builtin/commit: fix memory leak in `prepare_index()`
[gitweb.git] / archive-zip.c
index b429a8d974a02b06c9c6bc46850f4c9fae4a6d01..e8913e5a26c6e97216c4b79ad96b5e3ddf906c45 100644 (file)
@@ -2,6 +2,7 @@
  * Copyright (c) 2006 Rene Scharfe
  */
 #include "cache.h"
+#include "config.h"
 #include "archive.h"
 #include "streaming.h"
 #include "utf8.h"
 static int zip_date;
 static int zip_time;
 
-static unsigned char *zip_dir;
-static unsigned int zip_dir_size;
+/* We only care about the "buf" part here. */
+static struct strbuf zip_dir;
 
-static unsigned int zip_offset;
-static unsigned int zip_dir_offset;
+static uintmax_t zip_offset;
 static uint64_t zip_dir_entries;
 
 static unsigned int max_creator_version;
 
-#define ZIP_DIRECTORY_MIN_SIZE (1024 * 1024)
 #define ZIP_STREAM     (1 <<  3)
 #define ZIP_UTF8       (1 << 11)
 
@@ -47,24 +46,11 @@ struct zip_data_desc {
        unsigned char _end[1];
 };
 
-struct zip_dir_header {
+struct zip64_data_desc {
        unsigned char magic[4];
-       unsigned char creator_version[2];
-       unsigned char version[2];
-       unsigned char flags[2];
-       unsigned char compression_method[2];
-       unsigned char mtime[2];
-       unsigned char mdate[2];
        unsigned char crc32[4];
-       unsigned char compressed_size[4];
-       unsigned char size[4];
-       unsigned char filename_length[2];
-       unsigned char extra_length[2];
-       unsigned char comment_length[2];
-       unsigned char disk[2];
-       unsigned char attr1[2];
-       unsigned char attr2[4];
-       unsigned char offset[4];
+       unsigned char compressed_size[8];
+       unsigned char size[8];
        unsigned char _end[1];
 };
 
@@ -88,6 +74,14 @@ struct zip_extra_mtime {
        unsigned char _end[1];
 };
 
+struct zip64_extra {
+       unsigned char magic[2];
+       unsigned char extra_size[2];
+       unsigned char size[8];
+       unsigned char compressed_size[8];
+       unsigned char _end[1];
+};
+
 struct zip64_dir_trailer {
        unsigned char magic[4];
        unsigned char record_size[8];
@@ -117,11 +111,15 @@ struct zip64_dir_trailer_locator {
  */
 #define ZIP_LOCAL_HEADER_SIZE  offsetof(struct zip_local_header, _end)
 #define ZIP_DATA_DESC_SIZE     offsetof(struct zip_data_desc, _end)
+#define ZIP64_DATA_DESC_SIZE   offsetof(struct zip64_data_desc, _end)
 #define ZIP_DIR_HEADER_SIZE    offsetof(struct zip_dir_header, _end)
 #define ZIP_DIR_TRAILER_SIZE   offsetof(struct zip_dir_trailer, _end)
 #define ZIP_EXTRA_MTIME_SIZE   offsetof(struct zip_extra_mtime, _end)
 #define ZIP_EXTRA_MTIME_PAYLOAD_SIZE \
        (ZIP_EXTRA_MTIME_SIZE - offsetof(struct zip_extra_mtime, flags))
+#define ZIP64_EXTRA_SIZE       offsetof(struct zip64_extra, _end)
+#define ZIP64_EXTRA_PAYLOAD_SIZE \
+       (ZIP64_EXTRA_SIZE - offsetof(struct zip64_extra, size))
 #define ZIP64_DIR_TRAILER_SIZE offsetof(struct zip64_dir_trailer, _end)
 #define ZIP64_DIR_TRAILER_RECORD_SIZE \
        (ZIP64_DIR_TRAILER_SIZE - \
@@ -168,6 +166,26 @@ static void copy_le16_clamp(unsigned char *dest, uint64_t n, int *clamped)
        copy_le16(dest, clamp_max(n, 0xffff, clamped));
 }
 
+static void copy_le32_clamp(unsigned char *dest, uint64_t n, int *clamped)
+{
+       copy_le32(dest, clamp_max(n, 0xffffffff, clamped));
+}
+
+static int strbuf_add_le(struct strbuf *sb, size_t size, uintmax_t n)
+{
+       while (size-- > 0) {
+               strbuf_addch(sb, n & 0xff);
+               n >>= 8;
+       }
+       return -!!n;
+}
+
+static uint32_t clamp32(uintmax_t n)
+{
+       const uintmax_t max = 0xffffffff;
+       return (n < max) ? n : max;
+}
+
 static void *zlib_deflate_raw(void *data, unsigned long size,
                              int compression_level,
                              unsigned long *compressed_size)
@@ -205,23 +223,23 @@ static void write_zip_data_desc(unsigned long size,
                                unsigned long compressed_size,
                                unsigned long crc)
 {
-       struct zip_data_desc trailer;
-
-       copy_le32(trailer.magic, 0x08074b50);
-       copy_le32(trailer.crc32, crc);
-       copy_le32(trailer.compressed_size, compressed_size);
-       copy_le32(trailer.size, size);
-       write_or_die(1, &trailer, ZIP_DATA_DESC_SIZE);
-}
-
-static void set_zip_dir_data_desc(struct zip_dir_header *header,
-                                 unsigned long size,
-                                 unsigned long compressed_size,
-                                 unsigned long crc)
-{
-       copy_le32(header->crc32, crc);
-       copy_le32(header->compressed_size, compressed_size);
-       copy_le32(header->size, size);
+       if (size >= 0xffffffff || compressed_size >= 0xffffffff) {
+               struct zip64_data_desc trailer;
+               copy_le32(trailer.magic, 0x08074b50);
+               copy_le32(trailer.crc32, crc);
+               copy_le64(trailer.compressed_size, compressed_size);
+               copy_le64(trailer.size, size);
+               write_or_die(1, &trailer, ZIP64_DATA_DESC_SIZE);
+               zip_offset += ZIP64_DATA_DESC_SIZE;
+       } else {
+               struct zip_data_desc trailer;
+               copy_le32(trailer.magic, 0x08074b50);
+               copy_le32(trailer.crc32, crc);
+               copy_le32(trailer.compressed_size, compressed_size);
+               copy_le32(trailer.size, size);
+               write_or_die(1, &trailer, ZIP_DATA_DESC_SIZE);
+               zip_offset += ZIP_DATA_DESC_SIZE;
+       }
 }
 
 static void set_zip_header_data_desc(struct zip_local_header *header,
@@ -263,12 +281,14 @@ static int write_zip_entry(struct archiver_args *args,
                           unsigned int mode)
 {
        struct zip_local_header header;
-       struct zip_dir_header dirent;
+       uintmax_t offset = zip_offset;
        struct zip_extra_mtime extra;
+       struct zip64_extra extra64;
+       size_t header_extra_size = ZIP_EXTRA_MTIME_SIZE;
+       int need_zip64_extra = 0;
        unsigned long attr2;
        unsigned long compressed_size;
        unsigned long crc;
-       unsigned long direntsize;
        int method;
        unsigned char *out;
        void *deflated = NULL;
@@ -279,6 +299,9 @@ static int write_zip_entry(struct archiver_args *args,
        int is_binary = -1;
        const char *path_without_prefix = path + args->baselen;
        unsigned int creator_version = 0;
+       unsigned int version_needed = 10;
+       size_t zip_dir_extra_size = ZIP_EXTRA_MTIME_SIZE;
+       size_t zip64_dir_extra_payload_size = 0;
 
        crc = crc32(0, NULL, 0);
 
@@ -356,43 +379,43 @@ static int write_zip_entry(struct archiver_args *args,
        extra.flags[0] = 1;     /* just mtime */
        copy_le32(extra.mtime, args->time);
 
-       /* make sure we have enough free space in the dictionary */
-       direntsize = ZIP_DIR_HEADER_SIZE + pathlen + ZIP_EXTRA_MTIME_SIZE;
-       while (zip_dir_size < zip_dir_offset + direntsize) {
-               zip_dir_size += ZIP_DIRECTORY_MIN_SIZE;
-               zip_dir = xrealloc(zip_dir, zip_dir_size);
-       }
+       if (size > 0xffffffff || compressed_size > 0xffffffff)
+               need_zip64_extra = 1;
+       if (stream && size > 0x7fffffff)
+               need_zip64_extra = 1;
 
-       copy_le32(dirent.magic, 0x02014b50);
-       copy_le16(dirent.creator_version, creator_version);
-       copy_le16(dirent.version, 10);
-       copy_le16(dirent.flags, flags);
-       copy_le16(dirent.compression_method, method);
-       copy_le16(dirent.mtime, zip_time);
-       copy_le16(dirent.mdate, zip_date);
-       set_zip_dir_data_desc(&dirent, size, compressed_size, crc);
-       copy_le16(dirent.filename_length, pathlen);
-       copy_le16(dirent.extra_length, ZIP_EXTRA_MTIME_SIZE);
-       copy_le16(dirent.comment_length, 0);
-       copy_le16(dirent.disk, 0);
-       copy_le32(dirent.attr2, attr2);
-       copy_le32(dirent.offset, zip_offset);
+       if (need_zip64_extra)
+               version_needed = 45;
 
        copy_le32(header.magic, 0x04034b50);
-       copy_le16(header.version, 10);
+       copy_le16(header.version, version_needed);
        copy_le16(header.flags, flags);
        copy_le16(header.compression_method, method);
        copy_le16(header.mtime, zip_time);
        copy_le16(header.mdate, zip_date);
-       set_zip_header_data_desc(&header, size, compressed_size, crc);
+       if (need_zip64_extra) {
+               set_zip_header_data_desc(&header, 0xffffffff, 0xffffffff, crc);
+               header_extra_size += ZIP64_EXTRA_SIZE;
+       } else {
+               set_zip_header_data_desc(&header, size, compressed_size, crc);
+       }
        copy_le16(header.filename_length, pathlen);
-       copy_le16(header.extra_length, ZIP_EXTRA_MTIME_SIZE);
+       copy_le16(header.extra_length, header_extra_size);
        write_or_die(1, &header, ZIP_LOCAL_HEADER_SIZE);
        zip_offset += ZIP_LOCAL_HEADER_SIZE;
        write_or_die(1, path, pathlen);
        zip_offset += pathlen;
        write_or_die(1, &extra, ZIP_EXTRA_MTIME_SIZE);
        zip_offset += ZIP_EXTRA_MTIME_SIZE;
+       if (need_zip64_extra) {
+               copy_le16(extra64.magic, 0x0001);
+               copy_le16(extra64.extra_size, ZIP64_EXTRA_PAYLOAD_SIZE);
+               copy_le64(extra64.size, size);
+               copy_le64(extra64.compressed_size, compressed_size);
+               write_or_die(1, &extra64, ZIP64_EXTRA_SIZE);
+               zip_offset += ZIP64_EXTRA_SIZE;
+       }
+
        if (stream && method == 0) {
                unsigned char buf[STREAM_BUFFER_SIZE];
                ssize_t readlen;
@@ -415,9 +438,6 @@ static int write_zip_entry(struct archiver_args *args,
                zip_offset += compressed_size;
 
                write_zip_data_desc(size, compressed_size, crc);
-               zip_offset += ZIP_DATA_DESC_SIZE;
-
-               set_zip_dir_data_desc(&dirent, size, compressed_size, crc);
        } else if (stream && method == 8) {
                unsigned char buf[STREAM_BUFFER_SIZE];
                ssize_t readlen;
@@ -473,9 +493,6 @@ static int write_zip_entry(struct archiver_args *args,
                zip_offset += compressed_size;
 
                write_zip_data_desc(size, compressed_size, crc);
-               zip_offset += ZIP_DATA_DESC_SIZE;
-
-               set_zip_dir_data_desc(&dirent, size, compressed_size, crc);
        } else if (compressed_size > 0) {
                write_or_die(1, out, compressed_size);
                zip_offset += compressed_size;
@@ -484,14 +501,46 @@ static int write_zip_entry(struct archiver_args *args,
        free(deflated);
        free(buffer);
 
-       copy_le16(dirent.attr1, !is_binary);
+       if (compressed_size > 0xffffffff || size > 0xffffffff ||
+           offset > 0xffffffff) {
+               if (compressed_size >= 0xffffffff)
+                       zip64_dir_extra_payload_size += 8;
+               if (size >= 0xffffffff)
+                       zip64_dir_extra_payload_size += 8;
+               if (offset >= 0xffffffff)
+                       zip64_dir_extra_payload_size += 8;
+               zip_dir_extra_size += 2 + 2 + zip64_dir_extra_payload_size;
+       }
 
-       memcpy(zip_dir + zip_dir_offset, &dirent, ZIP_DIR_HEADER_SIZE);
-       zip_dir_offset += ZIP_DIR_HEADER_SIZE;
-       memcpy(zip_dir + zip_dir_offset, path, pathlen);
-       zip_dir_offset += pathlen;
-       memcpy(zip_dir + zip_dir_offset, &extra, ZIP_EXTRA_MTIME_SIZE);
-       zip_dir_offset += ZIP_EXTRA_MTIME_SIZE;
+       strbuf_add_le(&zip_dir, 4, 0x02014b50); /* magic */
+       strbuf_add_le(&zip_dir, 2, creator_version);
+       strbuf_add_le(&zip_dir, 2, version_needed);
+       strbuf_add_le(&zip_dir, 2, flags);
+       strbuf_add_le(&zip_dir, 2, method);
+       strbuf_add_le(&zip_dir, 2, zip_time);
+       strbuf_add_le(&zip_dir, 2, zip_date);
+       strbuf_add_le(&zip_dir, 4, crc);
+       strbuf_add_le(&zip_dir, 4, clamp32(compressed_size));
+       strbuf_add_le(&zip_dir, 4, clamp32(size));
+       strbuf_add_le(&zip_dir, 2, pathlen);
+       strbuf_add_le(&zip_dir, 2, zip_dir_extra_size);
+       strbuf_add_le(&zip_dir, 2, 0);          /* comment length */
+       strbuf_add_le(&zip_dir, 2, 0);          /* disk */
+       strbuf_add_le(&zip_dir, 2, !is_binary);
+       strbuf_add_le(&zip_dir, 4, attr2);
+       strbuf_add_le(&zip_dir, 4, clamp32(offset));
+       strbuf_add(&zip_dir, path, pathlen);
+       strbuf_add(&zip_dir, &extra, ZIP_EXTRA_MTIME_SIZE);
+       if (zip64_dir_extra_payload_size) {
+               strbuf_add_le(&zip_dir, 2, 0x0001);     /* magic */
+               strbuf_add_le(&zip_dir, 2, zip64_dir_extra_payload_size);
+               if (size >= 0xffffffff)
+                       strbuf_add_le(&zip_dir, 8, size);
+               if (compressed_size >= 0xffffffff)
+                       strbuf_add_le(&zip_dir, 8, compressed_size);
+               if (offset >= 0xffffffff)
+                       strbuf_add_le(&zip_dir, 8, offset);
+       }
        zip_dir_entries++;
 
        return 0;
@@ -510,12 +559,12 @@ static void write_zip64_trailer(void)
        copy_le32(trailer64.directory_start_disk, 0);
        copy_le64(trailer64.entries_on_this_disk, zip_dir_entries);
        copy_le64(trailer64.entries, zip_dir_entries);
-       copy_le64(trailer64.size, zip_dir_offset);
+       copy_le64(trailer64.size, zip_dir.len);
        copy_le64(trailer64.offset, zip_offset);
 
        copy_le32(locator64.magic, 0x07064b50);
        copy_le32(locator64.disk, 0);
-       copy_le64(locator64.offset, zip_offset + zip_dir_offset);
+       copy_le64(locator64.offset, zip_offset + zip_dir.len);
        copy_le32(locator64.number_of_disks, 1);
 
        write_or_die(1, &trailer64, ZIP64_DIR_TRAILER_SIZE);
@@ -533,11 +582,11 @@ static void write_zip_trailer(const unsigned char *sha1)
        copy_le16_clamp(trailer.entries_on_this_disk, zip_dir_entries,
                        &clamped);
        copy_le16_clamp(trailer.entries, zip_dir_entries, &clamped);
-       copy_le32(trailer.size, zip_dir_offset);
-       copy_le32(trailer.offset, zip_offset);
+       copy_le32(trailer.size, zip_dir.len);
+       copy_le32_clamp(trailer.offset, zip_offset, &clamped);
        copy_le16(trailer.comment_length, sha1 ? GIT_SHA1_HEXSZ : 0);
 
-       write_or_die(1, zip_dir, zip_dir_offset);
+       write_or_die(1, zip_dir.buf, zip_dir.len);
        if (clamped)
                write_zip64_trailer();
        write_or_die(1, &trailer, ZIP_DIR_TRAILER_SIZE);
@@ -545,9 +594,17 @@ static void write_zip_trailer(const unsigned char *sha1)
                write_or_die(1, sha1_to_hex(sha1), GIT_SHA1_HEXSZ);
 }
 
-static void dos_time(time_t *time, int *dos_date, int *dos_time)
+static void dos_time(timestamp_t *timestamp, int *dos_date, int *dos_time)
 {
-       struct tm *t = localtime(time);
+       time_t time;
+       struct tm *t;
+
+       if (date_overflows(*timestamp))
+               die("timestamp too large for this system: %"PRItime,
+                   *timestamp);
+       time = (time_t)*timestamp;
+       t = localtime(&time);
+       *timestamp = time;
 
        *dos_date = t->tm_mday + (t->tm_mon + 1) * 32 +
                    (t->tm_year + 1900 - 1980) * 512;
@@ -568,14 +625,13 @@ static int write_zip_archive(const struct archiver *ar,
 
        dos_time(&args->time, &zip_date, &zip_time);
 
-       zip_dir = xmalloc(ZIP_DIRECTORY_MIN_SIZE);
-       zip_dir_size = ZIP_DIRECTORY_MIN_SIZE;
+       strbuf_init(&zip_dir, 0);
 
        err = write_archive_entries(args, write_zip_entry);
        if (!err)
                write_zip_trailer(args->commit_sha1);
 
-       free(zip_dir);
+       strbuf_release(&zip_dir);
 
        return err;
 }