]> git.ipfire.org Git - thirdparty/git.git/blob - refs.c
projects / thirdparty / git.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Do not use memcmp(sha1_1, sha1_2, 20) with hardcoded length.
[thirdparty/git.git] / refs.c
1 #include "refs.h"
2 #include "cache.h"
3
4 #include <errno.h>
5
6 /* We allow "recursive" symbolic refs. Only within reason, though */
7 #define MAXDEPTH 5
8
9 const char *resolve_ref(const char *path, unsigned char *sha1, int reading)
10 {
11 int depth = MAXDEPTH, len;
12 char buffer[256];
13
14 for (;;) {
15 struct stat st;
16 char *buf;
17 int fd;
18
19 if (--depth < 0)
20 return NULL;
21
22 /* Special case: non-existing file.
23 * Not having the refs/heads/new-branch is OK
24 * if we are writing into it, so is .git/HEAD
25 * that points at refs/heads/master still to be
26 * born. It is NOT OK if we are resolving for
27 * reading.
28 */
29 if (lstat(path, &st) < 0) {
30 if (reading || errno != ENOENT)
31 return NULL;
32 memset(sha1, 0, 20);
33 return path;
34 }
35
36 /* Follow "normalized" - ie "refs/.." symlinks by hand */
37 if (S_ISLNK(st.st_mode)) {
38 len = readlink(path, buffer, sizeof(buffer)-1);
39 if (len >= 5 && !memcmp("refs/", buffer, 5)) {
40 path = git_path("%.*s", len, buffer);
41 continue;
42 }
43 }
44
45 /*
46 * Anything else, just open it and try to use it as
47 * a ref
48 */
49 fd = open(path, O_RDONLY);
50 if (fd < 0)
51 return NULL;
52 len = read(fd, buffer, sizeof(buffer)-1);
53 close(fd);
54
55 /*
56 * Is it a symbolic ref?
57 */
58 if (len < 4 || memcmp("ref:", buffer, 4))
59 break;
60 buf = buffer + 4;
61 len -= 4;
62 while (len && isspace(*buf))
63 buf++, len--;
64 while (len && isspace(buf[len-1]))
65 buf[--len] = 0;
66 path = git_path("%.*s", len, buf);
67 }
68 if (len < 40 || get_sha1_hex(buffer, sha1))
69 return NULL;
70 return path;
71 }
72
73 int create_symref(const char *git_HEAD, const char *refs_heads_master)
74 {
75 const char *lockpath;
76 char ref[1000];
77 int fd, len, written;
78
79 #ifndef NO_SYMLINK_HEAD
80 if (prefer_symlink_refs) {
81 unlink(git_HEAD);
82 if (!symlink(refs_heads_master, git_HEAD))
83 return 0;
84 fprintf(stderr, "no symlink - falling back to symbolic ref\n");
85 }
86 #endif
87
88 len = snprintf(ref, sizeof(ref), "ref: %s\n", refs_heads_master);
89 if (sizeof(ref) <= len) {
90 error("refname too long: %s", refs_heads_master);
91 return -1;
92 }
93 lockpath = mkpath("%s.lock", git_HEAD);
94 fd = open(lockpath, O_CREAT | O_EXCL | O_WRONLY, 0666);
95 written = write(fd, ref, len);
96 close(fd);
97 if (written != len) {
98 unlink(lockpath);
99 error("Unable to write to %s", lockpath);
100 return -2;
101 }
102 if (rename(lockpath, git_HEAD) < 0) {
103 unlink(lockpath);
104 error("Unable to create %s", git_HEAD);
105 return -3;
106 }
107 if (adjust_shared_perm(git_HEAD)) {
108 unlink(lockpath);
109 error("Unable to fix permissions on %s", lockpath);
110 return -4;
111 }
112 return 0;
113 }
114
115 int read_ref(const char *filename, unsigned char *sha1)
116 {
117 if (resolve_ref(filename, sha1, 1))
118 return 0;
119 return -1;
120 }
121
122 static int do_for_each_ref(const char *base, int (*fn)(const char *path, const unsigned char *sha1), int trim)
123 {
124 int retval = 0;
125 DIR *dir = opendir(git_path("%s", base));
126
127 if (dir) {
128 struct dirent *de;
129 int baselen = strlen(base);
130 char *path = xmalloc(baselen + 257);
131
132 if (!strncmp(base, "./", 2)) {
133 base += 2;
134 baselen -= 2;
135 }
136 memcpy(path, base, baselen);
137 if (baselen && base[baselen-1] != '/')
138 path[baselen++] = '/';
139
140 while ((de = readdir(dir)) != NULL) {
141 unsigned char sha1[20];
142 struct stat st;
143 int namelen;
144
145 if (de->d_name[0] == '.')
146 continue;
147 namelen = strlen(de->d_name);
148 if (namelen > 255)
149 continue;
150 if (has_extension(de->d_name, ".lock"))
151 continue;
152 memcpy(path + baselen, de->d_name, namelen+1);
153 if (stat(git_path("%s", path), &st) < 0)
154 continue;
155 if (S_ISDIR(st.st_mode)) {
156 retval = do_for_each_ref(path, fn, trim);
157 if (retval)
158 break;
159 continue;
160 }
161 if (read_ref(git_path("%s", path), sha1) < 0) {
162 error("%s points nowhere!", path);
163 continue;
164 }
165 if (!has_sha1_file(sha1)) {
166 error("%s does not point to a valid "
167 "commit object!", path);
168 continue;
169 }
170 retval = fn(path + trim, sha1);
171 if (retval)
172 break;
173 }
174 free(path);
175 closedir(dir);
176 }
177 return retval;
178 }
179
180 int head_ref(int (*fn)(const char *path, const unsigned char *sha1))
181 {
182 unsigned char sha1[20];
183 if (!read_ref(git_path("HEAD"), sha1))
184 return fn("HEAD", sha1);
185 return 0;
186 }
187
188 int for_each_ref(int (*fn)(const char *path, const unsigned char *sha1))
189 {
190 return do_for_each_ref("refs", fn, 0);
191 }
192
193 int for_each_tag_ref(int (*fn)(const char *path, const unsigned char *sha1))
194 {
195 return do_for_each_ref("refs/tags", fn, 10);
196 }
197
198 int for_each_branch_ref(int (*fn)(const char *path, const unsigned char *sha1))
199 {
200 return do_for_each_ref("refs/heads", fn, 11);
201 }
202
203 int for_each_remote_ref(int (*fn)(const char *path, const unsigned char *sha1))
204 {
205 return do_for_each_ref("refs/remotes", fn, 13);
206 }
207
208 int get_ref_sha1(const char *ref, unsigned char *sha1)
209 {
210 if (check_ref_format(ref))
211 return -1;
212 return read_ref(git_path("refs/%s", ref), sha1);
213 }
214
215 /*
216 * Make sure "ref" is something reasonable to have under ".git/refs/";
217 * We do not like it if:
218 *
219 * - any path component of it begins with ".", or
220 * - it has double dots "..", or
221 * - it has ASCII control character, "~", "^", ":" or SP, anywhere, or
222 * - it ends with a "/".
223 */
224
225 static inline int bad_ref_char(int ch)
226 {
227 return (((unsigned) ch) <= ' ' ||
228 ch == '~' || ch == '^' || ch == ':' ||
229 /* 2.13 Pattern Matching Notation */
230 ch == '?' || ch == '*' || ch == '[');
231 }
232
233 int check_ref_format(const char *ref)
234 {
235 int ch, level;
236 const char *cp = ref;
237
238 level = 0;
239 while (1) {
240 while ((ch = *cp++) == '/')
241 ; /* tolerate duplicated slashes */
242 if (!ch)
243 return -1; /* should not end with slashes */
244
245 /* we are at the beginning of the path component */
246 if (ch == '.' || bad_ref_char(ch))
247 return -1;
248
249 /* scan the rest of the path component */
250 while ((ch = *cp++) != 0) {
251 if (bad_ref_char(ch))
252 return -1;
253 if (ch == '/')
254 break;
255 if (ch == '.' && *cp == '.')
256 return -1;
257 }
258 level++;
259 if (!ch) {
260 if (level < 2)
261 return -1; /* at least of form "heads/blah" */
262 return 0;
263 }
264 }
265 }
266
267 static struct ref_lock *verify_lock(struct ref_lock *lock,
268 const unsigned char *old_sha1, int mustexist)
269 {
270 char buf[40];
271 int nr, fd = open(lock->ref_file, O_RDONLY);
272 if (fd < 0 && (mustexist || errno != ENOENT)) {
273 error("Can't verify ref %s", lock->ref_file);
274 unlock_ref(lock);
275 return NULL;
276 }
277 nr = read(fd, buf, 40);
278 close(fd);
279 if (nr != 40 || get_sha1_hex(buf, lock->old_sha1) < 0) {
280 error("Can't verify ref %s", lock->ref_file);
281 unlock_ref(lock);
282 return NULL;
283 }
284 if (hashcmp(lock->old_sha1, old_sha1)) {
285 error("Ref %s is at %s but expected %s", lock->ref_file,
286 sha1_to_hex(lock->old_sha1), sha1_to_hex(old_sha1));
287 unlock_ref(lock);
288 return NULL;
289 }
290 return lock;
291 }
292
293 static struct ref_lock *lock_ref_sha1_basic(const char *path,
294 int plen,
295 const unsigned char *old_sha1, int mustexist)
296 {
297 const char *orig_path = path;
298 struct ref_lock *lock;
299 struct stat st;
300
301 lock = xcalloc(1, sizeof(struct ref_lock));
302 lock->lock_fd = -1;
303
304 plen = strlen(path) - plen;
305 path = resolve_ref(path, lock->old_sha1, mustexist);
306 if (!path) {
307 int last_errno = errno;
308 error("unable to resolve reference %s: %s",
309 orig_path, strerror(errno));
310 unlock_ref(lock);
311 errno = last_errno;
312 return NULL;
313 }
314 lock->lk = xcalloc(1, sizeof(struct lock_file));
315
316 lock->ref_file = strdup(path);
317 lock->log_file = strdup(git_path("logs/%s", lock->ref_file + plen));
318 lock->force_write = lstat(lock->ref_file, &st) && errno == ENOENT;
319
320 if (safe_create_leading_directories(lock->ref_file))
321 die("unable to create directory for %s", lock->ref_file);
322 lock->lock_fd = hold_lock_file_for_update(lock->lk, lock->ref_file, 1);
323
324 return old_sha1 ? verify_lock(lock, old_sha1, mustexist) : lock;
325 }
326
327 struct ref_lock *lock_ref_sha1(const char *ref,
328 const unsigned char *old_sha1, int mustexist)
329 {
330 if (check_ref_format(ref))
331 return NULL;
332 return lock_ref_sha1_basic(git_path("refs/%s", ref),
333 5 + strlen(ref), old_sha1, mustexist);
334 }
335
336 struct ref_lock *lock_any_ref_for_update(const char *ref,
337 const unsigned char *old_sha1, int mustexist)
338 {
339 return lock_ref_sha1_basic(git_path("%s", ref),
340 strlen(ref), old_sha1, mustexist);
341 }
342
343 void unlock_ref(struct ref_lock *lock)
344 {
345 if (lock->lock_fd >= 0) {
346 close(lock->lock_fd);
347 /* Do not free lock->lk -- atexit() still looks at them */
348 if (lock->lk)
349 rollback_lock_file(lock->lk);
350 }
351 if (lock->ref_file)
352 free(lock->ref_file);
353 if (lock->log_file)
354 free(lock->log_file);
355 free(lock);
356 }
357
358 static int log_ref_write(struct ref_lock *lock,
359 const unsigned char *sha1, const char *msg)
360 {
361 int logfd, written, oflags = O_APPEND | O_WRONLY;
362 unsigned maxlen, len;
363 char *logrec;
364 const char *committer;
365
366 if (log_all_ref_updates) {
367 if (safe_create_leading_directories(lock->log_file) < 0)
368 return error("unable to create directory for %s",
369 lock->log_file);
370 oflags |= O_CREAT;
371 }
372
373 logfd = open(lock->log_file, oflags, 0666);
374 if (logfd < 0) {
375 if (!log_all_ref_updates && errno == ENOENT)
376 return 0;
377 return error("Unable to append to %s: %s",
378 lock->log_file, strerror(errno));
379 }
380
381 committer = git_committer_info(1);
382 if (msg) {
383 maxlen = strlen(committer) + strlen(msg) + 2*40 + 5;
384 logrec = xmalloc(maxlen);
385 len = snprintf(logrec, maxlen, "%s %s %s\t%s\n",
386 sha1_to_hex(lock->old_sha1),
387 sha1_to_hex(sha1),
388 committer,
389 msg);
390 }
391 else {
392 maxlen = strlen(committer) + 2*40 + 4;
393 logrec = xmalloc(maxlen);
394 len = snprintf(logrec, maxlen, "%s %s %s\n",
395 sha1_to_hex(lock->old_sha1),
396 sha1_to_hex(sha1),
397 committer);
398 }
399 written = len <= maxlen ? write(logfd, logrec, len) : -1;
400 free(logrec);
401 close(logfd);
402 if (written != len)
403 return error("Unable to append to %s", lock->log_file);
404 return 0;
405 }
406
407 int write_ref_sha1(struct ref_lock *lock,
408 const unsigned char *sha1, const char *logmsg)
409 {
410 static char term = '\n';
411
412 if (!lock)
413 return -1;
414 if (!lock->force_write && !hashcmp(lock->old_sha1, sha1)) {
415 unlock_ref(lock);
416 return 0;
417 }
418 if (write(lock->lock_fd, sha1_to_hex(sha1), 40) != 40 ||
419 write(lock->lock_fd, &term, 1) != 1
420 || close(lock->lock_fd) < 0) {
421 error("Couldn't write %s", lock->lk->filename);
422 unlock_ref(lock);
423 return -1;
424 }
425 if (log_ref_write(lock, sha1, logmsg) < 0) {
426 unlock_ref(lock);
427 return -1;
428 }
429 if (commit_lock_file(lock->lk)) {
430 error("Couldn't set %s", lock->ref_file);
431 unlock_ref(lock);
432 return -1;
433 }
434 lock->lock_fd = -1;
435 unlock_ref(lock);
436 return 0;
437 }
438
439 int read_ref_at(const char *ref, unsigned long at_time, unsigned char *sha1)
440 {
441 const char *logfile, *logdata, *logend, *rec, *lastgt, *lastrec;
442 char *tz_c;
443 int logfd, tz;
444 struct stat st;
445 unsigned long date;
446 unsigned char logged_sha1[20];
447
448 logfile = git_path("logs/%s", ref);
449 logfd = open(logfile, O_RDONLY, 0);
450 if (logfd < 0)
451 die("Unable to read log %s: %s", logfile, strerror(errno));
452 fstat(logfd, &st);
453 if (!st.st_size)
454 die("Log %s is empty.", logfile);
455 logdata = mmap(NULL, st.st_size, PROT_READ, MAP_PRIVATE, logfd, 0);
456 close(logfd);
457
458 lastrec = NULL;
459 rec = logend = logdata + st.st_size;
460 while (logdata < rec) {
461 if (logdata < rec && *(rec-1) == '\n')
462 rec--;
463 lastgt = NULL;
464 while (logdata < rec && *(rec-1) != '\n') {
465 rec--;
466 if (*rec == '>')
467 lastgt = rec;
468 }
469 if (!lastgt)
470 die("Log %s is corrupt.", logfile);
471 date = strtoul(lastgt + 1, &tz_c, 10);
472 if (date <= at_time) {
473 if (lastrec) {
474 if (get_sha1_hex(lastrec, logged_sha1))
475 die("Log %s is corrupt.", logfile);
476 if (get_sha1_hex(rec + 41, sha1))
477 die("Log %s is corrupt.", logfile);
478 if (hashcmp(logged_sha1, sha1)) {
479 tz = strtoul(tz_c, NULL, 10);
480 fprintf(stderr,
481 "warning: Log %s has gap after %s.\n",
482 logfile, show_rfc2822_date(date, tz));
483 }
484 }
485 else if (date == at_time) {
486 if (get_sha1_hex(rec + 41, sha1))
487 die("Log %s is corrupt.", logfile);
488 }
489 else {
490 if (get_sha1_hex(rec + 41, logged_sha1))
491 die("Log %s is corrupt.", logfile);
492 if (hashcmp(logged_sha1, sha1)) {
493 tz = strtoul(tz_c, NULL, 10);
494 fprintf(stderr,
495 "warning: Log %s unexpectedly ended on %s.\n",
496 logfile, show_rfc2822_date(date, tz));
497 }
498 }
499 munmap((void*)logdata, st.st_size);
500 return 0;
501 }
502 lastrec = rec;
503 }
504
505 rec = logdata;
506 while (rec < logend && *rec != '>' && *rec != '\n')
507 rec++;
508 if (rec == logend || *rec == '\n')
509 die("Log %s is corrupt.", logfile);
510 date = strtoul(rec + 1, &tz_c, 10);
511 tz = strtoul(tz_c, NULL, 10);
512 if (get_sha1_hex(logdata, sha1))
513 die("Log %s is corrupt.", logfile);
514 munmap((void*)logdata, st.st_size);
515 fprintf(stderr, "warning: Log %s only goes back to %s.\n",
516 logfile, show_rfc2822_date(date, tz));
517 return 0;
518 }
Unnamed repository; edit this file 'description' to name the repository.