wrapper.con commit Merge branch 'cb/curl-use-xmalloc' (a2e524e)
   1/*
   2 * Various trivial helper wrappers around standard functions
   3 */
   4#include "cache.h"
   5#include "config.h"
   6
   7static int memory_limit_check(size_t size, int gentle)
   8{
   9        static size_t limit = 0;
  10        if (!limit) {
  11                limit = git_env_ulong("GIT_ALLOC_LIMIT", 0);
  12                if (!limit)
  13                        limit = SIZE_MAX;
  14        }
  15        if (size > limit) {
  16                if (gentle) {
  17                        error("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX,
  18                              (uintmax_t)size, (uintmax_t)limit);
  19                        return -1;
  20                } else
  21                        die("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX,
  22                            (uintmax_t)size, (uintmax_t)limit);
  23        }
  24        return 0;
  25}
  26
  27char *xstrdup(const char *str)
  28{
  29        char *ret = strdup(str);
  30        if (!ret)
  31                die("Out of memory, strdup failed");
  32        return ret;
  33}
  34
  35static void *do_xmalloc(size_t size, int gentle)
  36{
  37        void *ret;
  38
  39        if (memory_limit_check(size, gentle))
  40                return NULL;
  41        ret = malloc(size);
  42        if (!ret && !size)
  43                ret = malloc(1);
  44        if (!ret) {
  45                if (!gentle)
  46                        die("Out of memory, malloc failed (tried to allocate %lu bytes)",
  47                            (unsigned long)size);
  48                else {
  49                        error("Out of memory, malloc failed (tried to allocate %lu bytes)",
  50                              (unsigned long)size);
  51                        return NULL;
  52                }
  53        }
  54#ifdef XMALLOC_POISON
  55        memset(ret, 0xA5, size);
  56#endif
  57        return ret;
  58}
  59
  60void *xmalloc(size_t size)
  61{
  62        return do_xmalloc(size, 0);
  63}
  64
  65static void *do_xmallocz(size_t size, int gentle)
  66{
  67        void *ret;
  68        if (unsigned_add_overflows(size, 1)) {
  69                if (gentle) {
  70                        error("Data too large to fit into virtual memory space.");
  71                        return NULL;
  72                } else
  73                        die("Data too large to fit into virtual memory space.");
  74        }
  75        ret = do_xmalloc(size + 1, gentle);
  76        if (ret)
  77                ((char*)ret)[size] = 0;
  78        return ret;
  79}
  80
  81void *xmallocz(size_t size)
  82{
  83        return do_xmallocz(size, 0);
  84}
  85
  86void *xmallocz_gently(size_t size)
  87{
  88        return do_xmallocz(size, 1);
  89}
  90
  91/*
  92 * xmemdupz() allocates (len + 1) bytes of memory, duplicates "len" bytes of
  93 * "data" to the allocated memory, zero terminates the allocated memory,
  94 * and returns a pointer to the allocated memory. If the allocation fails,
  95 * the program dies.
  96 */
  97void *xmemdupz(const void *data, size_t len)
  98{
  99        return memcpy(xmallocz(len), data, len);
 100}
 101
 102char *xstrndup(const char *str, size_t len)
 103{
 104        char *p = memchr(str, '\0', len);
 105        return xmemdupz(str, p ? p - str : len);
 106}
 107
 108void *xrealloc(void *ptr, size_t size)
 109{
 110        void *ret;
 111
 112        memory_limit_check(size, 0);
 113        ret = realloc(ptr, size);
 114        if (!ret && !size)
 115                ret = realloc(ptr, 1);
 116        if (!ret)
 117                die("Out of memory, realloc failed");
 118        return ret;
 119}
 120
 121void *xcalloc(size_t nmemb, size_t size)
 122{
 123        void *ret;
 124
 125        if (unsigned_mult_overflows(nmemb, size))
 126                die("data too large to fit into virtual memory space");
 127
 128        memory_limit_check(size * nmemb, 0);
 129        ret = calloc(nmemb, size);
 130        if (!ret && (!nmemb || !size))
 131                ret = calloc(1, 1);
 132        if (!ret)
 133                die("Out of memory, calloc failed");
 134        return ret;
 135}
 136
 137/*
 138 * Limit size of IO chunks, because huge chunks only cause pain.  OS X
 139 * 64-bit is buggy, returning EINVAL if len >= INT_MAX; and even in
 140 * the absence of bugs, large chunks can result in bad latencies when
 141 * you decide to kill the process.
 142 *
 143 * We pick 8 MiB as our default, but if the platform defines SSIZE_MAX
 144 * that is smaller than that, clip it to SSIZE_MAX, as a call to
 145 * read(2) or write(2) larger than that is allowed to fail.  As the last
 146 * resort, we allow a port to pass via CFLAGS e.g. "-DMAX_IO_SIZE=value"
 147 * to override this, if the definition of SSIZE_MAX given by the platform
 148 * is broken.
 149 */
 150#ifndef MAX_IO_SIZE
 151# define MAX_IO_SIZE_DEFAULT (8*1024*1024)
 152# if defined(SSIZE_MAX) && (SSIZE_MAX < MAX_IO_SIZE_DEFAULT)
 153#  define MAX_IO_SIZE SSIZE_MAX
 154# else
 155#  define MAX_IO_SIZE MAX_IO_SIZE_DEFAULT
 156# endif
 157#endif
 158
 159/**
 160 * xopen() is the same as open(), but it die()s if the open() fails.
 161 */
 162int xopen(const char *path, int oflag, ...)
 163{
 164        mode_t mode = 0;
 165        va_list ap;
 166
 167        /*
 168         * va_arg() will have undefined behavior if the specified type is not
 169         * compatible with the argument type. Since integers are promoted to
 170         * ints, we fetch the next argument as an int, and then cast it to a
 171         * mode_t to avoid undefined behavior.
 172         */
 173        va_start(ap, oflag);
 174        if (oflag & O_CREAT)
 175                mode = va_arg(ap, int);
 176        va_end(ap);
 177
 178        for (;;) {
 179                int fd = open(path, oflag, mode);
 180                if (fd >= 0)
 181                        return fd;
 182                if (errno == EINTR)
 183                        continue;
 184
 185                if ((oflag & O_RDWR) == O_RDWR)
 186                        die_errno(_("could not open '%s' for reading and writing"), path);
 187                else if ((oflag & O_WRONLY) == O_WRONLY)
 188                        die_errno(_("could not open '%s' for writing"), path);
 189                else
 190                        die_errno(_("could not open '%s' for reading"), path);
 191        }
 192}
 193
 194static int handle_nonblock(int fd, short poll_events, int err)
 195{
 196        struct pollfd pfd;
 197
 198        if (err != EAGAIN && err != EWOULDBLOCK)
 199                return 0;
 200
 201        pfd.fd = fd;
 202        pfd.events = poll_events;
 203
 204        /*
 205         * no need to check for errors, here;
 206         * a subsequent read/write will detect unrecoverable errors
 207         */
 208        poll(&pfd, 1, -1);
 209        return 1;
 210}
 211
 212/*
 213 * xread() is the same a read(), but it automatically restarts read()
 214 * operations with a recoverable error (EAGAIN and EINTR). xread()
 215 * DOES NOT GUARANTEE that "len" bytes is read even if the data is available.
 216 */
 217ssize_t xread(int fd, void *buf, size_t len)
 218{
 219        ssize_t nr;
 220        if (len > MAX_IO_SIZE)
 221            len = MAX_IO_SIZE;
 222        while (1) {
 223                nr = read(fd, buf, len);
 224                if (nr < 0) {
 225                        if (errno == EINTR)
 226                                continue;
 227                        if (handle_nonblock(fd, POLLIN, errno))
 228                                continue;
 229                }
 230                return nr;
 231        }
 232}
 233
 234/*
 235 * xwrite() is the same a write(), but it automatically restarts write()
 236 * operations with a recoverable error (EAGAIN and EINTR). xwrite() DOES NOT
 237 * GUARANTEE that "len" bytes is written even if the operation is successful.
 238 */
 239ssize_t xwrite(int fd, const void *buf, size_t len)
 240{
 241        ssize_t nr;
 242        if (len > MAX_IO_SIZE)
 243            len = MAX_IO_SIZE;
 244        while (1) {
 245                nr = write(fd, buf, len);
 246                if (nr < 0) {
 247                        if (errno == EINTR)
 248                                continue;
 249                        if (handle_nonblock(fd, POLLOUT, errno))
 250                                continue;
 251                }
 252
 253                return nr;
 254        }
 255}
 256
 257/*
 258 * xpread() is the same as pread(), but it automatically restarts pread()
 259 * operations with a recoverable error (EAGAIN and EINTR). xpread() DOES
 260 * NOT GUARANTEE that "len" bytes is read even if the data is available.
 261 */
 262ssize_t xpread(int fd, void *buf, size_t len, off_t offset)
 263{
 264        ssize_t nr;
 265        if (len > MAX_IO_SIZE)
 266                len = MAX_IO_SIZE;
 267        while (1) {
 268                nr = pread(fd, buf, len, offset);
 269                if ((nr < 0) && (errno == EAGAIN || errno == EINTR))
 270                        continue;
 271                return nr;
 272        }
 273}
 274
 275ssize_t read_in_full(int fd, void *buf, size_t count)
 276{
 277        char *p = buf;
 278        ssize_t total = 0;
 279
 280        while (count > 0) {
 281                ssize_t loaded = xread(fd, p, count);
 282                if (loaded < 0)
 283                        return -1;
 284                if (loaded == 0)
 285                        return total;
 286                count -= loaded;
 287                p += loaded;
 288                total += loaded;
 289        }
 290
 291        return total;
 292}
 293
 294ssize_t write_in_full(int fd, const void *buf, size_t count)
 295{
 296        const char *p = buf;
 297        ssize_t total = 0;
 298
 299        while (count > 0) {
 300                ssize_t written = xwrite(fd, p, count);
 301                if (written < 0)
 302                        return -1;
 303                if (!written) {
 304                        errno = ENOSPC;
 305                        return -1;
 306                }
 307                count -= written;
 308                p += written;
 309                total += written;
 310        }
 311
 312        return total;
 313}
 314
 315ssize_t pread_in_full(int fd, void *buf, size_t count, off_t offset)
 316{
 317        char *p = buf;
 318        ssize_t total = 0;
 319
 320        while (count > 0) {
 321                ssize_t loaded = xpread(fd, p, count, offset);
 322                if (loaded < 0)
 323                        return -1;
 324                if (loaded == 0)
 325                        return total;
 326                count -= loaded;
 327                p += loaded;
 328                total += loaded;
 329                offset += loaded;
 330        }
 331
 332        return total;
 333}
 334
 335int xdup(int fd)
 336{
 337        int ret = dup(fd);
 338        if (ret < 0)
 339                die_errno("dup failed");
 340        return ret;
 341}
 342
 343/**
 344 * xfopen() is the same as fopen(), but it die()s if the fopen() fails.
 345 */
 346FILE *xfopen(const char *path, const char *mode)
 347{
 348        for (;;) {
 349                FILE *fp = fopen(path, mode);
 350                if (fp)
 351                        return fp;
 352                if (errno == EINTR)
 353                        continue;
 354
 355                if (*mode && mode[1] == '+')
 356                        die_errno(_("could not open '%s' for reading and writing"), path);
 357                else if (*mode == 'w' || *mode == 'a')
 358                        die_errno(_("could not open '%s' for writing"), path);
 359                else
 360                        die_errno(_("could not open '%s' for reading"), path);
 361        }
 362}
 363
 364FILE *xfdopen(int fd, const char *mode)
 365{
 366        FILE *stream = fdopen(fd, mode);
 367        if (stream == NULL)
 368                die_errno("Out of memory? fdopen failed");
 369        return stream;
 370}
 371
 372FILE *fopen_for_writing(const char *path)
 373{
 374        FILE *ret = fopen(path, "w");
 375
 376        if (!ret && errno == EPERM) {
 377                if (!unlink(path))
 378                        ret = fopen(path, "w");
 379                else
 380                        errno = EPERM;
 381        }
 382        return ret;
 383}
 384
 385static void warn_on_inaccessible(const char *path)
 386{
 387        warning_errno(_("unable to access '%s'"), path);
 388}
 389
 390int warn_on_fopen_errors(const char *path)
 391{
 392        if (errno != ENOENT && errno != ENOTDIR) {
 393                warn_on_inaccessible(path);
 394                return -1;
 395        }
 396
 397        return 0;
 398}
 399
 400FILE *fopen_or_warn(const char *path, const char *mode)
 401{
 402        FILE *fp = fopen(path, mode);
 403
 404        if (fp)
 405                return fp;
 406
 407        warn_on_fopen_errors(path);
 408        return NULL;
 409}
 410
 411int xmkstemp(char *filename_template)
 412{
 413        int fd;
 414        char origtemplate[PATH_MAX];
 415        strlcpy(origtemplate, filename_template, sizeof(origtemplate));
 416
 417        fd = mkstemp(filename_template);
 418        if (fd < 0) {
 419                int saved_errno = errno;
 420                const char *nonrelative_template;
 421
 422                if (strlen(filename_template) != strlen(origtemplate))
 423                        filename_template = origtemplate;
 424
 425                nonrelative_template = absolute_path(filename_template);
 426                errno = saved_errno;
 427                die_errno("Unable to create temporary file '%s'",
 428                        nonrelative_template);
 429        }
 430        return fd;
 431}
 432
 433/* Adapted from libiberty's mkstemp.c. */
 434
 435#undef TMP_MAX
 436#define TMP_MAX 16384
 437
 438int git_mkstemps_mode(char *pattern, int suffix_len, int mode)
 439{
 440        static const char letters[] =
 441                "abcdefghijklmnopqrstuvwxyz"
 442                "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
 443                "0123456789";
 444        static const int num_letters = 62;
 445        uint64_t value;
 446        struct timeval tv;
 447        char *filename_template;
 448        size_t len;
 449        int fd, count;
 450
 451        len = strlen(pattern);
 452
 453        if (len < 6 + suffix_len) {
 454                errno = EINVAL;
 455                return -1;
 456        }
 457
 458        if (strncmp(&pattern[len - 6 - suffix_len], "XXXXXX", 6)) {
 459                errno = EINVAL;
 460                return -1;
 461        }
 462
 463        /*
 464         * Replace pattern's XXXXXX characters with randomness.
 465         * Try TMP_MAX different filenames.
 466         */
 467        gettimeofday(&tv, NULL);
 468        value = ((uint64_t)tv.tv_usec << 16) ^ tv.tv_sec ^ getpid();
 469        filename_template = &pattern[len - 6 - suffix_len];
 470        for (count = 0; count < TMP_MAX; ++count) {
 471                uint64_t v = value;
 472                /* Fill in the random bits. */
 473                filename_template[0] = letters[v % num_letters]; v /= num_letters;
 474                filename_template[1] = letters[v % num_letters]; v /= num_letters;
 475                filename_template[2] = letters[v % num_letters]; v /= num_letters;
 476                filename_template[3] = letters[v % num_letters]; v /= num_letters;
 477                filename_template[4] = letters[v % num_letters]; v /= num_letters;
 478                filename_template[5] = letters[v % num_letters]; v /= num_letters;
 479
 480                fd = open(pattern, O_CREAT | O_EXCL | O_RDWR, mode);
 481                if (fd >= 0)
 482                        return fd;
 483                /*
 484                 * Fatal error (EPERM, ENOSPC etc).
 485                 * It doesn't make sense to loop.
 486                 */
 487                if (errno != EEXIST)
 488                        break;
 489                /*
 490                 * This is a random value.  It is only necessary that
 491                 * the next TMP_MAX values generated by adding 7777 to
 492                 * VALUE are different with (module 2^32).
 493                 */
 494                value += 7777;
 495        }
 496        /* We return the null string if we can't find a unique file name.  */
 497        pattern[0] = '\0';
 498        return -1;
 499}
 500
 501int git_mkstemp_mode(char *pattern, int mode)
 502{
 503        /* mkstemp is just mkstemps with no suffix */
 504        return git_mkstemps_mode(pattern, 0, mode);
 505}
 506
 507int xmkstemp_mode(char *filename_template, int mode)
 508{
 509        int fd;
 510        char origtemplate[PATH_MAX];
 511        strlcpy(origtemplate, filename_template, sizeof(origtemplate));
 512
 513        fd = git_mkstemp_mode(filename_template, mode);
 514        if (fd < 0) {
 515                int saved_errno = errno;
 516                const char *nonrelative_template;
 517
 518                if (!filename_template[0])
 519                        filename_template = origtemplate;
 520
 521                nonrelative_template = absolute_path(filename_template);
 522                errno = saved_errno;
 523                die_errno("Unable to create temporary file '%s'",
 524                        nonrelative_template);
 525        }
 526        return fd;
 527}
 528
 529static int warn_if_unremovable(const char *op, const char *file, int rc)
 530{
 531        int err;
 532        if (!rc || errno == ENOENT)
 533                return 0;
 534        err = errno;
 535        warning_errno("unable to %s '%s'", op, file);
 536        errno = err;
 537        return rc;
 538}
 539
 540int unlink_or_msg(const char *file, struct strbuf *err)
 541{
 542        int rc = unlink(file);
 543
 544        assert(err);
 545
 546        if (!rc || errno == ENOENT)
 547                return 0;
 548
 549        strbuf_addf(err, "unable to unlink '%s': %s",
 550                    file, strerror(errno));
 551        return -1;
 552}
 553
 554int unlink_or_warn(const char *file)
 555{
 556        return warn_if_unremovable("unlink", file, unlink(file));
 557}
 558
 559int rmdir_or_warn(const char *file)
 560{
 561        return warn_if_unremovable("rmdir", file, rmdir(file));
 562}
 563
 564int remove_or_warn(unsigned int mode, const char *file)
 565{
 566        return S_ISGITLINK(mode) ? rmdir_or_warn(file) : unlink_or_warn(file);
 567}
 568
 569static int access_error_is_ok(int err, unsigned flag)
 570{
 571        return (is_missing_file_error(err) ||
 572                ((flag & ACCESS_EACCES_OK) && err == EACCES));
 573}
 574
 575int access_or_warn(const char *path, int mode, unsigned flag)
 576{
 577        int ret = access(path, mode);
 578        if (ret && !access_error_is_ok(errno, flag))
 579                warn_on_inaccessible(path);
 580        return ret;
 581}
 582
 583int access_or_die(const char *path, int mode, unsigned flag)
 584{
 585        int ret = access(path, mode);
 586        if (ret && !access_error_is_ok(errno, flag))
 587                die_errno(_("unable to access '%s'"), path);
 588        return ret;
 589}
 590
 591char *xgetcwd(void)
 592{
 593        struct strbuf sb = STRBUF_INIT;
 594        if (strbuf_getcwd(&sb))
 595                die_errno(_("unable to get current working directory"));
 596        return strbuf_detach(&sb, NULL);
 597}
 598
 599int xsnprintf(char *dst, size_t max, const char *fmt, ...)
 600{
 601        va_list ap;
 602        int len;
 603
 604        va_start(ap, fmt);
 605        len = vsnprintf(dst, max, fmt, ap);
 606        va_end(ap);
 607
 608        if (len < 0)
 609                BUG("your snprintf is broken");
 610        if (len >= max)
 611                BUG("attempt to snprintf into too-small buffer");
 612        return len;
 613}
 614
 615void write_file_buf(const char *path, const char *buf, size_t len)
 616{
 617        int fd = xopen(path, O_WRONLY | O_CREAT | O_TRUNC, 0666);
 618        if (write_in_full(fd, buf, len) < 0)
 619                die_errno(_("could not write to '%s'"), path);
 620        if (close(fd))
 621                die_errno(_("could not close '%s'"), path);
 622}
 623
 624void write_file(const char *path, const char *fmt, ...)
 625{
 626        va_list params;
 627        struct strbuf sb = STRBUF_INIT;
 628
 629        va_start(params, fmt);
 630        strbuf_vaddf(&sb, fmt, params);
 631        va_end(params);
 632
 633        strbuf_complete_line(&sb);
 634
 635        write_file_buf(path, sb.buf, sb.len);
 636        strbuf_release(&sb);
 637}
 638
 639void sleep_millisec(int millisec)
 640{
 641        poll(NULL, 0, millisec);
 642}
 643
 644int xgethostname(char *buf, size_t len)
 645{
 646        /*
 647         * If the full hostname doesn't fit in buf, POSIX does not
 648         * specify whether the buffer will be null-terminated, so to
 649         * be safe, do it ourselves.
 650         */
 651        int ret = gethostname(buf, len);
 652        if (!ret)
 653                buf[len - 1] = 0;
 654        return ret;
 655}
 656
 657int is_empty_or_missing_file(const char *filename)
 658{
 659        struct stat st;
 660
 661        if (stat(filename, &st) < 0) {
 662                if (errno == ENOENT)
 663                        return 1;
 664                die_errno(_("could not stat %s"), filename);
 665        }
 666
 667        return !st.st_size;
 668}