wrapper.con commit shortlog: disallow left-over arguments outside repo (4aa0161)
   1/*
   2 * Various trivial helper wrappers around standard functions
   3 */
   4#include "cache.h"
   5#include "config.h"
   6
   7static void do_nothing(size_t size)
   8{
   9}
  10
  11static void (*try_to_free_routine)(size_t size) = do_nothing;
  12
  13static int memory_limit_check(size_t size, int gentle)
  14{
  15        static size_t limit = 0;
  16        if (!limit) {
  17                limit = git_env_ulong("GIT_ALLOC_LIMIT", 0);
  18                if (!limit)
  19                        limit = SIZE_MAX;
  20        }
  21        if (size > limit) {
  22                if (gentle) {
  23                        error("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX,
  24                              (uintmax_t)size, (uintmax_t)limit);
  25                        return -1;
  26                } else
  27                        die("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX,
  28                            (uintmax_t)size, (uintmax_t)limit);
  29        }
  30        return 0;
  31}
  32
  33try_to_free_t set_try_to_free_routine(try_to_free_t routine)
  34{
  35        try_to_free_t old = try_to_free_routine;
  36        if (!routine)
  37                routine = do_nothing;
  38        try_to_free_routine = routine;
  39        return old;
  40}
  41
  42char *xstrdup(const char *str)
  43{
  44        char *ret = strdup(str);
  45        if (!ret) {
  46                try_to_free_routine(strlen(str) + 1);
  47                ret = strdup(str);
  48                if (!ret)
  49                        die("Out of memory, strdup failed");
  50        }
  51        return ret;
  52}
  53
  54static void *do_xmalloc(size_t size, int gentle)
  55{
  56        void *ret;
  57
  58        if (memory_limit_check(size, gentle))
  59                return NULL;
  60        ret = malloc(size);
  61        if (!ret && !size)
  62                ret = malloc(1);
  63        if (!ret) {
  64                try_to_free_routine(size);
  65                ret = malloc(size);
  66                if (!ret && !size)
  67                        ret = malloc(1);
  68                if (!ret) {
  69                        if (!gentle)
  70                                die("Out of memory, malloc failed (tried to allocate %lu bytes)",
  71                                    (unsigned long)size);
  72                        else {
  73                                error("Out of memory, malloc failed (tried to allocate %lu bytes)",
  74                                      (unsigned long)size);
  75                                return NULL;
  76                        }
  77                }
  78        }
  79#ifdef XMALLOC_POISON
  80        memset(ret, 0xA5, size);
  81#endif
  82        return ret;
  83}
  84
  85void *xmalloc(size_t size)
  86{
  87        return do_xmalloc(size, 0);
  88}
  89
  90static void *do_xmallocz(size_t size, int gentle)
  91{
  92        void *ret;
  93        if (unsigned_add_overflows(size, 1)) {
  94                if (gentle) {
  95                        error("Data too large to fit into virtual memory space.");
  96                        return NULL;
  97                } else
  98                        die("Data too large to fit into virtual memory space.");
  99        }
 100        ret = do_xmalloc(size + 1, gentle);
 101        if (ret)
 102                ((char*)ret)[size] = 0;
 103        return ret;
 104}
 105
 106void *xmallocz(size_t size)
 107{
 108        return do_xmallocz(size, 0);
 109}
 110
 111void *xmallocz_gently(size_t size)
 112{
 113        return do_xmallocz(size, 1);
 114}
 115
 116/*
 117 * xmemdupz() allocates (len + 1) bytes of memory, duplicates "len" bytes of
 118 * "data" to the allocated memory, zero terminates the allocated memory,
 119 * and returns a pointer to the allocated memory. If the allocation fails,
 120 * the program dies.
 121 */
 122void *xmemdupz(const void *data, size_t len)
 123{
 124        return memcpy(xmallocz(len), data, len);
 125}
 126
 127char *xstrndup(const char *str, size_t len)
 128{
 129        char *p = memchr(str, '\0', len);
 130        return xmemdupz(str, p ? p - str : len);
 131}
 132
 133void *xrealloc(void *ptr, size_t size)
 134{
 135        void *ret;
 136
 137        memory_limit_check(size, 0);
 138        ret = realloc(ptr, size);
 139        if (!ret && !size)
 140                ret = realloc(ptr, 1);
 141        if (!ret) {
 142                try_to_free_routine(size);
 143                ret = realloc(ptr, size);
 144                if (!ret && !size)
 145                        ret = realloc(ptr, 1);
 146                if (!ret)
 147                        die("Out of memory, realloc failed");
 148        }
 149        return ret;
 150}
 151
 152void *xcalloc(size_t nmemb, size_t size)
 153{
 154        void *ret;
 155
 156        if (unsigned_mult_overflows(nmemb, size))
 157                die("data too large to fit into virtual memory space");
 158
 159        memory_limit_check(size * nmemb, 0);
 160        ret = calloc(nmemb, size);
 161        if (!ret && (!nmemb || !size))
 162                ret = calloc(1, 1);
 163        if (!ret) {
 164                try_to_free_routine(nmemb * size);
 165                ret = calloc(nmemb, size);
 166                if (!ret && (!nmemb || !size))
 167                        ret = calloc(1, 1);
 168                if (!ret)
 169                        die("Out of memory, calloc failed");
 170        }
 171        return ret;
 172}
 173
 174/*
 175 * Limit size of IO chunks, because huge chunks only cause pain.  OS X
 176 * 64-bit is buggy, returning EINVAL if len >= INT_MAX; and even in
 177 * the absence of bugs, large chunks can result in bad latencies when
 178 * you decide to kill the process.
 179 *
 180 * We pick 8 MiB as our default, but if the platform defines SSIZE_MAX
 181 * that is smaller than that, clip it to SSIZE_MAX, as a call to
 182 * read(2) or write(2) larger than that is allowed to fail.  As the last
 183 * resort, we allow a port to pass via CFLAGS e.g. "-DMAX_IO_SIZE=value"
 184 * to override this, if the definition of SSIZE_MAX given by the platform
 185 * is broken.
 186 */
 187#ifndef MAX_IO_SIZE
 188# define MAX_IO_SIZE_DEFAULT (8*1024*1024)
 189# if defined(SSIZE_MAX) && (SSIZE_MAX < MAX_IO_SIZE_DEFAULT)
 190#  define MAX_IO_SIZE SSIZE_MAX
 191# else
 192#  define MAX_IO_SIZE MAX_IO_SIZE_DEFAULT
 193# endif
 194#endif
 195
 196/**
 197 * xopen() is the same as open(), but it die()s if the open() fails.
 198 */
 199int xopen(const char *path, int oflag, ...)
 200{
 201        mode_t mode = 0;
 202        va_list ap;
 203
 204        /*
 205         * va_arg() will have undefined behavior if the specified type is not
 206         * compatible with the argument type. Since integers are promoted to
 207         * ints, we fetch the next argument as an int, and then cast it to a
 208         * mode_t to avoid undefined behavior.
 209         */
 210        va_start(ap, oflag);
 211        if (oflag & O_CREAT)
 212                mode = va_arg(ap, int);
 213        va_end(ap);
 214
 215        for (;;) {
 216                int fd = open(path, oflag, mode);
 217                if (fd >= 0)
 218                        return fd;
 219                if (errno == EINTR)
 220                        continue;
 221
 222                if ((oflag & O_RDWR) == O_RDWR)
 223                        die_errno(_("could not open '%s' for reading and writing"), path);
 224                else if ((oflag & O_WRONLY) == O_WRONLY)
 225                        die_errno(_("could not open '%s' for writing"), path);
 226                else
 227                        die_errno(_("could not open '%s' for reading"), path);
 228        }
 229}
 230
 231static int handle_nonblock(int fd, short poll_events, int err)
 232{
 233        struct pollfd pfd;
 234
 235        if (err != EAGAIN && err != EWOULDBLOCK)
 236                return 0;
 237
 238        pfd.fd = fd;
 239        pfd.events = poll_events;
 240
 241        /*
 242         * no need to check for errors, here;
 243         * a subsequent read/write will detect unrecoverable errors
 244         */
 245        poll(&pfd, 1, -1);
 246        return 1;
 247}
 248
 249/*
 250 * xread() is the same a read(), but it automatically restarts read()
 251 * operations with a recoverable error (EAGAIN and EINTR). xread()
 252 * DOES NOT GUARANTEE that "len" bytes is read even if the data is available.
 253 */
 254ssize_t xread(int fd, void *buf, size_t len)
 255{
 256        ssize_t nr;
 257        if (len > MAX_IO_SIZE)
 258            len = MAX_IO_SIZE;
 259        while (1) {
 260                nr = read(fd, buf, len);
 261                if (nr < 0) {
 262                        if (errno == EINTR)
 263                                continue;
 264                        if (handle_nonblock(fd, POLLIN, errno))
 265                                continue;
 266                }
 267                return nr;
 268        }
 269}
 270
 271/*
 272 * xwrite() is the same a write(), but it automatically restarts write()
 273 * operations with a recoverable error (EAGAIN and EINTR). xwrite() DOES NOT
 274 * GUARANTEE that "len" bytes is written even if the operation is successful.
 275 */
 276ssize_t xwrite(int fd, const void *buf, size_t len)
 277{
 278        ssize_t nr;
 279        if (len > MAX_IO_SIZE)
 280            len = MAX_IO_SIZE;
 281        while (1) {
 282                nr = write(fd, buf, len);
 283                if (nr < 0) {
 284                        if (errno == EINTR)
 285                                continue;
 286                        if (handle_nonblock(fd, POLLOUT, errno))
 287                                continue;
 288                }
 289
 290                return nr;
 291        }
 292}
 293
 294/*
 295 * xpread() is the same as pread(), but it automatically restarts pread()
 296 * operations with a recoverable error (EAGAIN and EINTR). xpread() DOES
 297 * NOT GUARANTEE that "len" bytes is read even if the data is available.
 298 */
 299ssize_t xpread(int fd, void *buf, size_t len, off_t offset)
 300{
 301        ssize_t nr;
 302        if (len > MAX_IO_SIZE)
 303                len = MAX_IO_SIZE;
 304        while (1) {
 305                nr = pread(fd, buf, len, offset);
 306                if ((nr < 0) && (errno == EAGAIN || errno == EINTR))
 307                        continue;
 308                return nr;
 309        }
 310}
 311
 312ssize_t read_in_full(int fd, void *buf, size_t count)
 313{
 314        char *p = buf;
 315        ssize_t total = 0;
 316
 317        while (count > 0) {
 318                ssize_t loaded = xread(fd, p, count);
 319                if (loaded < 0)
 320                        return -1;
 321                if (loaded == 0)
 322                        return total;
 323                count -= loaded;
 324                p += loaded;
 325                total += loaded;
 326        }
 327
 328        return total;
 329}
 330
 331ssize_t write_in_full(int fd, const void *buf, size_t count)
 332{
 333        const char *p = buf;
 334        ssize_t total = 0;
 335
 336        while (count > 0) {
 337                ssize_t written = xwrite(fd, p, count);
 338                if (written < 0)
 339                        return -1;
 340                if (!written) {
 341                        errno = ENOSPC;
 342                        return -1;
 343                }
 344                count -= written;
 345                p += written;
 346                total += written;
 347        }
 348
 349        return total;
 350}
 351
 352ssize_t pread_in_full(int fd, void *buf, size_t count, off_t offset)
 353{
 354        char *p = buf;
 355        ssize_t total = 0;
 356
 357        while (count > 0) {
 358                ssize_t loaded = xpread(fd, p, count, offset);
 359                if (loaded < 0)
 360                        return -1;
 361                if (loaded == 0)
 362                        return total;
 363                count -= loaded;
 364                p += loaded;
 365                total += loaded;
 366                offset += loaded;
 367        }
 368
 369        return total;
 370}
 371
 372int xdup(int fd)
 373{
 374        int ret = dup(fd);
 375        if (ret < 0)
 376                die_errno("dup failed");
 377        return ret;
 378}
 379
 380/**
 381 * xfopen() is the same as fopen(), but it die()s if the fopen() fails.
 382 */
 383FILE *xfopen(const char *path, const char *mode)
 384{
 385        for (;;) {
 386                FILE *fp = fopen(path, mode);
 387                if (fp)
 388                        return fp;
 389                if (errno == EINTR)
 390                        continue;
 391
 392                if (*mode && mode[1] == '+')
 393                        die_errno(_("could not open '%s' for reading and writing"), path);
 394                else if (*mode == 'w' || *mode == 'a')
 395                        die_errno(_("could not open '%s' for writing"), path);
 396                else
 397                        die_errno(_("could not open '%s' for reading"), path);
 398        }
 399}
 400
 401FILE *xfdopen(int fd, const char *mode)
 402{
 403        FILE *stream = fdopen(fd, mode);
 404        if (stream == NULL)
 405                die_errno("Out of memory? fdopen failed");
 406        return stream;
 407}
 408
 409FILE *fopen_for_writing(const char *path)
 410{
 411        FILE *ret = fopen(path, "w");
 412
 413        if (!ret && errno == EPERM) {
 414                if (!unlink(path))
 415                        ret = fopen(path, "w");
 416                else
 417                        errno = EPERM;
 418        }
 419        return ret;
 420}
 421
 422static void warn_on_inaccessible(const char *path)
 423{
 424        warning_errno(_("unable to access '%s'"), path);
 425}
 426
 427int warn_on_fopen_errors(const char *path)
 428{
 429        if (errno != ENOENT && errno != ENOTDIR) {
 430                warn_on_inaccessible(path);
 431                return -1;
 432        }
 433
 434        return 0;
 435}
 436
 437FILE *fopen_or_warn(const char *path, const char *mode)
 438{
 439        FILE *fp = fopen(path, mode);
 440
 441        if (fp)
 442                return fp;
 443
 444        warn_on_fopen_errors(path);
 445        return NULL;
 446}
 447
 448int xmkstemp(char *template)
 449{
 450        int fd;
 451        char origtemplate[PATH_MAX];
 452        strlcpy(origtemplate, template, sizeof(origtemplate));
 453
 454        fd = mkstemp(template);
 455        if (fd < 0) {
 456                int saved_errno = errno;
 457                const char *nonrelative_template;
 458
 459                if (strlen(template) != strlen(origtemplate))
 460                        template = origtemplate;
 461
 462                nonrelative_template = absolute_path(template);
 463                errno = saved_errno;
 464                die_errno("Unable to create temporary file '%s'",
 465                        nonrelative_template);
 466        }
 467        return fd;
 468}
 469
 470/* Adapted from libiberty's mkstemp.c. */
 471
 472#undef TMP_MAX
 473#define TMP_MAX 16384
 474
 475int git_mkstemps_mode(char *pattern, int suffix_len, int mode)
 476{
 477        static const char letters[] =
 478                "abcdefghijklmnopqrstuvwxyz"
 479                "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
 480                "0123456789";
 481        static const int num_letters = 62;
 482        uint64_t value;
 483        struct timeval tv;
 484        char *template;
 485        size_t len;
 486        int fd, count;
 487
 488        len = strlen(pattern);
 489
 490        if (len < 6 + suffix_len) {
 491                errno = EINVAL;
 492                return -1;
 493        }
 494
 495        if (strncmp(&pattern[len - 6 - suffix_len], "XXXXXX", 6)) {
 496                errno = EINVAL;
 497                return -1;
 498        }
 499
 500        /*
 501         * Replace pattern's XXXXXX characters with randomness.
 502         * Try TMP_MAX different filenames.
 503         */
 504        gettimeofday(&tv, NULL);
 505        value = ((size_t)(tv.tv_usec << 16)) ^ tv.tv_sec ^ getpid();
 506        template = &pattern[len - 6 - suffix_len];
 507        for (count = 0; count < TMP_MAX; ++count) {
 508                uint64_t v = value;
 509                /* Fill in the random bits. */
 510                template[0] = letters[v % num_letters]; v /= num_letters;
 511                template[1] = letters[v % num_letters]; v /= num_letters;
 512                template[2] = letters[v % num_letters]; v /= num_letters;
 513                template[3] = letters[v % num_letters]; v /= num_letters;
 514                template[4] = letters[v % num_letters]; v /= num_letters;
 515                template[5] = letters[v % num_letters]; v /= num_letters;
 516
 517                fd = open(pattern, O_CREAT | O_EXCL | O_RDWR, mode);
 518                if (fd >= 0)
 519                        return fd;
 520                /*
 521                 * Fatal error (EPERM, ENOSPC etc).
 522                 * It doesn't make sense to loop.
 523                 */
 524                if (errno != EEXIST)
 525                        break;
 526                /*
 527                 * This is a random value.  It is only necessary that
 528                 * the next TMP_MAX values generated by adding 7777 to
 529                 * VALUE are different with (module 2^32).
 530                 */
 531                value += 7777;
 532        }
 533        /* We return the null string if we can't find a unique file name.  */
 534        pattern[0] = '\0';
 535        return -1;
 536}
 537
 538int git_mkstemp_mode(char *pattern, int mode)
 539{
 540        /* mkstemp is just mkstemps with no suffix */
 541        return git_mkstemps_mode(pattern, 0, mode);
 542}
 543
 544int xmkstemp_mode(char *template, int mode)
 545{
 546        int fd;
 547        char origtemplate[PATH_MAX];
 548        strlcpy(origtemplate, template, sizeof(origtemplate));
 549
 550        fd = git_mkstemp_mode(template, mode);
 551        if (fd < 0) {
 552                int saved_errno = errno;
 553                const char *nonrelative_template;
 554
 555                if (!template[0])
 556                        template = origtemplate;
 557
 558                nonrelative_template = absolute_path(template);
 559                errno = saved_errno;
 560                die_errno("Unable to create temporary file '%s'",
 561                        nonrelative_template);
 562        }
 563        return fd;
 564}
 565
 566static int warn_if_unremovable(const char *op, const char *file, int rc)
 567{
 568        int err;
 569        if (!rc || errno == ENOENT)
 570                return 0;
 571        err = errno;
 572        warning_errno("unable to %s '%s'", op, file);
 573        errno = err;
 574        return rc;
 575}
 576
 577int unlink_or_msg(const char *file, struct strbuf *err)
 578{
 579        int rc = unlink(file);
 580
 581        assert(err);
 582
 583        if (!rc || errno == ENOENT)
 584                return 0;
 585
 586        strbuf_addf(err, "unable to unlink '%s': %s",
 587                    file, strerror(errno));
 588        return -1;
 589}
 590
 591int unlink_or_warn(const char *file)
 592{
 593        return warn_if_unremovable("unlink", file, unlink(file));
 594}
 595
 596int rmdir_or_warn(const char *file)
 597{
 598        return warn_if_unremovable("rmdir", file, rmdir(file));
 599}
 600
 601int remove_or_warn(unsigned int mode, const char *file)
 602{
 603        return S_ISGITLINK(mode) ? rmdir_or_warn(file) : unlink_or_warn(file);
 604}
 605
 606static int access_error_is_ok(int err, unsigned flag)
 607{
 608        return (is_missing_file_error(err) ||
 609                ((flag & ACCESS_EACCES_OK) && err == EACCES));
 610}
 611
 612int access_or_warn(const char *path, int mode, unsigned flag)
 613{
 614        int ret = access(path, mode);
 615        if (ret && !access_error_is_ok(errno, flag))
 616                warn_on_inaccessible(path);
 617        return ret;
 618}
 619
 620int access_or_die(const char *path, int mode, unsigned flag)
 621{
 622        int ret = access(path, mode);
 623        if (ret && !access_error_is_ok(errno, flag))
 624                die_errno(_("unable to access '%s'"), path);
 625        return ret;
 626}
 627
 628char *xgetcwd(void)
 629{
 630        struct strbuf sb = STRBUF_INIT;
 631        if (strbuf_getcwd(&sb))
 632                die_errno(_("unable to get current working directory"));
 633        return strbuf_detach(&sb, NULL);
 634}
 635
 636int xsnprintf(char *dst, size_t max, const char *fmt, ...)
 637{
 638        va_list ap;
 639        int len;
 640
 641        va_start(ap, fmt);
 642        len = vsnprintf(dst, max, fmt, ap);
 643        va_end(ap);
 644
 645        if (len < 0)
 646                die("BUG: your snprintf is broken");
 647        if (len >= max)
 648                die("BUG: attempt to snprintf into too-small buffer");
 649        return len;
 650}
 651
 652void write_file_buf(const char *path, const char *buf, size_t len)
 653{
 654        int fd = xopen(path, O_WRONLY | O_CREAT | O_TRUNC, 0666);
 655        if (write_in_full(fd, buf, len) < 0)
 656                die_errno(_("could not write to '%s'"), path);
 657        if (close(fd))
 658                die_errno(_("could not close '%s'"), path);
 659}
 660
 661void write_file(const char *path, const char *fmt, ...)
 662{
 663        va_list params;
 664        struct strbuf sb = STRBUF_INIT;
 665
 666        va_start(params, fmt);
 667        strbuf_vaddf(&sb, fmt, params);
 668        va_end(params);
 669
 670        strbuf_complete_line(&sb);
 671
 672        write_file_buf(path, sb.buf, sb.len);
 673        strbuf_release(&sb);
 674}
 675
 676void sleep_millisec(int millisec)
 677{
 678        poll(NULL, 0, millisec);
 679}
 680
 681int xgethostname(char *buf, size_t len)
 682{
 683        /*
 684         * If the full hostname doesn't fit in buf, POSIX does not
 685         * specify whether the buffer will be null-terminated, so to
 686         * be safe, do it ourselves.
 687         */
 688        int ret = gethostname(buf, len);
 689        if (!ret)
 690                buf[len - 1] = 0;
 691        return ret;
 692}