA1_Update(&c, buf, readlen);
825 }
826 git_SHA1_Final(real_sha1, &c);
827 close_istream(st);
828 return hashcmp(sha1, real_sha1) ? -1 : 0;
829 }
830
831 int git_open_cloexec(const char *name, int flags)
832 {
833 int fd;
834 static int o_cloexec = O_CLOEXEC;
835
836 fd = open(name, flags | o_cloexec);
837 if ((o_cloexec & O_CLOEXEC) && fd < 0 && errno == EINVAL) {
838 /* Try again w/o O_CLOEXEC: the kernel might not support it */
839 o_cloexec &= ~O_CLOEXEC;
840 fd = open(name, flags | o_cloexec);
841 }
842
843 #if defined(F_GETFD) && defined(F_SETFD) && defined(FD_CLOEXEC)
844 {
845 static int fd_cloexec = FD_CLOEXEC;
846
847 if (!o_cloexec && 0 <= fd && fd_cloexec) {
848 /* Opened w/o O_CLOEXEC? try with fcntl(2) to add it */
849 int flags = fcntl(fd, F_GETFD);
850 if (fcntl(fd, F_SETFD, flags | fd_cloexec))
851 fd_cloexec = 0;
852 }
853 }
854 #endif
855 return fd;
856 }
857
858 /*
859 * Find "sha1" as a loose object in the local repository or in an alternate.
860 * Returns 0 on success, negative on failure.
861 *
862 * The "path" out-parameter will give the path of the object we found (if any).
863 * Note that it may point to static storage and is only valid until another
864 * call to sha1_file_name(), etc.
865 */
866 static int stat_sha1_file(const unsigned char *sha1, struct stat *st,
867 const char **path)
868 {
869 struct alternate_object_database *alt;
870
871 *path = sha1_file_name(sha1);
872 if (!lstat(*path, st))
873 return 0;
874
875 prepare_alt_odb();
876 errno = ENOENT;
877 for (alt = alt_odb_list; alt; alt = alt->next) {
878 *path = alt_sha1_path(alt, sha1);
879 if (!lstat(*path, st))
880 return 0;
881 }
882
883 return -1;
884 }
885
886 /*
887 * Like stat_sha1_file(), but actually open the object and return the
888 * descriptor. See the caveats on the "path" parameter above.
889 */
890 static int open_sha1_file(const unsigned char *sha1, const char **path)
891 {
892 int fd;
893 struct alternate_object_database *alt;
894 int most_interesting_errno;
895
896 *path = sha1_file_name(sha1);
897 fd = git_open(*path);
898 if (fd >= 0)
899 return fd;
900 most_interesting_errno = errno;
901
902 prepare_alt_odb();
903 for (alt = alt_odb_list; alt; alt = alt->next) {
904 *path = alt_sha1_path(alt, sha1);
905 fd = git_open(*path);
906 if (fd >= 0)
907 return fd;
908 if (most_interesting_errno == ENOENT)
909 most_interesting_errno = errno;
910 }
911 errno = most_interesting_errno;
912 return -1;
913 }
914
915 /*
916 * Map the loose object at "path" if it is not NULL, or the path found by
917 * searching for a loose object named "sha1".
918 */
919 static void *map_sha1_file_1(const char *path,
920 const unsigned char *sha1,
921 unsigned long *size)
922 {
923 void *map;
924 int fd;
925
926 if (path)
927 fd = git_open(path);
928 else
929 fd = open_sha1_file(sha1, &path);
930 map = NULL;
931 if (fd >= 0) {
932 struct stat st;
933
934 if (!fstat(fd, &st)) {
935 *size = xsize_t(st.st_size);
936 if (!*size) {
937 /* mmap() is forbidden on empty files */
938 error("object file %s is empty", path);
939 return NULL;
940 }
941 map = xmmap(NULL, *size, PROT_READ, MAP_PRIVATE, fd, 0);
942 }
943 close(fd);
944 }
945 return map;
946 }
947
948 void *map_sha1_file(const unsigned char *sha1, unsigned long *size)
949 {
950 return map_sha1_file_1(NULL, sha1, size);
951 }
952
953 static int unpack_sha1_short_header(git_zstream *stream,
954 unsigned char *map, unsigned long mapsize,
955 void *buffer, unsigned long bufsiz)
956 {
957 /* Get the data stream */
958 memset(stream, 0, sizeof(*stream));
959 stream->next_in = map;
960 stream->avail_in = mapsize;
961 stream->next_out = buffer;
962 stream->avail_out = bufsiz;
963
964 git_inflate_init(stream);
965 return git_inflate(stream, 0);
966 }
967
968 int unpack_sha1_header(git_zstream *stream,
969 unsigned char *map, unsigned long mapsize,
970 void *buffer, unsigned long bufsiz)
971 {
972 int status = unpack_sha1_short_header(stream, map, mapsize,
973 buffer, bufsiz);
974
975 if (status < Z_OK)
976 return status;
977
978 /* Make sure we have the terminating NUL */
979 if (!memchr(buffer, '\0', stream->next_out - (unsigned char *)buffer))
980 return -1;
981 return 0;
982 }
983
984 static int unpack_sha1_header_to_strbuf(git_zstream *stream, unsigned char *map,
985 unsigned long mapsize, void *buffer,
986 unsigned long bufsiz, struct strbuf *header)
987 {
988 int status;
989
990 status = unpack_sha1_short_header(stream, map, mapsize, buffer, bufsiz);
991 if (status < Z_OK)
992 return -1;
993
994 /*
995 * Check if entire header is unpacked in the first iteration.
996 */
997 if (memchr(buffer, '\0', stream->next_out - (unsigned char *)buffer))
998 return 0;
999
1000 /*
1001 * buffer[0..bufsiz] was not large enough. Copy the partial
1002 * result out to header, and then append the result of further
1003 * reading the stream.
1004 */
1005 strbuf_add(header, buffer, stream->next_out - (unsigned char *)buffer);
1006 stream->next_out = buffer;
1007 stream->avail_out = bufsiz;
1008
1009 do {
1010 status = git_inflate(stream, 0);
1011 strbuf_add(header, buffer, stream->next_out - (unsigned char *)buffer);
1012 if (memchr(buffer, '\0', stream->next_out - (unsigned char *)buffer))
1013 return 0;
1014 stream->next_out = buffer;
1015 stream->avail_out = bufsiz;
1016 } while (status != Z_STREAM_END);
1017 return -1;
1018 }
1019
1020 static void *unpack_sha1_rest(git_zstream *stream, void *buffer, unsigned long size, const unsigned char *sha1)
1021 {
1022 int bytes = strlen(buffer) + 1;
1023 unsigned char *buf = xmallocz(size);
1024 unsigned long n;
1025 int status = Z_OK;
1026
1027 n = stream->total_out - bytes;
1028 if (n > size)
1029 n = size;
1030 memcpy(buf, (char *) buffer + bytes, n);
1031 bytes = n;
1032 if (bytes <= size) {
1033 /*
1034 * The above condition must be (bytes <= size), not
1035 * (bytes < size). In other words, even though we
1036 * expect no more output and set avail_out to zero,
1037 * the input zlib stream may have bytes that express
1038 * "this concludes the stream", and we *do* want to
1039 * eat that input.
1040 *
1041 * Otherwise we would not be able to test that we
1042 * consumed all the input to reach the expected size;
1043 * we also want to check that zlib tells us that all
1044 * went well with status == Z_STREAM_END at the end.
1045 */
1046 stream->next_out = buf + bytes;
1047 stream->avail_out = size - bytes;
1048 while (status == Z_OK)
1049 status = git_inflate(stream, Z_FINISH);
1050 }
1051 if (status == Z_STREAM_END && !stream->avail_in) {
1052 git_inflate_end(stream);
1053 return buf;
1054 }
1055
1056 if (status < 0)
1057 error("corrupt loose object '%s'", sha1_to_hex(sha1));
1058 else if (stream->avail_in)
1059 error("garbage at end of loose object '%s'",
1060 sha1_to_hex(sha1));
1061 free(buf);
1062 return NULL;
1063 }
1064
1065 /*
1066 * We used to just use "sscanf()", but that's actually way
1067 * too permissive for what we want to check. So do an anal
1068 * object header parse by hand.
1069 */
1070 static int parse_sha1_header_extended(const char *hdr, struct object_info *oi,
1071 unsigned int flags)
1072 {
1073 const char *type_buf = hdr;
1074 unsigned long size;
1075 int type, type_len = 0;
1076
1077 /*
1078 * The type can be of any size but is followed by
1079 * a space.
1080 */
1081 for (;;) {
1082 char c = *hdr++;
1083 if (!c)
1084 return -1;
1085 if (c == ' ')
1086 break;
1087 type_len++;
1088 }
1089
1090 type = type_from_string_gently(type_buf, type_len, 1);
1091 if (oi->typename)
1092 strbuf_add(oi->typename, type_buf, type_len);
1093 /*
1094 * Set type to 0 if its an unknown object and
1095 * we're obtaining the type using '--allow-unknown-type'
1096 * option.
1097 */
1098 if ((flags & OBJECT_INFO_ALLOW_UNKNOWN_TYPE) && (type < 0))
1099 type = 0;
1100 else if (type < 0)
1101 die("invalid object type");
1102 if (oi->typep)
1103 *oi->typep = type;
1104
1105 /*
1106 * The length must follow immediately, and be in canonical
1107 * decimal format (ie "010" is not valid).
1108 */
1109 size = *hdr++ - '0';
1110 if (size > 9)
1111 return -1;
1112 if (size) {
1113 for (;;) {
1114 unsigned long c = *hdr - '0';
1115 if (c > 9)
1116 break;
1117 hdr++;
1118 size = size * 10 + c;
1119 }
1120 }
1121
1122 if (oi->sizep)
1123 *oi->sizep = size;
1124
1125 /*
1126 * The length must be followed by a zero byte
1127 */
1128 return *hdr ? -1 : type;
1129 }
1130
1131 int parse_sha1_header(const char *hdr, unsigned long *sizep)
1132 {
1133 struct object_info oi = OBJECT_INFO_INIT;
1134
1135 oi.sizep = sizep;
1136 return parse_sha1_header_extended(hdr, &oi, 0);
1137 }
1138
1139 static int sha1_loose_object_info(const unsigned char *sha1,
1140 struct object_info *oi,
1141 int flags)
1142 {
1143 int status = 0;
1144 unsigned long mapsize;
1145 void *map;
1146 git_zstream stream;
1147 char hdr[32];
1148 struct strbuf hdrbuf = STRBUF_INIT;
1149 unsigned long size_scratch;
1150
1151 if (oi->delta_base_sha1)
1152 hashclr(oi->delta_base_sha1);
1153
1154 /*
1155 * If we don't care about type or size, then we don't
1156 * need to look inside the object at all. Note that we
1157 * do not optimize out the stat call, even if the
1158 * caller doesn't care about the disk-size, since our
1159 * return value implicitly indicates whether the
1160 * object even exists.
1161 */
1162 if (!oi->typep && !oi->typename && !oi->sizep && !oi->contentp) {
1163 const char *path;
1164 struct stat st;
1165 if (stat_sha1_file(sha1, &st, &path) < 0)
1166 return -1;
1167 if (oi->disk_sizep)
1168 *oi->disk_sizep = st.st_size;
1169 return 0;
1170 }
1171
1172 map = map_sha1_file(sha1, &mapsize);
1173 if (!map)
1174 return -1;
1175
1176 if (!oi->sizep)
1177 oi->sizep = &size_scratch;
1178
1179 if (oi->disk_sizep)
1180 *oi->disk_sizep = mapsize;
1181 if ((flags & OBJECT_INFO_ALLOW_UNKNOWN_TYPE)) {
1182 if (unpack_sha1_header_to_strbuf(&stream, map, mapsize, hdr, sizeof(hdr), &hdrbuf) < 0)
1183 status = error("unable to unpack %s header with --allow-unknown-type",
1184 sha1_to_hex(sha1));
1185 } else if (unpack_sha1_header(&stream, map, mapsize, hdr, sizeof(hdr)) < 0)
1186 status = error("unable to unpack %s header",
1187 sha1_to_hex(sha1));
1188 if (status < 0)
1189 ; /* Do nothing */
1190 else if (hdrbuf.len) {
1191 if ((status = parse_sha1_header_extended(hdrbuf.buf, oi, flags)) < 0)
1192 status = error("unable to parse %s header with --allow-unknown-type",
1193 sha1_to_hex(sha1));
1194 } else if ((status = parse_sha1_header_extended(hdr, oi, flags)) < 0)
1195 status = error("unable to parse %s header", sha1_to_hex(sha1));
1196
1197 if (status >= 0 && oi->contentp) {
1198 *oi->contentp = unpack_sha1_rest(&stream, hdr,
1199 *oi->sizep, sha1);
1200 if (!*oi->contentp) {
1201 git_inflate_end(&stream);
1202 status = -1;
1203 }
1204 } else
1205 git_inflate_end(&stream);
1206
1207 munmap(map, mapsize);
1208 if (status && oi->typep)
1209 *oi->typep = status;
1210 if (oi->sizep == &size_scratch)
1211 oi->sizep = NULL;
1212 strbuf_release(&hdrbuf);
1213 oi->whence = OI_LOOSE;
1214 return (status < 0) ? status : 0;
1215 }
1216
1217 int fetch_if_missing = 1;
1218
1219 int sha1_object_info_extended(const unsigned char *sha1, struct object_info *oi, unsigned flags)
1220 {
1221 static struct object_info blank_oi = OBJECT_INFO_INIT;
1222 struct pack_entry e;
1223 int rtype;
1224 const unsigned char *real = (flags & OBJECT_INFO_LOOKUP_REPLACE) ?
1225 lookup_replace_object(sha1) :
1226 sha1;
1227 int already_retried = 0;
1228
1229 if (is_null_sha1(real))
1230 return -1;
1231
1232 if (!oi)
1233 oi = &blank_oi;
1234
1235 if (!(flags & OBJECT_INFO_SKIP_CACHED)) {
1236 struct cached_object *co = find_cached_object(real);
1237 if (co) {
1238 if (oi->typep)
1239 *(oi->typep) = co->type;
1240 if (oi->sizep)
1241 *(oi->sizep) = co->size;
1242 if (oi->disk_sizep)
1243 *(oi->disk_sizep) = 0;
1244 if (oi->delta_base_sha1)
1245 hashclr(oi->delta_base_sha1);
1246 if (oi->typename)
1247 strbuf_addstr(oi->typename, typename(co->type));
1248 if (oi->contentp)
1249 *oi->contentp = xmemdupz(co->buf, co->size);
1250 oi->whence = OI_CACHED;
1251 return 0;
1252 }
1253 }
1254
1255 while (1) {
1256 if (find_pack_entry(real, &e))
1257 break;
1258
1259 /* Most likely it's a loose object. */
1260 if (!sha1_loose_object_info(real, oi, flags))
1261 return 0;
1262
1263 /* Not a loose object; someone else may have just packed it. */
1264 reprepare_packed_git();
1265 if (find_pack_entry(real, &e))
1266 break;
1267
1268 /* Check if it is a missing object */
1269 if (fetch_if_missing && repository_format_partial_clone &&
1270 !already_retried) {
1271 /*
1272 * TODO Investigate haveing fetch_object() return
1273 * TODO error/success and stopping the music here.
1274 */
1275 fetch_object(repository_format_partial_clone, real);
1276 already_retried = 1;
1277 continue;
1278 }
1279
1280 return -1;
1281 }
1282
1283 if (oi == &blank_oi)
1284 /*
1285 * We know that the caller doesn't actually need the
1286 * information below, so return early.
1287 */
1288 return 0;
1289 rtype = packed_object_info(e.p, e.offset, oi);
1290 if (rtype < 0) {
1291 mark_bad_packed_object(e.p, real);
1292 return sha1_object_info_extended(real, oi, 0);
1293 } else if (oi->whence == OI_PACKED) {
1294 oi->u.packed.offset = e.offset;
1295 oi->u.packed.pack = e.p;
1296 oi->u.packed.is_delta = (rtype == OBJ_REF_DELTA ||
1297 rtype == OBJ_OFS_DELTA);
1298 }
1299
1300 return 0;
1301 }
1302
1303 /* returns enum object_type or negative */
1304 int sha1_object_info(const unsigned char *sha1, unsigned long *sizep)
1305 {
1306 enum object_type type;
1307 struct object_info oi = OBJECT_INFO_INIT;
1308
1309 oi.typep = &type;
1310 oi.sizep = sizep;
1311 if (sha1_object_info_extended(sha1, &oi,
1312 OBJECT_INFO_LOOKUP_REPLACE) < 0)
1313 return -1;
1314 return type;
1315 }
1316
1317 static void *read_object(const unsigned char *sha1, enum object_type *type,
1318 unsigned long *size)
1319 {
1320 struct object_info oi = OBJECT_INFO_INIT;
1321 void *content;
1322 oi.typep = type;
1323 oi.sizep = size;
1324 oi.contentp = &content;
1325
1326 if (sha1_object_info_extended(sha1, &oi, 0) < 0)
1327 return NULL;
1328 return content;
1329 }
1330
1331 int pretend_sha1_file(void *buf, unsigned long len, enum object_type type,
1332 unsigned char *sha1)
1333 {
1334 struct cached_object *co;
1335
1336 hash_sha1_file(buf, len, typename(type), sha1);
1337 if (has_sha1_file(sha1) || find_cached_object(sha1))
1338 return 0;
1339 ALLOC_GROW(cached_objects, cached_object_nr + 1, cached_object_alloc);
1340 co = &cached_objects[cached_object_nr++];
1341 co->size = len;
1342 co->type = type;
1343 co->buf = xmalloc(len);
1344 memcpy(co->buf, buf, len);
1345 hashcpy(co->sha1, sha1);
1346 return 0;
1347 }
1348
1349 /*
1350 * This function dies on corrupt objects; the callers who want to
1351 * deal with them should arrange to call read_object() and give error
1352 * messages themselves.
1353 */
1354 void *read_sha1_file_extended(const unsigned char *sha1,
1355 enum object_type *type,
1356 unsigned long *size,
1357 int lookup_replace)
1358 {
1359 void *data;
1360 const struct packed_git *p;
1361 const char *path;
1362 struct stat st;
1363 const unsigned char *repl = lookup_replace ? lookup_replace_object(sha1)
1364 : sha1;
1365
1366 errno = 0;
1367 data = read_object(repl, type, size);
1368 if (data)
1369 return data;
1370
1371 if (errno && errno != ENOENT)
1372 die_errno("failed to read object %s", sha1_to_hex(sha1));
1373
1374 /* die if we replaced an object with one that does not exist */
1375 if (repl != sha1)
1376 die("replacement %s not found for %s",
1377 sha1_to_hex(repl), sha1_to_hex(sha1));
1378
1379 if (!stat_sha1_file(repl, &st, &path))
1380 die("loose object %s (stored in %s) is corrupt",
1381 sha1_to_hex(repl), path);
1382
1383 if ((p = has_packed_and_bad(repl)) != NULL)
1384 die("packed object %s (stored in %s) is corrupt",
1385 sha1_to_hex(repl), p->pack_name);
1386
1387 return NULL;
1388 }
1389
1390 void *read_object_with_reference(const unsigned char *sha1,
1391 const char *required_type_name,
1392 unsigned long *size,
1393 unsigned char *actual_sha1_return)
1394 {
1395 enum object_type type, required_type;
1396 void *buffer;
1397 unsigned long isize;
1398 unsigned char actual_sha1[20];
1399
1400 required_type = type_from_string(required_type_name);
1401 hashcpy(actual_sha1, sha1);
1402 while (1) {
1403 int ref_length = -1;
1404 const char *ref_type = NULL;
1405
1406 buffer = read_sha1_file(actual_sha1, &type, &isize);
1407 if (!buffer)
1408 return NULL;
1409 if (type == required_type) {
1410 *size = isize;
1411 if (actual_sha1_return)
1412 hashcpy(actual_sha1_return, actual_sha1);
1413 return buffer;
1414 }
1415 /* Handle references */
1416 else if (type == OBJ_COMMIT)
1417 ref_type = "tree ";
1418 else if (type == OBJ_TAG)
1419 ref_type = "object ";
1420 else {
1421 free(buffer);
1422 return NULL;
1423 }
1424 ref_length = strlen(ref_type);
1425
1426 if (ref_length + 40 > isize ||
1427 memcmp(buffer, ref_type, ref_length) ||
1428 get_sha1_hex((char *) buffer + ref_length, actual_sha1)) {
1429 free(buffer);
1430 return NULL;
1431 }
1432 free(buffer);
1433 /* Now we have the ID of the referred-to object in
1434 * actual_sha1. Check again. */
1435 }
1436 }
1437
1438 static void write_sha1_file_prepare(const void *buf, unsigned long len,
1439 const char *type, unsigned char *sha1,
1440 char *hdr, int *hdrlen)
1441 {
1442 git_SHA_CTX c;
1443
1444 /* Generate the header */
1445 *hdrlen = xsnprintf(hdr, *hdrlen, "%s %lu", type, len)+1;
1446
1447 /* Sha1.. */
1448 git_SHA1_Init(&c);
1449 git_SHA1_Update(&c, hdr, *hdrlen);
1450 git_SHA1_Update(&c, buf, len);
1451 git_SHA1_Final(sha1, &c);
1452 }
1453
1454 /*
1455 * Move the just written object into its final resting place.
1456 */
1457 int finalize_object_file(const char *tmpfile, const char *filename)
1458 {
1459 int ret = 0;
1460
1461 if (object_creation_mode == OBJECT_CREATION_USES_RENAMES)
1462 goto try_rename;
1463 else if (link(tmpfile, filename))
1464 ret = errno;
1465
1466 /*
1467 * Coda hack - coda doesn't like cross-directory links,
1468 * so we fall back to a rename, which will mean that it
1469 * won't be able to check collisions, but that's not a
1470 * big deal.
1471 *
1472 * The same holds for FAT formatted media.
1473 *
1474 * When this succeeds, we just return. We have nothing
1475 * left to unlink.
1476 */
1477 if (ret && ret != EEXIST) {
1478 try_rename:
1479 if (!rename(tmpfile, filename))
1480 goto out;
1481 ret = errno;
1482 }
1483 unlink_or_warn(tmpfile);
1484 if (ret) {
1485 if (ret != EEXIST) {
1486 return error_errno("unable to write sha1 filename %s", filename);
1487 }
1488 /* FIXME!!! Collision check here ? */
1489 }
1490
1491 out:
1492 if (adjust_shared_perm(filename))
1493 return error("unable to set permission to '%s'", filename);
1494 return 0;
1495 }
1496
1497 static int write_buffer(int fd, const void *buf, size_t len)
1498 {
1499 if (write_in_full(fd, buf, len) < 0)
1500 return error_errno("file write error");
1501 return 0;
1502 }
1503
1504 int hash_sha1_file(const void *buf, unsigned long len, const char *type,
1505 unsigned char *sha1)
1506 {
1507 char hdr[32];
1508 int hdrlen = sizeof(hdr);
1509 write_sha1_file_prepare(buf, len, type, sha1, hdr, &hdrlen);
1510 return 0;
1511 }
1512
1513 /* Finalize a file on disk, and close it. */
1514 static void close_sha1_file(int fd)
1515 {
1516 if (fsync_object_files)
1517 fsync_or_die(fd, "sha1 file");
1518 if (close(fd) != 0)
1519 die_errno("error when closing sha1 file");
1520 }
1521
1522 /* Size of directory component, including the ending '/' */
1523 static inline int directory_size(const char *filename)
1524 {
1525 const char *s = strrchr(filename, '/');
1526 if (!s)
1527 return 0;
1528 return s - filename + 1;
1529 }
1530
1531 /*
1532 * This creates a temporary file in the same directory as the final
1533 * 'filename'
1534 *
1535 * We want to avoid cross-directory filename renames, because those
1536 * can have problems on various filesystems (FAT, NFS, Coda).
1537 */
1538 static int create_tmpfile(struct strbuf *tmp, const char *filename)
1539 {
1540 int fd, dirlen = directory_size(filename);
1541
1542 strbuf_reset(tmp);
1543 strbuf_add(tmp, filename, dirlen);
1544 strbuf_addstr(tmp, "tmp_obj_XXXXXX");
1545 fd = git_mkstemp_mode(tmp->buf, 0444);
1546 if (fd < 0 && dirlen && errno == ENOENT) {
1547 /*
1548 * Make sure the directory exists; note that the contents
1549 * of the buffer are undefined after mkstemp returns an
1550 * error, so we have to rewrite the whole buffer from
1551 * scratch.
1552 */
1553 strbuf_reset(tmp);
1554 strbuf_add(tmp, filename, dirlen - 1);
1555 if (mkdir(tmp->buf, 0777) && errno != EEXIST)
1556 return -1;
1557 if (adjust_shared_perm(tmp->buf))
1558 return -1;
1559
1560 /* Try again */
1561 strbuf_addstr(tmp, "/tmp_obj_XXXXXX");
1562 fd = git_mkstemp_mode(tmp->buf, 0444);
1563 }
1564 return fd;
1565 }
1566
1567 static int write_loose_object(const unsigned char *sha1, char *hdr, int hdrlen,
1568 const void *buf, unsigned long len, time_t mtime)
1569 {
1570 int fd, ret;
1571 unsigned char compressed[4096];
1572 git_zstream stream;
1573 git_SHA_CTX c;
1574 unsigned char parano_sha1[20];
1575 static struct strbuf tmp_file = STRBUF_INIT;
1576 const char *filename = sha1_file_name(sha1);
1577
1578 fd = create_tmpfile(&tmp_file, filename);
1579 if (fd < 0) {
1580 if (errno == EACCES)
1581 return error("insufficient permission for adding an object to repository database %s", get_object_directory());
1582 else
1583 return error_errno("unable to create temporary file");
1584 }
1585
1586 /* Set it up */
1587 git_deflate_init(&stream, zlib_compression_level);
1588 stream.next_out = compressed;
1589 stream.avail_out = sizeof(compressed);
1590 git_SHA1_Init(&c);
1591
1592 /* First header.. */
1593 stream.next_in = (unsigned char *)hdr;
1594 stream.avail_in = hdrlen;
1595 while (git_deflate(&stream, 0) == Z_OK)
1596 ; /* nothing */
1597 git_SHA1_Update(&c, hdr, hdrlen);
1598
1599 /* Then the data itself.. */
1600 stream.next_in = (void *)buf;
1601 stream.avail_in = len;
1602 do {
1603 unsigned char *in0 = stream.next_in;
1604 ret = git_deflate(&stream, Z_FINISH);
1605 git_SHA1_Update(&c, in0, stream.next_in - in0);
1606 if (write_buffer(fd, compressed, stream.next_out - compressed) < 0)
1607 die("unable to write sha1 file");
1608 stream.next_out = compressed;
1609 stream.avail_out = sizeof(compressed);
1610 } while (ret == Z_OK);
1611
1612 if (ret != Z_STREAM_END)
1613 die("unable to deflate new object %s (%d)", sha1_to_hex(sha1), ret);
1614 ret = git_deflate_end_gently(&stream);
1615 if (ret != Z_OK)
1616 die("deflateEnd on object %s failed (%d)", sha1_to_hex(sha1), ret);
1617 git_SHA1_Final(parano_sha1, &c);
1618 if (hashcmp(sha1, parano_sha1) != 0)
1619 die("confused by unstable object source data for %s", sha1_to_hex(sha1));
1620
1621 close_sha1_file(fd);
1622
1623 if (mtime) {
1624 struct utimbuf utb;
1625 utb.actime = mtime;
1626 utb.modtime = mtime;
1627 if (utime(tmp_file.buf, &utb) < 0)
1628 warning_errno("failed utime() on %s", tmp_file.buf);
1629 }
1630
1631 return finalize_object_file(tmp_file.buf, filename);
1632 }
1633
1634 static int freshen_loose_object(const unsigned char *sha1)
1635 {
1636 return check_and_freshen(sha1, 1);
1637 }
1638
1639 static int freshen_packed_object(const unsigned char *sha1)
1640 {
1641 struct pack_entry e;
1642 if (!find_pack_entry(sha1, &e))
1643 return 0;
1644 if (e.p->freshened)
1645 return 1;
1646 if (!freshen_file(e.p->pack_name))
1647 return 0;
1648 e.p->freshened = 1;
1649 return 1;
1650 }
1651
1652 int write_sha1_file(const void *buf, unsigned long len, const char *type, unsigned char *sha1)
1653 {
1654 char hdr[32];
1655 int hdrlen = sizeof(hdr);
1656
1657 /* Normally if we have it in the pack then we do not bother writing
1658 * it out into .git/objects/??/?{38} file.
1659 */
1660 write_sha1_file_prepare(buf, len, type, sha1, hdr, &hdrlen);
1661 if (freshen_packed_object(sha1) || freshen_loose_object(sha1))
1662 return 0;
1663 return write_loose_object(sha1, hdr, hdrlen, buf, len, 0);
1664 }
1665
1666 int hash_sha1_file_literally(const void *buf, unsigned long len, const char *type,
1667 struct object_id *oid, unsigned flags)
1668 {
1669 char *header;
1670 int hdrlen, status = 0;
1671
1672 /* type string, SP, %lu of the length plus NUL must fit this */
1673 hdrlen = strlen(type) + 32;
1674 header = xmalloc(hdrlen);
1675 write_sha1_file_prepare(buf, len, type, oid->hash, header, &hdrlen);
1676
1677 if (!(flags & HASH_WRITE_OBJECT))
1678 goto cleanup;
1679 if (freshen_packed_object(oid->hash) || freshen_loose_object(oid->hash))
1680 goto cleanup;
1681 status = write_loose_object(oid->hash, header, hdrlen, buf, len, 0);
1682
1683 cleanup:
1684 free(header);
1685 return status;
1686 }
1687
1688 int force_object_loose(const unsigned char *sha1, time_t mtime)
1689 {
1690 void *buf;
1691 unsigned long len;
1692 enum object_type type;
1693 char hdr[32];
1694 int hdrlen;
1695 int ret;
1696
1697 if (has_loose_object(sha1))
1698 return 0;
1699 buf = read_object(sha1, &type, &len);
1700 if (!buf)
1701 return error("cannot read sha1_file for %s", sha1_to_hex(sha1));
1702 hdrlen = xsnprintf(hdr, sizeof(hdr), "%s %lu", typename(type), len) + 1;
1703 ret = write_loose_object(sha1, hdr, hdrlen, buf, len, mtime);
1704 free(buf);
1705
1706 return ret;
1707 }
1708
1709 int has_sha1_file_with_flags(const unsigned char *sha1, int flags)
1710 {
1711 if (!startup_info->have_repository)
1712 return 0;
1713 return sha1_object_info_extended(sha1, NULL,
1714 flags | OBJECT_INFO_SKIP_CACHED) >= 0;
1715 }
1716
1717 int has_object_file(const struct object_id *oid)
1718 {
1719 return has_sha1_file(oid->hash);
1720 }
1721
1722 int has_object_file_with_flags(const struct object_id *oid, int flags)
1723 {
1724 return has_sha1_file_with_flags(oid->hash, flags);
1725 }
1726
1727 static void check_tree(const void *buf, size_t size)
1728 {
1729 struct tree_desc desc;
1730 struct name_entry entry;
1731
1732 init_tree_desc(&desc, buf, size);
1733 while (tree_entry(&desc, &entry))
1734 /* do nothing
1735 * tree_entry() will die() on malformed entries */
1736 ;
1737 }
1738
1739 static void check_commit(const void *buf, size_t size)
1740 {
1741 struct commit c;
1742 memset(&c, 0, sizeof(c));
1743 if (parse_commit_buffer(&c, buf, size))
1744 die("corrupt commit");
1745 }
1746
1747 static void check_tag(const void *buf, size_t size)
1748 {
1749 struct tag t;
1750 memset(&t, 0, sizeof(t));
1751 if (parse_tag_buffer(&t, buf, size))
1752 die("corrupt tag");
1753 }
1754
1755 static int index_mem(struct object_id *oid, void *buf, size_t size,
1756 enum object_type type,
1757 const char *path, unsigned flags)
1758 {
1759 int ret, re_allocated = 0;
1760 int write_object = flags & HASH_WRITE_OBJECT;
1761
1762 if (!type)
1763 type = OBJ_BLOB;
1764
1765 /*
1766 * Convert blobs to git internal format
1767 */
1768 if ((type == OBJ_BLOB) && path) {
1769 struct strbuf nbuf = STRBUF_INIT;
1770 if (convert_to_git(&the_index, path, buf, size, &nbuf,
1771 get_safe_crlf(flags))) {
1772 buf = strbuf_detach(&nbuf, &size);
1773 re_allocated = 1;
1774 }
1775 }
1776 if (flags & HASH_FORMAT_CHECK) {
1777 if (type == OBJ_TREE)
1778 check_tree(buf, size);
1779 if (type == OBJ_COMMIT)
1780 check_commit(buf, size);
1781 if (type == OBJ_TAG)
1782 check_tag(buf, size);
1783 }
1784
1785 if (write_object)
1786 ret = write_sha1_file(buf, size, typename(type), oid->hash);
1787 else
1788 ret = hash_sha1_file(buf, size, typename(type), oid->hash);
1789 if (re_allocated)
1790 free(buf);
1791 return ret;
1792 }
1793
1794 static int index_stream_convert_blob(struct object_id *oid, int fd,
1795 const char *path, unsigned flags)
1796 {
1797 int ret;
1798 const int write_object = flags & HASH_WRITE_OBJECT;
1799 struct strbuf sbuf = STRBUF_INIT;
1800
1801 assert(path);
1802 assert(would_convert_to_git_filter_fd(path));
1803
1804 convert_to_git_filter_fd(&the_index, path, fd, &sbuf,
1805 get_safe_crlf(flags));
1806
1807 if (write_object)
1808 ret = write_sha1_file(sbuf.buf, sbuf.len, typename(OBJ_BLOB),
1809 oid->hash);
1810 else
1811 ret = hash_sha1_file(sbuf.buf, sbuf.len, typename(OBJ_BLOB),
1812 oid->hash);
1813 strbuf_release(&sbuf);
1814 return ret;
1815 }
1816
1817 static int index_pipe(struct object_id *oid, int fd, enum object_type type,
1818 const char *path, unsigned flags)
1819 {
1820 struct strbuf sbuf = STRBUF_INIT;
1821 int ret;
1822
1823 if (strbuf_read(&sbuf, fd, 4096) >= 0)
1824 ret = index_mem(oid, sbuf.buf, sbuf.len, type, path, flags);
1825 else
1826 ret = -1;
1827 strbuf_release(&sbuf);
1828 return ret;
1829 }
1830
1831 #define SMALL_FILE_SIZE (32*1024)
1832
1833 static int index_core(struct object_id *oid, int fd, size_t size,
1834 enum object_type type, const char *path,
1835 unsigned flags)
1836 {
1837 int ret;
1838
1839 if (!size) {
1840 ret = index_mem(oid, "", size, type, path, flags);
1841 } else if (size <= SMALL_FILE_SIZE) {
1842 char *buf = xmalloc(size);
1843 ssize_t read_result = read_in_full(fd, buf, size);
1844 if (read_result < 0)
1845 ret = error_errno("read error while indexing %s",
1846 path ? path : "<unknown>");
1847 else if (read_result != size)
1848 ret = error("short read while indexing %s",
1849 path ? path : "<unknown>");
1850 else
1851 ret = index_mem(oid, buf, size, type, path, flags);
1852 free(buf);
1853 } else {
1854 void *buf = xmmap(NULL, size, PROT_READ, MAP_PRIVATE, fd, 0);
1855 ret = index_mem(oid, buf, size, type, path, flags);
1856 munmap(buf, size);
1857 }
1858 return ret;
1859 }
1860
1861 /*
1862 * This creates one packfile per large blob unless bulk-checkin
1863 * machinery is "plugged".
1864 *
1865 * This also bypasses the usual "convert-to-git" dance, and that is on
1866 * purpose. We could write a streaming version of the converting
1867 * functions and insert that before feeding the data to fast-import
1868 * (or equivalent in-core API described above). However, that is
1869 * somewhat complicated, as we do not know the size of the filter
1870 * result, which we need to know beforehand when writing a git object.
1871 * Since the primary motivation for trying to stream from the working
1872 * tree file and to avoid mmaping it in core is to deal with large
1873 * binary blobs, they generally do not want to get any conversion, and
1874 * callers should avoid this code path when filters are requested.
1875 */
1876 static int index_stream(struct object_id *oid, int fd, size_t size,
1877 enum object_type type, const char *path,
1878 unsigned flags)
1879 {
1880 return index_bulk_checkin(oid->hash, fd, size, type, path, flags);
1881 }
1882
1883 int index_fd(struct object_id *oid, int fd, struct stat *st,
1884 enum object_type type, const char *path, unsigned flags)
1885 {
1886 int ret;
1887
1888 /*
1889 * Call xsize_t() only when needed to avoid potentially unnecessary
1890 * die() for large files.
1891 */
1892 if (type == OBJ_BLOB && path && would_convert_to_git_filter_fd(path))
1893 ret = index_stream_convert_blob(oid, fd, path, flags);
1894 else if (!S_ISREG(st->st_mode))
1895 ret = index_pipe(oid, fd, type, path, flags);
1896 else if (st->st_size <= big_file_threshold || type != OBJ_BLOB ||
1897 (path && would_convert_to_git(&the_index, path)))
1898 ret = index_core(oid, fd, xsize_t(st->st_size), type, path,
1899 flags);
1900 else
1901 ret = index_stream(oid, fd, xsize_t(st->st_size), type, path,
1902 flags);
1903 close(fd);
1904 return ret;
1905 }
1906
1907 int index_path(struct object_id *oid, const char *path, struct stat *st, unsigned flags)
1908 {
1909 int fd;
1910 struct strbuf sb = STRBUF_INIT;
1911 int rc = 0;
1912
1913 switch (st->st_mode & S_IFMT) {
1914 case S_IFREG:
1915 fd = open(path, O_RDONLY);
1916 if (fd < 0)
1917 return error_errno("open(\"%s\")", path);
1918 if (index_fd(oid, fd, st, OBJ_BLOB, path, flags) < 0)
1919 return error("%s: failed to insert into database",
1920 path);
1921 break;
1922 case S_IFLNK:
1923 if (strbuf_readlink(&sb, path, st->st_size))
1924 return error_errno("readlink(\"%s\")", path);
1925 if (!(flags & HASH_WRITE_OBJECT))
1926 hash_sha1_file(sb.buf, sb.len, blob_type, oid->hash);
1927 else if (write_sha1_file(sb.buf, sb.len, blob_type, oid->hash))
1928 rc = error("%s: failed to insert into database", path);
1929 strbuf_release(&sb);
1930 break;
1931 case S_IFDIR:
1932 return resolve_gitlink_ref(path, "HEAD", oid);
1933 default:
1934 return error("%s: unsupported file type", path);
1935 }
1936 return rc;
1937 }
1938
1939 int read_pack_header(int fd, struct pack_header *header)
1940 {
1941 if (read_in_full(fd, header, sizeof(*header)) != sizeof(*header))
1942 /* "eof before pack header was fully read" */
1943 return PH_ERROR_EOF;
1944
1945 if (header->hdr_signature != htonl(PACK_SIGNATURE))
1946 /* "protocol error (pack signature mismatch detected)" */
1947 return PH_ERROR_PACK_SIGNATURE;
1948 if (!pack_version_ok(header->hdr_version))
1949 /* "protocol error (pack version unsupported)" */
1950 return PH_ERROR_PROTOCOL;
1951 return 0;
1952 }
1953
1954 void assert_sha1_type(const unsigned char *sha1, enum object_type expect)
1955 {
1956 enum object_type type = sha1_object_info(sha1, NULL);
1957 if (type < 0)
1958 die("%s is not a valid object", sha1_to_hex(sha1));
1959 if (type != expect)
1960 die("%s is not a valid '%s' object", sha1_to_hex(sha1),
1961 typename(expect));
1962 }
1963
1964 int for_each_file_in_obj_subdir(unsigned int subdir_nr,
1965 struct strbuf *path,
1966 each_loose_object_fn obj_cb,
1967 each_loose_cruft_fn cruft_cb,
1968 each_loose_subdir_fn subdir_cb,
1969 void *data)
1970 {
1971 size_t origlen, baselen;
1972 DIR *dir;
1973 struct dirent *de;
1974 int r = 0;
1975 struct object_id oid;
1976
1977 if (subdir_nr > 0xff)
1978 BUG("invalid loose object subdirectory: %x", subdir_nr);
1979
1980 origlen = path->len;
1981 strbuf_complete(path, '/');
1982 strbuf_addf(path, "%02x", subdir_nr);
1983
1984 dir = opendir(path->buf);
1985 if (!dir) {
1986 if (errno != ENOENT)
1987 r = error_errno("unable to open %s", path->buf);
1988 strbuf_setlen(path, origlen);
1989 return r;
1990 }
1991
1992 oid.hash[0] = subdir_nr;
1993 strbuf_addch(path, '/');
1994 baselen = path->len;
1995
1996 while ((de = readdir(dir))) {
1997 size_t namelen;
1998 if (is_dot_or_dotdot(de->d_name))
1999 continue;
2000
2001 namelen = strlen(de->d_name);
2002 strbuf_setlen(path, baselen);
2003 strbuf_add(path, de->d_name, namelen);
2004 if (namelen == GIT_SHA1_HEXSZ - 2 &&
2005 !hex_to_bytes(oid.hash + 1, de->d_name,
2006 GIT_SHA1_RAWSZ - 1)) {
2007 if (obj_cb) {
2008 r = obj_cb(&oid, path->buf, data);
2009 if (r)
2010 break;
2011 }
2012 continue;
2013 }
2014
2015 if (cruft_cb) {
2016 r = cruft_cb(de->d_name, path->buf, data);
2017 if (r)
2018 break;
2019 }
2020 }
2021 closedir(dir);
2022
2023 strbuf_setlen(path, baselen - 1);
2024 if (!r && subdir_cb)
2025 r = subdir_cb(subdir_nr, path->buf, data);
2026
2027 strbuf_setlen(path, origlen);
2028
2029 return r;
2030 }
2031
2032 int for_each_loose_file_in_objdir_buf(struct strbuf *path,
2033 each_loose_object_fn obj_cb,
2034 each_loose_cruft_fn cruft_cb,
2035 each_loose_subdir_fn subdir_cb,
2036 void *data)
2037 {
2038 int r = 0;
2039 int i;
2040
2041 for (i = 0; i < 256; i++) {
2042 r = for_each_file_in_obj_subdir(i, path, obj_cb, cruft_cb,
2043 subdir_cb, data);
2044 if (r)
2045 break;
2046 }
2047
2048 return r;
2049 }
2050
2051 int for_each_loose_file_in_objdir(const char *path,
2052 each_loose_object_fn obj_cb,
2053 each_loose_cruft_fn cruft_cb,
2054 each_loose_subdir_fn subdir_cb,
2055 void *data)
2056 {
2057 struct strbuf buf = STRBUF_INIT;
2058 int r;
2059
2060 strbuf_addstr(&buf, path);
2061 r = for_each_loose_file_in_objdir_buf(&buf, obj_cb, cruft_cb,
2062 subdir_cb, data);
2063 strbuf_release(&buf);
2064
2065 return r;
2066 }
2067
2068 struct loose_alt_odb_data {
2069 each_loose_object_fn *cb;
2070 void *data;
2071 };
2072
2073 static int loose_from_alt_odb(struct alternate_object_database *alt,
2074 void *vdata)
2075 {
2076 struct loose_alt_odb_data *data = vdata;
2077 struct strbuf buf = STRBUF_INIT;
2078 int r;
2079
2080 strbuf_addstr(&buf, alt->path);
2081 r = for_each_loose_file_in_objdir_buf(&buf,
2082 data->cb, NULL, NULL,
2083 data->data);
2084 strbuf_release(&buf);
2085 return r;
2086 }
2087
2088 int for_each_loose_object(each_loose_object_fn cb, void *data, unsigned flags)
2089 {
2090 struct loose_alt_odb_data alt;
2091 int r;
2092
2093 r = for_each_loose_file_in_objdir(get_object_directory(),
2094 cb, NULL, NULL, data);
2095 if (r)
2096 return r;
2097
2098 if (flags & FOR_EACH_OBJECT_LOCAL_ONLY)
2099 return 0;
2100
2101 alt.cb = cb;
2102 alt.data = data;
2103 return foreach_alt_odb(loose_from_alt_odb, &alt);
2104 }
2105
2106 static int check_stream_sha1(git_zstream *stream,
2107 const char *hdr,
2108 unsigned long size,
2109 const char *path,
2110 const unsigned char *expected_sha1)
2111 {
2112 git_SHA_CTX c;
2113 unsigned char real_sha1[GIT_MAX_RAWSZ];
2114 unsigned char buf[4096];
2115 unsigned long total_read;
2116 int status = Z_OK;
2117
2118 git_SHA1_Init(&c);
2119 git_SHA1_Update(&c, hdr, stream->total_out);
2120
2121 /*
2122 * We already read some bytes into hdr, but the ones up to the NUL
2123 * do not count against the object's content size.
2124 */
2125 total_read = stream->total_out - strlen(hdr) - 1;
2126
2127 /*
2128 * This size comparison must be "<=" to read the final zlib packets;
2129 * see the comment in unpack_sha1_rest for details.
2130 */
2131 while (total_read <= size &&
2132 (status == Z_OK || status == Z_BUF_ERROR)) {
2133 stream->next_out = buf;
2134 stream->avail_out = sizeof(buf);
2135 if (size - total_read < stream->avail_out)
2136 stream->avail_out = size - total_read;
2137 status = git_inflate(stream, Z_FINISH);
2138 git_SHA1_Update(&c, buf, stream->next_out - buf);
2139 total_read += stream->next_out - buf;
2140 }
2141 git_inflate_end(stream);
2142
2143 if (status != Z_STREAM_END) {
2144 error("corrupt loose object '%s'", sha1_to_hex(expected_sha1));
2145 return -1;
2146 }
2147 if (stream->avail_in) {
2148 error("garbage at end of loose object '%s'",
2149 sha1_to_hex(expected_sha1));
2150 return -1;
2151 }
2152
2153 git_SHA1_Final(real_sha1, &c);
2154 if (hashcmp(expected_sha1, real_sha1)) {
2155 error("sha1 mismatch for %s (expected %s)", path,
2156 sha1_to_hex(expected_sha1));
2157 return -1;
2158 }
2159
2160 return 0;
2161 }
2162
2163 int read_loose_object(const char *path,
2164 const unsigned char *expected_sha1,
2165 enum object_type *type,
2166 unsigned long *size,
2167 void **contents)
2168 {
2169 int ret = -1;
2170 void *map = NULL;
2171 unsigned long mapsize;
2172 git_zstream stream;
2173 char hdr[32];
2174
2175 *contents = NULL;
2176
2177 map = map_sha1_file_1(path, NULL, &mapsize);
2178 if (!map) {
2179 error_errno("unable to mmap %s", path);
2180 goto out;
2181 }
2182
2183 if (unpack_sha1_header(&stream, map, mapsize, hdr, sizeof(hdr)) < 0) {
2184 error("unable to unpack header of %s", path);
2185 goto out;
2186 }
2187
2188 *type = parse_sha1_header(hdr, size);
2189 if (*type < 0) {
2190 error("unable to parse header of %s", path);
2191 git_inflate_end(&stream);
2192 goto out;
2193 }
2194
2195 if (*type == OBJ_BLOB) {
2196 if (check_stream_sha1(&stream, hdr, *size, path, expected_sha1) < 0)
2197 goto out;
2198 } else {
2199 *contents = unpack_sha1_rest(&stream, hdr, *size, expected_sha1);
2200 if (!*contents) {
2201 error("unable to unpack contents of %s", path);
2202 git_inflate_end(&stream);
2203 goto out;
2204 }
2205 if (check_sha1_signature(expected_sha1, *contents,
2206 *size, typename(*type))) {
2207 error("sha1 mismatch for %s (expected %s)", path,
2208 sha1_to_hex(expected_sha1));
2209 free(*contents);
2210 goto out;
2211 }
2212 }
2213
2214 ret = 0; /* everything checks out */
2215
2216 out:
2217 if (map)
2218 munmap(map, mapsize);
2219 return ret;
2220 }