1/*
2 * Various trivial helper wrappers around standard functions
3 */
4#include "cache.h"
5static void do_nothing(size_t size)
7{
8}
9static void (*try_to_free_routine)(size_t size) = do_nothing;
11static int memory_limit_check(size_t size, int gentle)
13{
14 static size_t limit = 0;
15 if (!limit) {
16 limit = git_env_ulong("GIT_ALLOC_LIMIT", 0);
17 if (!limit)
18 limit = SIZE_MAX;
19 }
20 if (size > limit) {
21 if (gentle) {
22 error("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX,
23 (uintmax_t)size, (uintmax_t)limit);
24 return -1;
25 } else
26 die("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX,
27 (uintmax_t)size, (uintmax_t)limit);
28 }
29 return 0;
30}
31try_to_free_t set_try_to_free_routine(try_to_free_t routine)
33{
34 try_to_free_t old = try_to_free_routine;
35 if (!routine)
36 routine = do_nothing;
37 try_to_free_routine = routine;
38 return old;
39}
40char *xstrdup(const char *str)
42{
43 char *ret = strdup(str);
44 if (!ret) {
45 try_to_free_routine(strlen(str) + 1);
46 ret = strdup(str);
47 if (!ret)
48 die("Out of memory, strdup failed");
49 }
50 return ret;
51}
52static void *do_xmalloc(size_t size, int gentle)
54{
55 void *ret;
56 if (memory_limit_check(size, gentle))
58 return NULL;
59 ret = malloc(size);
60 if (!ret && !size)
61 ret = malloc(1);
62 if (!ret) {
63 try_to_free_routine(size);
64 ret = malloc(size);
65 if (!ret && !size)
66 ret = malloc(1);
67 if (!ret) {
68 if (!gentle)
69 die("Out of memory, malloc failed (tried to allocate %lu bytes)",
70 (unsigned long)size);
71 else {
72 error("Out of memory, malloc failed (tried to allocate %lu bytes)",
73 (unsigned long)size);
74 return NULL;
75 }
76 }
77 }
78#ifdef XMALLOC_POISON
79 memset(ret, 0xA5, size);
80#endif
81 return ret;
82}
83void *xmalloc(size_t size)
85{
86 return do_xmalloc(size, 0);
87}
88static void *do_xmallocz(size_t size, int gentle)
90{
91 void *ret;
92 if (unsigned_add_overflows(size, 1)) {
93 if (gentle) {
94 error("Data too large to fit into virtual memory space.");
95 return NULL;
96 } else
97 die("Data too large to fit into virtual memory space.");
98 }
99 ret = do_xmalloc(size + 1, gentle);
100 if (ret)
101 ((char*)ret)[size] = 0;
102 return ret;
103}
104void *xmallocz(size_t size)
106{
107 return do_xmallocz(size, 0);
108}
109void *xmallocz_gently(size_t size)
111{
112 return do_xmallocz(size, 1);
113}
114/*
116 * xmemdupz() allocates (len + 1) bytes of memory, duplicates "len" bytes of
117 * "data" to the allocated memory, zero terminates the allocated memory,
118 * and returns a pointer to the allocated memory. If the allocation fails,
119 * the program dies.
120 */
121void *xmemdupz(const void *data, size_t len)
122{
123 return memcpy(xmallocz(len), data, len);
124}
125char *xstrndup(const char *str, size_t len)
127{
128 char *p = memchr(str, '\0', len);
129 return xmemdupz(str, p ? p - str : len);
130}
131void *xrealloc(void *ptr, size_t size)
133{
134 void *ret;
135 memory_limit_check(size, 0);
137 ret = realloc(ptr, size);
138 if (!ret && !size)
139 ret = realloc(ptr, 1);
140 if (!ret) {
141 try_to_free_routine(size);
142 ret = realloc(ptr, size);
143 if (!ret && !size)
144 ret = realloc(ptr, 1);
145 if (!ret)
146 die("Out of memory, realloc failed");
147 }
148 return ret;
149}
150void *xcalloc(size_t nmemb, size_t size)
152{
153 void *ret;
154 memory_limit_check(size * nmemb, 0);
156 ret = calloc(nmemb, size);
157 if (!ret && (!nmemb || !size))
158 ret = calloc(1, 1);
159 if (!ret) {
160 try_to_free_routine(nmemb * size);
161 ret = calloc(nmemb, size);
162 if (!ret && (!nmemb || !size))
163 ret = calloc(1, 1);
164 if (!ret)
165 die("Out of memory, calloc failed");
166 }
167 return ret;
168}
169/*
171 * Limit size of IO chunks, because huge chunks only cause pain. OS X
172 * 64-bit is buggy, returning EINVAL if len >= INT_MAX; and even in
173 * the absence of bugs, large chunks can result in bad latencies when
174 * you decide to kill the process.
175 *
176 * We pick 8 MiB as our default, but if the platform defines SSIZE_MAX
177 * that is smaller than that, clip it to SSIZE_MAX, as a call to
178 * read(2) or write(2) larger than that is allowed to fail. As the last
179 * resort, we allow a port to pass via CFLAGS e.g. "-DMAX_IO_SIZE=value"
180 * to override this, if the definition of SSIZE_MAX given by the platform
181 * is broken.
182 */
183#ifndef MAX_IO_SIZE
184# define MAX_IO_SIZE_DEFAULT (8*1024*1024)
185# if defined(SSIZE_MAX) && (SSIZE_MAX < MAX_IO_SIZE_DEFAULT)
186# define MAX_IO_SIZE SSIZE_MAX
187# else
188# define MAX_IO_SIZE MAX_IO_SIZE_DEFAULT
189# endif
190#endif
191/**
193 * xopen() is the same as open(), but it die()s if the open() fails.
194 */
195int xopen(const char *path, int oflag, ...)
196{
197 mode_t mode = 0;
198 va_list ap;
199 /*
201 * va_arg() will have undefined behavior if the specified type is not
202 * compatible with the argument type. Since integers are promoted to
203 * ints, we fetch the next argument as an int, and then cast it to a
204 * mode_t to avoid undefined behavior.
205 */
206 va_start(ap, oflag);
207 if (oflag & O_CREAT)
208 mode = va_arg(ap, int);
209 va_end(ap);
210 for (;;) {
212 int fd = open(path, oflag, mode);
213 if (fd >= 0)
214 return fd;
215 if (errno == EINTR)
216 continue;
217 if ((oflag & O_RDWR) == O_RDWR)
219 die_errno(_("could not open '%s' for reading and writing"), path);
220 else if ((oflag & O_WRONLY) == O_WRONLY)
221 die_errno(_("could not open '%s' for writing"), path);
222 else
223 die_errno(_("could not open '%s' for reading"), path);
224 }
225}
226/*
228 * xread() is the same a read(), but it automatically restarts read()
229 * operations with a recoverable error (EAGAIN and EINTR). xread()
230 * DOES NOT GUARANTEE that "len" bytes is read even if the data is available.
231 */
232ssize_t xread(int fd, void *buf, size_t len)
233{
234 ssize_t nr;
235 if (len > MAX_IO_SIZE)
236 len = MAX_IO_SIZE;
237 while (1) {
238 nr = read(fd, buf, len);
239 if (nr < 0) {
240 if (errno == EINTR)
241 continue;
242 if (errno == EAGAIN || errno == EWOULDBLOCK) {
243 struct pollfd pfd;
244 pfd.events = POLLIN;
245 pfd.fd = fd;
246 /*
247 * it is OK if this poll() failed; we
248 * want to leave this infinite loop
249 * only when read() returns with
250 * success, or an expected failure,
251 * which would be checked by the next
252 * call to read(2).
253 */
254 poll(&pfd, 1, -1);
255 }
256 }
257 return nr;
258 }
259}
260/*
262 * xwrite() is the same a write(), but it automatically restarts write()
263 * operations with a recoverable error (EAGAIN and EINTR). xwrite() DOES NOT
264 * GUARANTEE that "len" bytes is written even if the operation is successful.
265 */
266ssize_t xwrite(int fd, const void *buf, size_t len)
267{
268 ssize_t nr;
269 if (len > MAX_IO_SIZE)
270 len = MAX_IO_SIZE;
271 while (1) {
272 nr = write(fd, buf, len);
273 if ((nr < 0) && (errno == EAGAIN || errno == EINTR))
274 continue;
275 return nr;
276 }
277}
278/*
280 * xpread() is the same as pread(), but it automatically restarts pread()
281 * operations with a recoverable error (EAGAIN and EINTR). xpread() DOES
282 * NOT GUARANTEE that "len" bytes is read even if the data is available.
283 */
284ssize_t xpread(int fd, void *buf, size_t len, off_t offset)
285{
286 ssize_t nr;
287 if (len > MAX_IO_SIZE)
288 len = MAX_IO_SIZE;
289 while (1) {
290 nr = pread(fd, buf, len, offset);
291 if ((nr < 0) && (errno == EAGAIN || errno == EINTR))
292 continue;
293 return nr;
294 }
295}
296ssize_t read_in_full(int fd, void *buf, size_t count)
298{
299 char *p = buf;
300 ssize_t total = 0;
301 while (count > 0) {
303 ssize_t loaded = xread(fd, p, count);
304 if (loaded < 0)
305 return -1;
306 if (loaded == 0)
307 return total;
308 count -= loaded;
309 p += loaded;
310 total += loaded;
311 }
312 return total;
314}
315ssize_t write_in_full(int fd, const void *buf, size_t count)
317{
318 const char *p = buf;
319 ssize_t total = 0;
320 while (count > 0) {
322 ssize_t written = xwrite(fd, p, count);
323 if (written < 0)
324 return -1;
325 if (!written) {
326 errno = ENOSPC;
327 return -1;
328 }
329 count -= written;
330 p += written;
331 total += written;
332 }
333 return total;
335}
336ssize_t pread_in_full(int fd, void *buf, size_t count, off_t offset)
338{
339 char *p = buf;
340 ssize_t total = 0;
341 while (count > 0) {
343 ssize_t loaded = xpread(fd, p, count, offset);
344 if (loaded < 0)
345 return -1;
346 if (loaded == 0)
347 return total;
348 count -= loaded;
349 p += loaded;
350 total += loaded;
351 offset += loaded;
352 }
353 return total;
355}
356int xdup(int fd)
358{
359 int ret = dup(fd);
360 if (ret < 0)
361 die_errno("dup failed");
362 return ret;
363}
364/**
366 * xfopen() is the same as fopen(), but it die()s if the fopen() fails.
367 */
368FILE *xfopen(const char *path, const char *mode)
369{
370 for (;;) {
371 FILE *fp = fopen(path, mode);
372 if (fp)
373 return fp;
374 if (errno == EINTR)
375 continue;
376 if (*mode && mode[1] == '+')
378 die_errno(_("could not open '%s' for reading and writing"), path);
379 else if (*mode == 'w' || *mode == 'a')
380 die_errno(_("could not open '%s' for writing"), path);
381 else
382 die_errno(_("could not open '%s' for reading"), path);
383 }
384}
385FILE *xfdopen(int fd, const char *mode)
387{
388 FILE *stream = fdopen(fd, mode);
389 if (stream == NULL)
390 die_errno("Out of memory? fdopen failed");
391 return stream;
392}
393int xmkstemp(char *template)
395{
396 int fd;
397 char origtemplate[PATH_MAX];
398 strlcpy(origtemplate, template, sizeof(origtemplate));
399 fd = mkstemp(template);
401 if (fd < 0) {
402 int saved_errno = errno;
403 const char *nonrelative_template;
404 if (strlen(template) != strlen(origtemplate))
406 template = origtemplate;
407 nonrelative_template = absolute_path(template);
409 errno = saved_errno;
410 die_errno("Unable to create temporary file '%s'",
411 nonrelative_template);
412 }
413 return fd;
414}
415/* git_mkstemp() - create tmp file honoring TMPDIR variable */
417int git_mkstemp(char *path, size_t len, const char *template)
418{
419 const char *tmp;
420 size_t n;
421 tmp = getenv("TMPDIR");
423 if (!tmp)
424 tmp = "/tmp";
425 n = snprintf(path, len, "%s/%s", tmp, template);
426 if (len <= n) {
427 errno = ENAMETOOLONG;
428 return -1;
429 }
430 return mkstemp(path);
431}
432/* git_mkstemps() - create tmp file with suffix honoring TMPDIR variable. */
434int git_mkstemps(char *path, size_t len, const char *template, int suffix_len)
435{
436 const char *tmp;
437 size_t n;
438 tmp = getenv("TMPDIR");
440 if (!tmp)
441 tmp = "/tmp";
442 n = snprintf(path, len, "%s/%s", tmp, template);
443 if (len <= n) {
444 errno = ENAMETOOLONG;
445 return -1;
446 }
447 return mkstemps(path, suffix_len);
448}
449/* Adapted from libiberty's mkstemp.c. */
451#undef TMP_MAX
453#define TMP_MAX 16384
454int git_mkstemps_mode(char *pattern, int suffix_len, int mode)
456{
457 static const char letters[] =
458 "abcdefghijklmnopqrstuvwxyz"
459 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
460 "0123456789";
461 static const int num_letters = 62;
462 uint64_t value;
463 struct timeval tv;
464 char *template;
465 size_t len;
466 int fd, count;
467 len = strlen(pattern);
469 if (len < 6 + suffix_len) {
471 errno = EINVAL;
472 return -1;
473 }
474 if (strncmp(&pattern[len - 6 - suffix_len], "XXXXXX", 6)) {
476 errno = EINVAL;
477 return -1;
478 }
479 /*
481 * Replace pattern's XXXXXX characters with randomness.
482 * Try TMP_MAX different filenames.
483 */
484 gettimeofday(&tv, NULL);
485 value = ((size_t)(tv.tv_usec << 16)) ^ tv.tv_sec ^ getpid();
486 template = &pattern[len - 6 - suffix_len];
487 for (count = 0; count < TMP_MAX; ++count) {
488 uint64_t v = value;
489 /* Fill in the random bits. */
490 template[0] = letters[v % num_letters]; v /= num_letters;
491 template[1] = letters[v % num_letters]; v /= num_letters;
492 template[2] = letters[v % num_letters]; v /= num_letters;
493 template[3] = letters[v % num_letters]; v /= num_letters;
494 template[4] = letters[v % num_letters]; v /= num_letters;
495 template[5] = letters[v % num_letters]; v /= num_letters;
496 fd = open(pattern, O_CREAT | O_EXCL | O_RDWR, mode);
498 if (fd >= 0)
499 return fd;
500 /*
501 * Fatal error (EPERM, ENOSPC etc).
502 * It doesn't make sense to loop.
503 */
504 if (errno != EEXIST)
505 break;
506 /*
507 * This is a random value. It is only necessary that
508 * the next TMP_MAX values generated by adding 7777 to
509 * VALUE are different with (module 2^32).
510 */
511 value += 7777;
512 }
513 /* We return the null string if we can't find a unique file name. */
514 pattern[0] = '\0';
515 return -1;
516}
517int git_mkstemp_mode(char *pattern, int mode)
519{
520 /* mkstemp is just mkstemps with no suffix */
521 return git_mkstemps_mode(pattern, 0, mode);
522}
523#ifdef NO_MKSTEMPS
525int gitmkstemps(char *pattern, int suffix_len)
526{
527 return git_mkstemps_mode(pattern, suffix_len, 0600);
528}
529#endif
530int xmkstemp_mode(char *template, int mode)
532{
533 int fd;
534 char origtemplate[PATH_MAX];
535 strlcpy(origtemplate, template, sizeof(origtemplate));
536 fd = git_mkstemp_mode(template, mode);
538 if (fd < 0) {
539 int saved_errno = errno;
540 const char *nonrelative_template;
541 if (!template[0])
543 template = origtemplate;
544 nonrelative_template = absolute_path(template);
546 errno = saved_errno;
547 die_errno("Unable to create temporary file '%s'",
548 nonrelative_template);
549 }
550 return fd;
551}
552static int warn_if_unremovable(const char *op, const char *file, int rc)
554{
555 int err;
556 if (!rc || errno == ENOENT)
557 return 0;
558 err = errno;
559 warning("unable to %s %s: %s", op, file, strerror(errno));
560 errno = err;
561 return rc;
562}
563int unlink_or_msg(const char *file, struct strbuf *err)
565{
566 int rc = unlink(file);
567 assert(err);
569 if (!rc || errno == ENOENT)
571 return 0;
572 strbuf_addf(err, "unable to unlink %s: %s",
574 file, strerror(errno));
575 return -1;
576}
577int unlink_or_warn(const char *file)
579{
580 return warn_if_unremovable("unlink", file, unlink(file));
581}
582int rmdir_or_warn(const char *file)
584{
585 return warn_if_unremovable("rmdir", file, rmdir(file));
586}
587int remove_or_warn(unsigned int mode, const char *file)
589{
590 return S_ISGITLINK(mode) ? rmdir_or_warn(file) : unlink_or_warn(file);
591}
592void warn_on_inaccessible(const char *path)
594{
595 warning(_("unable to access '%s': %s"), path, strerror(errno));
596}
597static int access_error_is_ok(int err, unsigned flag)
599{
600 return err == ENOENT || err == ENOTDIR ||
601 ((flag & ACCESS_EACCES_OK) && err == EACCES);
602}
603int access_or_warn(const char *path, int mode, unsigned flag)
605{
606 int ret = access(path, mode);
607 if (ret && !access_error_is_ok(errno, flag))
608 warn_on_inaccessible(path);
609 return ret;
610}
611int access_or_die(const char *path, int mode, unsigned flag)
613{
614 int ret = access(path, mode);
615 if (ret && !access_error_is_ok(errno, flag))
616 die_errno(_("unable to access '%s'"), path);
617 return ret;
618}
619struct passwd *xgetpwuid_self(void)
621{
622 struct passwd *pw;
623 errno = 0;
625 pw = getpwuid(getuid());
626 if (!pw)
627 die(_("unable to look up current user in the passwd file: %s"),
628 errno ? strerror(errno) : _("no such user"));
629 return pw;
630}
631char *xgetcwd(void)
633{
634 struct strbuf sb = STRBUF_INIT;
635 if (strbuf_getcwd(&sb))
636 die_errno(_("unable to get current working directory"));
637 return strbuf_detach(&sb, NULL);
638}
639int xsnprintf(char *dst, size_t max, const char *fmt, ...)
641{
642 va_list ap;
643 int len;
644 va_start(ap, fmt);
646 len = vsnprintf(dst, max, fmt, ap);
647 va_end(ap);
648 if (len < 0)
650 die("BUG: your snprintf is broken");
651 if (len >= max)
652 die("BUG: attempt to snprintf into too-small buffer");
653 return len;
654}
655static int write_file_v(const char *path, int fatal,
657 const char *fmt, va_list params)
658{
659 struct strbuf sb = STRBUF_INIT;
660 int fd = open(path, O_RDWR | O_CREAT | O_TRUNC, 0666);
661 if (fd < 0) {
662 if (fatal)
663 die_errno(_("could not open %s for writing"), path);
664 return -1;
665 }
666 strbuf_vaddf(&sb, fmt, params);
667 strbuf_complete_line(&sb);
668 if (write_in_full(fd, sb.buf, sb.len) != sb.len) {
669 int err = errno;
670 close(fd);
671 strbuf_release(&sb);
672 errno = err;
673 if (fatal)
674 die_errno(_("could not write to %s"), path);
675 return -1;
676 }
677 strbuf_release(&sb);
678 if (close(fd)) {
679 if (fatal)
680 die_errno(_("could not close %s"), path);
681 return -1;
682 }
683 return 0;
684}
685int write_file(const char *path, const char *fmt, ...)
687{
688 int status;
689 va_list params;
690 va_start(params, fmt);
692 status = write_file_v(path, 1, fmt, params);
693 va_end(params);
694 return status;
695}
696int write_file_gently(const char *path, const char *fmt, ...)
698{
699 int status;
700 va_list params;
701 va_start(params, fmt);
703 status = write_file_v(path, 0, fmt, params);
704 va_end(params);
705 return status;
706}
707void sleep_millisec(int millisec)
709{
710 poll(NULL, 0, millisec);
711}