pack-write.con commit xread/xwrite: clip MAX_IO_SIZE to SSIZE_MAX (a983e6a)
   1#include "cache.h"
   2#include "pack.h"
   3#include "csum-file.h"
   4
   5void reset_pack_idx_option(struct pack_idx_option *opts)
   6{
   7        memset(opts, 0, sizeof(*opts));
   8        opts->version = 2;
   9        opts->off32_limit = 0x7fffffff;
  10}
  11
  12static int sha1_compare(const void *_a, const void *_b)
  13{
  14        struct pack_idx_entry *a = *(struct pack_idx_entry **)_a;
  15        struct pack_idx_entry *b = *(struct pack_idx_entry **)_b;
  16        return hashcmp(a->sha1, b->sha1);
  17}
  18
  19static int cmp_uint32(const void *a_, const void *b_)
  20{
  21        uint32_t a = *((uint32_t *)a_);
  22        uint32_t b = *((uint32_t *)b_);
  23
  24        return (a < b) ? -1 : (a != b);
  25}
  26
  27static int need_large_offset(off_t offset, const struct pack_idx_option *opts)
  28{
  29        uint32_t ofsval;
  30
  31        if ((offset >> 31) || (opts->off32_limit < offset))
  32                return 1;
  33        if (!opts->anomaly_nr)
  34                return 0;
  35        ofsval = offset;
  36        return !!bsearch(&ofsval, opts->anomaly, opts->anomaly_nr,
  37                         sizeof(ofsval), cmp_uint32);
  38}
  39
  40/*
  41 * On entry *sha1 contains the pack content SHA1 hash, on exit it is
  42 * the SHA1 hash of sorted object names. The objects array passed in
  43 * will be sorted by SHA1 on exit.
  44 */
  45const char *write_idx_file(const char *index_name, struct pack_idx_entry **objects,
  46                           int nr_objects, const struct pack_idx_option *opts,
  47                           unsigned char *sha1)
  48{
  49        struct sha1file *f;
  50        struct pack_idx_entry **sorted_by_sha, **list, **last;
  51        off_t last_obj_offset = 0;
  52        uint32_t array[256];
  53        int i, fd;
  54        git_SHA_CTX ctx;
  55        uint32_t index_version;
  56
  57        if (nr_objects) {
  58                sorted_by_sha = objects;
  59                list = sorted_by_sha;
  60                last = sorted_by_sha + nr_objects;
  61                for (i = 0; i < nr_objects; ++i) {
  62                        if (objects[i]->offset > last_obj_offset)
  63                                last_obj_offset = objects[i]->offset;
  64                }
  65                qsort(sorted_by_sha, nr_objects, sizeof(sorted_by_sha[0]),
  66                      sha1_compare);
  67        }
  68        else
  69                sorted_by_sha = list = last = NULL;
  70
  71        if (opts->flags & WRITE_IDX_VERIFY) {
  72                assert(index_name);
  73                f = sha1fd_check(index_name);
  74        } else {
  75                if (!index_name) {
  76                        static char tmp_file[PATH_MAX];
  77                        fd = odb_mkstemp(tmp_file, sizeof(tmp_file), "pack/tmp_idx_XXXXXX");
  78                        index_name = xstrdup(tmp_file);
  79                } else {
  80                        unlink(index_name);
  81                        fd = open(index_name, O_CREAT|O_EXCL|O_WRONLY, 0600);
  82                }
  83                if (fd < 0)
  84                        die_errno("unable to create '%s'", index_name);
  85                f = sha1fd(fd, index_name);
  86        }
  87
  88        /* if last object's offset is >= 2^31 we should use index V2 */
  89        index_version = need_large_offset(last_obj_offset, opts) ? 2 : opts->version;
  90
  91        /* index versions 2 and above need a header */
  92        if (index_version >= 2) {
  93                struct pack_idx_header hdr;
  94                hdr.idx_signature = htonl(PACK_IDX_SIGNATURE);
  95                hdr.idx_version = htonl(index_version);
  96                sha1write(f, &hdr, sizeof(hdr));
  97        }
  98
  99        /*
 100         * Write the first-level table (the list is sorted,
 101         * but we use a 256-entry lookup to be able to avoid
 102         * having to do eight extra binary search iterations).
 103         */
 104        for (i = 0; i < 256; i++) {
 105                struct pack_idx_entry **next = list;
 106                while (next < last) {
 107                        struct pack_idx_entry *obj = *next;
 108                        if (obj->sha1[0] != i)
 109                                break;
 110                        next++;
 111                }
 112                array[i] = htonl(next - sorted_by_sha);
 113                list = next;
 114        }
 115        sha1write(f, array, 256 * 4);
 116
 117        /* compute the SHA1 hash of sorted object names. */
 118        git_SHA1_Init(&ctx);
 119
 120        /*
 121         * Write the actual SHA1 entries..
 122         */
 123        list = sorted_by_sha;
 124        for (i = 0; i < nr_objects; i++) {
 125                struct pack_idx_entry *obj = *list++;
 126                if (index_version < 2) {
 127                        uint32_t offset = htonl(obj->offset);
 128                        sha1write(f, &offset, 4);
 129                }
 130                sha1write(f, obj->sha1, 20);
 131                git_SHA1_Update(&ctx, obj->sha1, 20);
 132                if ((opts->flags & WRITE_IDX_STRICT) &&
 133                    (i && !hashcmp(list[-2]->sha1, obj->sha1)))
 134                        die("The same object %s appears twice in the pack",
 135                            sha1_to_hex(obj->sha1));
 136        }
 137
 138        if (index_version >= 2) {
 139                unsigned int nr_large_offset = 0;
 140
 141                /* write the crc32 table */
 142                list = sorted_by_sha;
 143                for (i = 0; i < nr_objects; i++) {
 144                        struct pack_idx_entry *obj = *list++;
 145                        uint32_t crc32_val = htonl(obj->crc32);
 146                        sha1write(f, &crc32_val, 4);
 147                }
 148
 149                /* write the 32-bit offset table */
 150                list = sorted_by_sha;
 151                for (i = 0; i < nr_objects; i++) {
 152                        struct pack_idx_entry *obj = *list++;
 153                        uint32_t offset;
 154
 155                        offset = (need_large_offset(obj->offset, opts)
 156                                  ? (0x80000000 | nr_large_offset++)
 157                                  : obj->offset);
 158                        offset = htonl(offset);
 159                        sha1write(f, &offset, 4);
 160                }
 161
 162                /* write the large offset table */
 163                list = sorted_by_sha;
 164                while (nr_large_offset) {
 165                        struct pack_idx_entry *obj = *list++;
 166                        uint64_t offset = obj->offset;
 167                        uint32_t split[2];
 168
 169                        if (!need_large_offset(offset, opts))
 170                                continue;
 171                        split[0] = htonl(offset >> 32);
 172                        split[1] = htonl(offset & 0xffffffff);
 173                        sha1write(f, split, 8);
 174                        nr_large_offset--;
 175                }
 176        }
 177
 178        sha1write(f, sha1, 20);
 179        sha1close(f, NULL, ((opts->flags & WRITE_IDX_VERIFY)
 180                            ? CSUM_CLOSE : CSUM_FSYNC));
 181        git_SHA1_Final(sha1, &ctx);
 182        return index_name;
 183}
 184
 185off_t write_pack_header(struct sha1file *f, uint32_t nr_entries)
 186{
 187        struct pack_header hdr;
 188
 189        hdr.hdr_signature = htonl(PACK_SIGNATURE);
 190        hdr.hdr_version = htonl(PACK_VERSION);
 191        hdr.hdr_entries = htonl(nr_entries);
 192        if (sha1write(f, &hdr, sizeof(hdr)))
 193                return 0;
 194        return sizeof(hdr);
 195}
 196
 197/*
 198 * Update pack header with object_count and compute new SHA1 for pack data
 199 * associated to pack_fd, and write that SHA1 at the end.  That new SHA1
 200 * is also returned in new_pack_sha1.
 201 *
 202 * If partial_pack_sha1 is non null, then the SHA1 of the existing pack
 203 * (without the header update) is computed and validated against the
 204 * one provided in partial_pack_sha1.  The validation is performed at
 205 * partial_pack_offset bytes in the pack file.  The SHA1 of the remaining
 206 * data (i.e. from partial_pack_offset to the end) is then computed and
 207 * returned in partial_pack_sha1.
 208 *
 209 * Note that new_pack_sha1 is updated last, so both new_pack_sha1 and
 210 * partial_pack_sha1 can refer to the same buffer if the caller is not
 211 * interested in the resulting SHA1 of pack data above partial_pack_offset.
 212 */
 213void fixup_pack_header_footer(int pack_fd,
 214                         unsigned char *new_pack_sha1,
 215                         const char *pack_name,
 216                         uint32_t object_count,
 217                         unsigned char *partial_pack_sha1,
 218                         off_t partial_pack_offset)
 219{
 220        int aligned_sz, buf_sz = 8 * 1024;
 221        git_SHA_CTX old_sha1_ctx, new_sha1_ctx;
 222        struct pack_header hdr;
 223        char *buf;
 224
 225        git_SHA1_Init(&old_sha1_ctx);
 226        git_SHA1_Init(&new_sha1_ctx);
 227
 228        if (lseek(pack_fd, 0, SEEK_SET) != 0)
 229                die_errno("Failed seeking to start of '%s'", pack_name);
 230        if (read_in_full(pack_fd, &hdr, sizeof(hdr)) != sizeof(hdr))
 231                die_errno("Unable to reread header of '%s'", pack_name);
 232        if (lseek(pack_fd, 0, SEEK_SET) != 0)
 233                die_errno("Failed seeking to start of '%s'", pack_name);
 234        git_SHA1_Update(&old_sha1_ctx, &hdr, sizeof(hdr));
 235        hdr.hdr_entries = htonl(object_count);
 236        git_SHA1_Update(&new_sha1_ctx, &hdr, sizeof(hdr));
 237        write_or_die(pack_fd, &hdr, sizeof(hdr));
 238        partial_pack_offset -= sizeof(hdr);
 239
 240        buf = xmalloc(buf_sz);
 241        aligned_sz = buf_sz - sizeof(hdr);
 242        for (;;) {
 243                ssize_t m, n;
 244                m = (partial_pack_sha1 && partial_pack_offset < aligned_sz) ?
 245                        partial_pack_offset : aligned_sz;
 246                n = xread(pack_fd, buf, m);
 247                if (!n)
 248                        break;
 249                if (n < 0)
 250                        die_errno("Failed to checksum '%s'", pack_name);
 251                git_SHA1_Update(&new_sha1_ctx, buf, n);
 252
 253                aligned_sz -= n;
 254                if (!aligned_sz)
 255                        aligned_sz = buf_sz;
 256
 257                if (!partial_pack_sha1)
 258                        continue;
 259
 260                git_SHA1_Update(&old_sha1_ctx, buf, n);
 261                partial_pack_offset -= n;
 262                if (partial_pack_offset == 0) {
 263                        unsigned char sha1[20];
 264                        git_SHA1_Final(sha1, &old_sha1_ctx);
 265                        if (hashcmp(sha1, partial_pack_sha1) != 0)
 266                                die("Unexpected checksum for %s "
 267                                    "(disk corruption?)", pack_name);
 268                        /*
 269                         * Now let's compute the SHA1 of the remainder of the
 270                         * pack, which also means making partial_pack_offset
 271                         * big enough not to matter anymore.
 272                         */
 273                        git_SHA1_Init(&old_sha1_ctx);
 274                        partial_pack_offset = ~partial_pack_offset;
 275                        partial_pack_offset -= MSB(partial_pack_offset, 1);
 276                }
 277        }
 278        free(buf);
 279
 280        if (partial_pack_sha1)
 281                git_SHA1_Final(partial_pack_sha1, &old_sha1_ctx);
 282        git_SHA1_Final(new_pack_sha1, &new_sha1_ctx);
 283        write_or_die(pack_fd, new_pack_sha1, 20);
 284        fsync_or_die(pack_fd, pack_name);
 285}
 286
 287char *index_pack_lockfile(int ip_out)
 288{
 289        char packname[46];
 290
 291        /*
 292         * The first thing we expect from index-pack's output
 293         * is "pack\t%40s\n" or "keep\t%40s\n" (46 bytes) where
 294         * %40s is the newly created pack SHA1 name.  In the "keep"
 295         * case, we need it to remove the corresponding .keep file
 296         * later on.  If we don't get that then tough luck with it.
 297         */
 298        if (read_in_full(ip_out, packname, 46) == 46 && packname[45] == '\n' &&
 299            memcmp(packname, "keep\t", 5) == 0) {
 300                char path[PATH_MAX];
 301                packname[45] = 0;
 302                snprintf(path, sizeof(path), "%s/pack/pack-%s.keep",
 303                         get_object_directory(), packname + 5);
 304                return xstrdup(path);
 305        }
 306        return NULL;
 307}
 308
 309/*
 310 * The per-object header is a pretty dense thing, which is
 311 *  - first byte: low four bits are "size", then three bits of "type",
 312 *    and the high bit is "size continues".
 313 *  - each byte afterwards: low seven bits are size continuation,
 314 *    with the high bit being "size continues"
 315 */
 316int encode_in_pack_object_header(enum object_type type, uintmax_t size, unsigned char *hdr)
 317{
 318        int n = 1;
 319        unsigned char c;
 320
 321        if (type < OBJ_COMMIT || type > OBJ_REF_DELTA)
 322                die("bad type %d", type);
 323
 324        c = (type << 4) | (size & 15);
 325        size >>= 4;
 326        while (size) {
 327                *hdr++ = c | 0x80;
 328                c = size & 0x7f;
 329                size >>= 7;
 330                n++;
 331        }
 332        *hdr = c;
 333        return n;
 334}
 335
 336struct sha1file *create_tmp_packfile(char **pack_tmp_name)
 337{
 338        char tmpname[PATH_MAX];
 339        int fd;
 340
 341        fd = odb_mkstemp(tmpname, sizeof(tmpname), "pack/tmp_pack_XXXXXX");
 342        *pack_tmp_name = xstrdup(tmpname);
 343        return sha1fd(fd, *pack_tmp_name);
 344}
 345
 346void finish_tmp_packfile(char *name_buffer,
 347                         const char *pack_tmp_name,
 348                         struct pack_idx_entry **written_list,
 349                         uint32_t nr_written,
 350                         struct pack_idx_option *pack_idx_opts,
 351                         unsigned char sha1[])
 352{
 353        const char *idx_tmp_name;
 354        char *end_of_name_prefix = strrchr(name_buffer, 0);
 355
 356        if (adjust_shared_perm(pack_tmp_name))
 357                die_errno("unable to make temporary pack file readable");
 358
 359        idx_tmp_name = write_idx_file(NULL, written_list, nr_written,
 360                                      pack_idx_opts, sha1);
 361        if (adjust_shared_perm(idx_tmp_name))
 362                die_errno("unable to make temporary index file readable");
 363
 364        sprintf(end_of_name_prefix, "%s.pack", sha1_to_hex(sha1));
 365        free_pack_by_name(name_buffer);
 366
 367        if (rename(pack_tmp_name, name_buffer))
 368                die_errno("unable to rename temporary pack file");
 369
 370        sprintf(end_of_name_prefix, "%s.idx", sha1_to_hex(sha1));
 371        if (rename(idx_tmp_name, name_buffer))
 372                die_errno("unable to rename temporary index file");
 373
 374        free((void *)idx_tmp_name);
 375}