bundle.con commit gpg-interface: do not scan past the end of buffer (64c45dc)
   1#include "cache.h"
   2#include "lockfile.h"
   3#include "bundle.h"
   4#include "object-store.h"
   5#include "repository.h"
   6#include "object.h"
   7#include "commit.h"
   8#include "diff.h"
   9#include "revision.h"
  10#include "list-objects.h"
  11#include "run-command.h"
  12#include "refs.h"
  13#include "argv-array.h"
  14
  15static const char bundle_signature[] = "# v2 git bundle\n";
  16
  17static void add_to_ref_list(const struct object_id *oid, const char *name,
  18                struct ref_list *list)
  19{
  20        ALLOC_GROW(list->list, list->nr + 1, list->alloc);
  21        oidcpy(&list->list[list->nr].oid, oid);
  22        list->list[list->nr].name = xstrdup(name);
  23        list->nr++;
  24}
  25
  26static int parse_bundle_header(int fd, struct bundle_header *header,
  27                               const char *report_path)
  28{
  29        struct strbuf buf = STRBUF_INIT;
  30        int status = 0;
  31
  32        /* The bundle header begins with the signature */
  33        if (strbuf_getwholeline_fd(&buf, fd, '\n') ||
  34            strcmp(buf.buf, bundle_signature)) {
  35                if (report_path)
  36                        error(_("'%s' does not look like a v2 bundle file"),
  37                              report_path);
  38                status = -1;
  39                goto abort;
  40        }
  41
  42        /* The bundle header ends with an empty line */
  43        while (!strbuf_getwholeline_fd(&buf, fd, '\n') &&
  44               buf.len && buf.buf[0] != '\n') {
  45                struct object_id oid;
  46                int is_prereq = 0;
  47                const char *p;
  48
  49                if (*buf.buf == '-') {
  50                        is_prereq = 1;
  51                        strbuf_remove(&buf, 0, 1);
  52                }
  53                strbuf_rtrim(&buf);
  54
  55                /*
  56                 * Tip lines have object name, SP, and refname.
  57                 * Prerequisites have object name that is optionally
  58                 * followed by SP and subject line.
  59                 */
  60                if (parse_oid_hex(buf.buf, &oid, &p) ||
  61                    (*p && !isspace(*p)) ||
  62                    (!is_prereq && !*p)) {
  63                        if (report_path)
  64                                error(_("unrecognized header: %s%s (%d)"),
  65                                      (is_prereq ? "-" : ""), buf.buf, (int)buf.len);
  66                        status = -1;
  67                        break;
  68                } else {
  69                        if (is_prereq)
  70                                add_to_ref_list(&oid, "", &header->prerequisites);
  71                        else
  72                                add_to_ref_list(&oid, p + 1, &header->references);
  73                }
  74        }
  75
  76 abort:
  77        if (status) {
  78                close(fd);
  79                fd = -1;
  80        }
  81        strbuf_release(&buf);
  82        return fd;
  83}
  84
  85int read_bundle_header(const char *path, struct bundle_header *header)
  86{
  87        int fd = open(path, O_RDONLY);
  88
  89        if (fd < 0)
  90                return error(_("could not open '%s'"), path);
  91        return parse_bundle_header(fd, header, path);
  92}
  93
  94int is_bundle(const char *path, int quiet)
  95{
  96        struct bundle_header header;
  97        int fd = open(path, O_RDONLY);
  98
  99        if (fd < 0)
 100                return 0;
 101        memset(&header, 0, sizeof(header));
 102        fd = parse_bundle_header(fd, &header, quiet ? NULL : path);
 103        if (fd >= 0)
 104                close(fd);
 105        return (fd >= 0);
 106}
 107
 108static int list_refs(struct ref_list *r, int argc, const char **argv)
 109{
 110        int i;
 111
 112        for (i = 0; i < r->nr; i++) {
 113                if (argc > 1) {
 114                        int j;
 115                        for (j = 1; j < argc; j++)
 116                                if (!strcmp(r->list[i].name, argv[j]))
 117                                        break;
 118                        if (j == argc)
 119                                continue;
 120                }
 121                printf("%s %s\n", oid_to_hex(&r->list[i].oid),
 122                                r->list[i].name);
 123        }
 124        return 0;
 125}
 126
 127/* Remember to update object flag allocation in object.h */
 128#define PREREQ_MARK (1u<<16)
 129
 130int verify_bundle(struct bundle_header *header, int verbose)
 131{
 132        /*
 133         * Do fast check, then if any prereqs are missing then go line by line
 134         * to be verbose about the errors
 135         */
 136        struct ref_list *p = &header->prerequisites;
 137        struct rev_info revs;
 138        const char *argv[] = {NULL, "--all", NULL};
 139        struct commit *commit;
 140        int i, ret = 0, req_nr;
 141        const char *message = _("Repository lacks these prerequisite commits:");
 142
 143        repo_init_revisions(the_repository, &revs, NULL);
 144        for (i = 0; i < p->nr; i++) {
 145                struct ref_list_entry *e = p->list + i;
 146                struct object *o = parse_object(the_repository, &e->oid);
 147                if (o) {
 148                        o->flags |= PREREQ_MARK;
 149                        add_pending_object(&revs, o, e->name);
 150                        continue;
 151                }
 152                if (++ret == 1)
 153                        error("%s", message);
 154                error("%s %s", oid_to_hex(&e->oid), e->name);
 155        }
 156        if (revs.pending.nr != p->nr)
 157                return ret;
 158        req_nr = revs.pending.nr;
 159        setup_revisions(2, argv, &revs, NULL);
 160
 161        if (prepare_revision_walk(&revs))
 162                die(_("revision walk setup failed"));
 163
 164        i = req_nr;
 165        while (i && (commit = get_revision(&revs)))
 166                if (commit->object.flags & PREREQ_MARK)
 167                        i--;
 168
 169        for (i = 0; i < p->nr; i++) {
 170                struct ref_list_entry *e = p->list + i;
 171                struct object *o = parse_object(the_repository, &e->oid);
 172                assert(o); /* otherwise we'd have returned early */
 173                if (o->flags & SHOWN)
 174                        continue;
 175                if (++ret == 1)
 176                        error("%s", message);
 177                error("%s %s", oid_to_hex(&e->oid), e->name);
 178        }
 179
 180        /* Clean up objects used, as they will be reused. */
 181        for (i = 0; i < p->nr; i++) {
 182                struct ref_list_entry *e = p->list + i;
 183                commit = lookup_commit_reference_gently(the_repository, &e->oid, 1);
 184                if (commit)
 185                        clear_commit_marks(commit, ALL_REV_FLAGS);
 186        }
 187
 188        if (verbose) {
 189                struct ref_list *r;
 190
 191                r = &header->references;
 192                printf_ln(Q_("The bundle contains this ref:",
 193                             "The bundle contains these %d refs:",
 194                             r->nr),
 195                          r->nr);
 196                list_refs(r, 0, NULL);
 197                r = &header->prerequisites;
 198                if (!r->nr) {
 199                        printf_ln(_("The bundle records a complete history."));
 200                } else {
 201                        printf_ln(Q_("The bundle requires this ref:",
 202                                     "The bundle requires these %d refs:",
 203                                     r->nr),
 204                                  r->nr);
 205                        list_refs(r, 0, NULL);
 206                }
 207        }
 208        return ret;
 209}
 210
 211int list_bundle_refs(struct bundle_header *header, int argc, const char **argv)
 212{
 213        return list_refs(&header->references, argc, argv);
 214}
 215
 216static int is_tag_in_date_range(struct object *tag, struct rev_info *revs)
 217{
 218        unsigned long size;
 219        enum object_type type;
 220        char *buf = NULL, *line, *lineend;
 221        timestamp_t date;
 222        int result = 1;
 223
 224        if (revs->max_age == -1 && revs->min_age == -1)
 225                goto out;
 226
 227        buf = read_object_file(&tag->oid, &type, &size);
 228        if (!buf)
 229                goto out;
 230        line = memmem(buf, size, "\ntagger ", 8);
 231        if (!line++)
 232                goto out;
 233        lineend = memchr(line, '\n', buf + size - line);
 234        line = memchr(line, '>', lineend ? lineend - line : buf + size - line);
 235        if (!line++)
 236                goto out;
 237        date = parse_timestamp(line, NULL, 10);
 238        result = (revs->max_age == -1 || revs->max_age < date) &&
 239                (revs->min_age == -1 || revs->min_age > date);
 240out:
 241        free(buf);
 242        return result;
 243}
 244
 245
 246/* Write the pack data to bundle_fd */
 247static int write_pack_data(int bundle_fd, struct rev_info *revs)
 248{
 249        struct child_process pack_objects = CHILD_PROCESS_INIT;
 250        int i;
 251
 252        argv_array_pushl(&pack_objects.args,
 253                         "pack-objects", "--all-progress-implied",
 254                         "--stdout", "--thin", "--delta-base-offset",
 255                         NULL);
 256        pack_objects.in = -1;
 257        pack_objects.out = bundle_fd;
 258        pack_objects.git_cmd = 1;
 259
 260        /*
 261         * start_command() will close our descriptor if it's >1. Duplicate it
 262         * to avoid surprising the caller.
 263         */
 264        if (pack_objects.out > 1) {
 265                pack_objects.out = dup(pack_objects.out);
 266                if (pack_objects.out < 0) {
 267                        error_errno(_("unable to dup bundle descriptor"));
 268                        child_process_clear(&pack_objects);
 269                        return -1;
 270                }
 271        }
 272
 273        if (start_command(&pack_objects))
 274                return error(_("Could not spawn pack-objects"));
 275
 276        for (i = 0; i < revs->pending.nr; i++) {
 277                struct object *object = revs->pending.objects[i].item;
 278                if (object->flags & UNINTERESTING)
 279                        write_or_die(pack_objects.in, "^", 1);
 280                write_or_die(pack_objects.in, oid_to_hex(&object->oid), GIT_SHA1_HEXSZ);
 281                write_or_die(pack_objects.in, "\n", 1);
 282        }
 283        close(pack_objects.in);
 284        if (finish_command(&pack_objects))
 285                return error(_("pack-objects died"));
 286        return 0;
 287}
 288
 289static int compute_and_write_prerequisites(int bundle_fd,
 290                                           struct rev_info *revs,
 291                                           int argc, const char **argv)
 292{
 293        struct child_process rls = CHILD_PROCESS_INIT;
 294        struct strbuf buf = STRBUF_INIT;
 295        FILE *rls_fout;
 296        int i;
 297
 298        argv_array_pushl(&rls.args,
 299                         "rev-list", "--boundary", "--pretty=oneline",
 300                         NULL);
 301        for (i = 1; i < argc; i++)
 302                argv_array_push(&rls.args, argv[i]);
 303        rls.out = -1;
 304        rls.git_cmd = 1;
 305        if (start_command(&rls))
 306                return -1;
 307        rls_fout = xfdopen(rls.out, "r");
 308        while (strbuf_getwholeline(&buf, rls_fout, '\n') != EOF) {
 309                struct object_id oid;
 310                if (buf.len > 0 && buf.buf[0] == '-') {
 311                        write_or_die(bundle_fd, buf.buf, buf.len);
 312                        if (!get_oid_hex(buf.buf + 1, &oid)) {
 313                                struct object *object = parse_object_or_die(&oid,
 314                                                                            buf.buf);
 315                                object->flags |= UNINTERESTING;
 316                                add_pending_object(revs, object, buf.buf);
 317                        }
 318                } else if (!get_oid_hex(buf.buf, &oid)) {
 319                        struct object *object = parse_object_or_die(&oid,
 320                                                                    buf.buf);
 321                        object->flags |= SHOWN;
 322                }
 323        }
 324        strbuf_release(&buf);
 325        fclose(rls_fout);
 326        if (finish_command(&rls))
 327                return error(_("rev-list died"));
 328        return 0;
 329}
 330
 331/*
 332 * Write out bundle refs based on the tips already
 333 * parsed into revs.pending. As a side effect, may
 334 * manipulate revs.pending to include additional
 335 * necessary objects (like tags).
 336 *
 337 * Returns the number of refs written, or negative
 338 * on error.
 339 */
 340static int write_bundle_refs(int bundle_fd, struct rev_info *revs)
 341{
 342        int i;
 343        int ref_count = 0;
 344
 345        for (i = 0; i < revs->pending.nr; i++) {
 346                struct object_array_entry *e = revs->pending.objects + i;
 347                struct object_id oid;
 348                char *ref;
 349                const char *display_ref;
 350                int flag;
 351
 352                if (e->item->flags & UNINTERESTING)
 353                        continue;
 354                if (dwim_ref(e->name, strlen(e->name), &oid, &ref) != 1)
 355                        goto skip_write_ref;
 356                if (read_ref_full(e->name, RESOLVE_REF_READING, &oid, &flag))
 357                        flag = 0;
 358                display_ref = (flag & REF_ISSYMREF) ? e->name : ref;
 359
 360                if (e->item->type == OBJ_TAG &&
 361                                !is_tag_in_date_range(e->item, revs)) {
 362                        e->item->flags |= UNINTERESTING;
 363                        goto skip_write_ref;
 364                }
 365
 366                /*
 367                 * Make sure the refs we wrote out is correct; --max-count and
 368                 * other limiting options could have prevented all the tips
 369                 * from getting output.
 370                 *
 371                 * Non commit objects such as tags and blobs do not have
 372                 * this issue as they are not affected by those extra
 373                 * constraints.
 374                 */
 375                if (!(e->item->flags & SHOWN) && e->item->type == OBJ_COMMIT) {
 376                        warning(_("ref '%s' is excluded by the rev-list options"),
 377                                e->name);
 378                        goto skip_write_ref;
 379                }
 380                /*
 381                 * If you run "git bundle create bndl v1.0..v2.0", the
 382                 * name of the positive ref is "v2.0" but that is the
 383                 * commit that is referenced by the tag, and not the tag
 384                 * itself.
 385                 */
 386                if (!oideq(&oid, &e->item->oid)) {
 387                        /*
 388                         * Is this the positive end of a range expressed
 389                         * in terms of a tag (e.g. v2.0 from the range
 390                         * "v1.0..v2.0")?
 391                         */
 392                        struct commit *one = lookup_commit_reference(the_repository,
 393                                                                     &oid);
 394                        struct object *obj;
 395
 396                        if (e->item == &(one->object)) {
 397                                /*
 398                                 * Need to include e->name as an
 399                                 * independent ref to the pack-objects
 400                                 * input, so that the tag is included
 401                                 * in the output; otherwise we would
 402                                 * end up triggering "empty bundle"
 403                                 * error.
 404                                 */
 405                                obj = parse_object_or_die(&oid, e->name);
 406                                obj->flags |= SHOWN;
 407                                add_pending_object(revs, obj, e->name);
 408                        }
 409                        goto skip_write_ref;
 410                }
 411
 412                ref_count++;
 413                write_or_die(bundle_fd, oid_to_hex(&e->item->oid), 40);
 414                write_or_die(bundle_fd, " ", 1);
 415                write_or_die(bundle_fd, display_ref, strlen(display_ref));
 416                write_or_die(bundle_fd, "\n", 1);
 417 skip_write_ref:
 418                free(ref);
 419        }
 420
 421        /* end header */
 422        write_or_die(bundle_fd, "\n", 1);
 423        return ref_count;
 424}
 425
 426int create_bundle(struct bundle_header *header, const char *path,
 427                  int argc, const char **argv)
 428{
 429        struct lock_file lock = LOCK_INIT;
 430        int bundle_fd = -1;
 431        int bundle_to_stdout;
 432        int ref_count = 0;
 433        struct rev_info revs;
 434
 435        bundle_to_stdout = !strcmp(path, "-");
 436        if (bundle_to_stdout)
 437                bundle_fd = 1;
 438        else
 439                bundle_fd = hold_lock_file_for_update(&lock, path,
 440                                                      LOCK_DIE_ON_ERROR);
 441
 442        /* write signature */
 443        write_or_die(bundle_fd, bundle_signature, strlen(bundle_signature));
 444
 445        /* init revs to list objects for pack-objects later */
 446        save_commit_buffer = 0;
 447        repo_init_revisions(the_repository, &revs, NULL);
 448
 449        /* write prerequisites */
 450        if (compute_and_write_prerequisites(bundle_fd, &revs, argc, argv))
 451                goto err;
 452
 453        argc = setup_revisions(argc, argv, &revs, NULL);
 454
 455        if (argc > 1) {
 456                error(_("unrecognized argument: %s"), argv[1]);
 457                goto err;
 458        }
 459
 460        object_array_remove_duplicates(&revs.pending);
 461
 462        ref_count = write_bundle_refs(bundle_fd, &revs);
 463        if (!ref_count)
 464                die(_("Refusing to create empty bundle."));
 465        else if (ref_count < 0)
 466                goto err;
 467
 468        /* write pack */
 469        if (write_pack_data(bundle_fd, &revs))
 470                goto err;
 471
 472        if (!bundle_to_stdout) {
 473                if (commit_lock_file(&lock))
 474                        die_errno(_("cannot create '%s'"), path);
 475        }
 476        return 0;
 477err:
 478        rollback_lock_file(&lock);
 479        return -1;
 480}
 481
 482int unbundle(struct bundle_header *header, int bundle_fd, int flags)
 483{
 484        const char *argv_index_pack[] = {"index-pack",
 485                                         "--fix-thin", "--stdin", NULL, NULL};
 486        struct child_process ip = CHILD_PROCESS_INIT;
 487
 488        if (flags & BUNDLE_VERBOSE)
 489                argv_index_pack[3] = "-v";
 490
 491        if (verify_bundle(header, 0))
 492                return -1;
 493        ip.argv = argv_index_pack;
 494        ip.in = bundle_fd;
 495        ip.no_stdout = 1;
 496        ip.git_cmd = 1;
 497        if (run_command(&ip))
 498                return error(_("index-pack died"));
 499        return 0;
 500}