pack-check.con commit pack-objects: take lock before accessing `remaining` (0c2ad00)
   1#include "cache.h"
   2#include "pack.h"
   3#include "pack-revindex.h"
   4#include "progress.h"
   5
   6struct idx_entry {
   7        off_t                offset;
   8        union idx_entry_object {
   9                const unsigned char *hash;
  10                struct object_id *oid;
  11        } oid;
  12        unsigned int nr;
  13};
  14
  15static int compare_entries(const void *e1, const void *e2)
  16{
  17        const struct idx_entry *entry1 = e1;
  18        const struct idx_entry *entry2 = e2;
  19        if (entry1->offset < entry2->offset)
  20                return -1;
  21        if (entry1->offset > entry2->offset)
  22                return 1;
  23        return 0;
  24}
  25
  26int check_pack_crc(struct packed_git *p, struct pack_window **w_curs,
  27                   off_t offset, off_t len, unsigned int nr)
  28{
  29        const uint32_t *index_crc;
  30        uint32_t data_crc = crc32(0, NULL, 0);
  31
  32        do {
  33                unsigned long avail;
  34                void *data = use_pack(p, w_curs, offset, &avail);
  35                if (avail > len)
  36                        avail = len;
  37                data_crc = crc32(data_crc, data, avail);
  38                offset += avail;
  39                len -= avail;
  40        } while (len);
  41
  42        index_crc = p->index_data;
  43        index_crc += 2 + 256 + p->num_objects * (20/4) + nr;
  44
  45        return data_crc != ntohl(*index_crc);
  46}
  47
  48static int verify_packfile(struct packed_git *p,
  49                           struct pack_window **w_curs,
  50                           verify_fn fn,
  51                           struct progress *progress, uint32_t base_count)
  52
  53{
  54        off_t index_size = p->index_size;
  55        const unsigned char *index_base = p->index_data;
  56        git_SHA_CTX ctx;
  57        unsigned char hash[GIT_MAX_RAWSZ], *pack_sig;
  58        off_t offset = 0, pack_sig_ofs = 0;
  59        uint32_t nr_objects, i;
  60        int err = 0;
  61        struct idx_entry *entries;
  62
  63        if (!is_pack_valid(p))
  64                return error("packfile %s cannot be accessed", p->pack_name);
  65
  66        git_SHA1_Init(&ctx);
  67        do {
  68                unsigned long remaining;
  69                unsigned char *in = use_pack(p, w_curs, offset, &remaining);
  70                offset += remaining;
  71                if (!pack_sig_ofs)
  72                        pack_sig_ofs = p->pack_size - 20;
  73                if (offset > pack_sig_ofs)
  74                        remaining -= (unsigned int)(offset - pack_sig_ofs);
  75                git_SHA1_Update(&ctx, in, remaining);
  76        } while (offset < pack_sig_ofs);
  77        git_SHA1_Final(hash, &ctx);
  78        pack_sig = use_pack(p, w_curs, pack_sig_ofs, NULL);
  79        if (hashcmp(hash, pack_sig))
  80                err = error("%s SHA1 checksum mismatch",
  81                            p->pack_name);
  82        if (hashcmp(index_base + index_size - 40, pack_sig))
  83                err = error("%s SHA1 does not match its index",
  84                            p->pack_name);
  85        unuse_pack(w_curs);
  86
  87        /* Make sure everything reachable from idx is valid.  Since we
  88         * have verified that nr_objects matches between idx and pack,
  89         * we do not do scan-streaming check on the pack file.
  90         */
  91        nr_objects = p->num_objects;
  92        ALLOC_ARRAY(entries, nr_objects + 1);
  93        entries[nr_objects].offset = pack_sig_ofs;
  94        /* first sort entries by pack offset, since unpacking them is more efficient that way */
  95        for (i = 0; i < nr_objects; i++) {
  96                entries[i].oid.hash = nth_packed_object_sha1(p, i);
  97                if (!entries[i].oid.hash)
  98                        die("internal error pack-check nth-packed-object");
  99                entries[i].offset = nth_packed_object_offset(p, i);
 100                entries[i].nr = i;
 101        }
 102        QSORT(entries, nr_objects, compare_entries);
 103
 104        for (i = 0; i < nr_objects; i++) {
 105                void *data;
 106                enum object_type type;
 107                unsigned long size;
 108                off_t curpos;
 109                int data_valid;
 110
 111                if (p->index_version > 1) {
 112                        off_t offset = entries[i].offset;
 113                        off_t len = entries[i+1].offset - offset;
 114                        unsigned int nr = entries[i].nr;
 115                        if (check_pack_crc(p, w_curs, offset, len, nr))
 116                                err = error("index CRC mismatch for object %s "
 117                                            "from %s at offset %"PRIuMAX"",
 118                                            oid_to_hex(entries[i].oid.oid),
 119                                            p->pack_name, (uintmax_t)offset);
 120                }
 121
 122                curpos = entries[i].offset;
 123                type = unpack_object_header(p, w_curs, &curpos, &size);
 124                unuse_pack(w_curs);
 125
 126                if (type == OBJ_BLOB && big_file_threshold <= size) {
 127                        /*
 128                         * Let check_sha1_signature() check it with
 129                         * the streaming interface; no point slurping
 130                         * the data in-core only to discard.
 131                         */
 132                        data = NULL;
 133                        data_valid = 0;
 134                } else {
 135                        data = unpack_entry(p, entries[i].offset, &type, &size);
 136                        data_valid = 1;
 137                }
 138
 139                if (data_valid && !data)
 140                        err = error("cannot unpack %s from %s at offset %"PRIuMAX"",
 141                                    oid_to_hex(entries[i].oid.oid), p->pack_name,
 142                                    (uintmax_t)entries[i].offset);
 143                else if (check_sha1_signature(entries[i].oid.hash, data, size, typename(type)))
 144                        err = error("packed %s from %s is corrupt",
 145                                    oid_to_hex(entries[i].oid.oid), p->pack_name);
 146                else if (fn) {
 147                        int eaten = 0;
 148                        err |= fn(entries[i].oid.oid, type, size, data, &eaten);
 149                        if (eaten)
 150                                data = NULL;
 151                }
 152                if (((base_count + i) & 1023) == 0)
 153                        display_progress(progress, base_count + i);
 154                free(data);
 155
 156        }
 157        display_progress(progress, base_count + i);
 158        free(entries);
 159
 160        return err;
 161}
 162
 163int verify_pack_index(struct packed_git *p)
 164{
 165        off_t index_size;
 166        const unsigned char *index_base;
 167        git_SHA_CTX ctx;
 168        unsigned char sha1[20];
 169        int err = 0;
 170
 171        if (open_pack_index(p))
 172                return error("packfile %s index not opened", p->pack_name);
 173        index_size = p->index_size;
 174        index_base = p->index_data;
 175
 176        /* Verify SHA1 sum of the index file */
 177        git_SHA1_Init(&ctx);
 178        git_SHA1_Update(&ctx, index_base, (unsigned int)(index_size - 20));
 179        git_SHA1_Final(sha1, &ctx);
 180        if (hashcmp(sha1, index_base + index_size - 20))
 181                err = error("Packfile index for %s SHA1 mismatch",
 182                            p->pack_name);
 183        return err;
 184}
 185
 186int verify_pack(struct packed_git *p, verify_fn fn,
 187                struct progress *progress, uint32_t base_count)
 188{
 189        int err = 0;
 190        struct pack_window *w_curs = NULL;
 191
 192        err |= verify_pack_index(p);
 193        if (!p->index_data)
 194                return -1;
 195
 196        err |= verify_packfile(p, &w_curs, fn, progress, base_count);
 197        unuse_pack(&w_curs);
 198
 199        return err;
 200}