Avoid writing to buffer in add_excludes_from_file_1()
[gitweb.git] / pack-write.c
index a8f02699366c87de960d7637e9f69c26c2241693..741efcd93bd2a2c105bfe2d771d32857ce2ae816 100644 (file)
@@ -25,7 +25,7 @@ char *write_idx_file(char *index_name, struct pack_idx_entry **objects,
        off_t last_obj_offset = 0;
        uint32_t array[256];
        int i, fd;
-       SHA_CTX ctx;
+       git_SHA_CTX ctx;
        uint32_t index_version;
 
        if (nr_objects) {
@@ -44,16 +44,14 @@ char *write_idx_file(char *index_name, struct pack_idx_entry **objects,
 
        if (!index_name) {
                static char tmpfile[PATH_MAX];
-               snprintf(tmpfile, sizeof(tmpfile),
-                        "%s/tmp_idx_XXXXXX", get_object_directory());
-               fd = xmkstemp(tmpfile);
+               fd = odb_mkstemp(tmpfile, sizeof(tmpfile), "pack/tmp_idx_XXXXXX");
                index_name = xstrdup(tmpfile);
        } else {
                unlink(index_name);
                fd = open(index_name, O_CREAT|O_EXCL|O_WRONLY, 0600);
        }
        if (fd < 0)
-               die("unable to create %s: %s", index_name, strerror(errno));
+               die_errno("unable to create '%s'", index_name);
        f = sha1fd(fd, index_name);
 
        /* if last object's offset is >= 2^31 we should use index V2 */
@@ -86,7 +84,7 @@ char *write_idx_file(char *index_name, struct pack_idx_entry **objects,
        sha1write(f, array, 256 * 4);
 
        /* compute the SHA1 hash of sorted object names. */
-       SHA1_Init(&ctx);
+       git_SHA1_Init(&ctx);
 
        /*
         * Write the actual SHA1 entries..
@@ -99,7 +97,7 @@ char *write_idx_file(char *index_name, struct pack_idx_entry **objects,
                        sha1write(f, &offset, 4);
                }
                sha1write(f, obj->sha1, 20);
-               SHA1_Update(&ctx, obj->sha1, 20);
+               git_SHA1_Update(&ctx, obj->sha1, 20);
        }
 
        if (index_version >= 2) {
@@ -140,45 +138,98 @@ char *write_idx_file(char *index_name, struct pack_idx_entry **objects,
 
        sha1write(f, sha1, 20);
        sha1close(f, NULL, CSUM_FSYNC);
-       SHA1_Final(sha1, &ctx);
+       git_SHA1_Final(sha1, &ctx);
        return index_name;
 }
 
+/*
+ * Update pack header with object_count and compute new SHA1 for pack data
+ * associated to pack_fd, and write that SHA1 at the end.  That new SHA1
+ * is also returned in new_pack_sha1.
+ *
+ * If partial_pack_sha1 is non null, then the SHA1 of the existing pack
+ * (without the header update) is computed and validated against the
+ * one provided in partial_pack_sha1.  The validation is performed at
+ * partial_pack_offset bytes in the pack file.  The SHA1 of the remaining
+ * data (i.e. from partial_pack_offset to the end) is then computed and
+ * returned in partial_pack_sha1.
+ *
+ * Note that new_pack_sha1 is updated last, so both new_pack_sha1 and
+ * partial_pack_sha1 can refer to the same buffer if the caller is not
+ * interested in the resulting SHA1 of pack data above partial_pack_offset.
+ */
 void fixup_pack_header_footer(int pack_fd,
-                        unsigned char *pack_file_sha1,
+                        unsigned char *new_pack_sha1,
                         const char *pack_name,
-                        uint32_t object_count)
+                        uint32_t object_count,
+                        unsigned char *partial_pack_sha1,
+                        off_t partial_pack_offset)
 {
-       static const int buf_sz = 128 * 1024;
-       SHA_CTX c;
+       int aligned_sz, buf_sz = 8 * 1024;
+       git_SHA_CTX old_sha1_ctx, new_sha1_ctx;
        struct pack_header hdr;
        char *buf;
 
+       git_SHA1_Init(&old_sha1_ctx);
+       git_SHA1_Init(&new_sha1_ctx);
+
        if (lseek(pack_fd, 0, SEEK_SET) != 0)
-               die("Failed seeking to start: %s", strerror(errno));
+               die_errno("Failed seeking to start of '%s'", pack_name);
        if (read_in_full(pack_fd, &hdr, sizeof(hdr)) != sizeof(hdr))
-               die("Unable to reread header of %s: %s", pack_name, strerror(errno));
+               die_errno("Unable to reread header of '%s'", pack_name);
        if (lseek(pack_fd, 0, SEEK_SET) != 0)
-               die("Failed seeking to start: %s", strerror(errno));
+               die_errno("Failed seeking to start of '%s'", pack_name);
+       git_SHA1_Update(&old_sha1_ctx, &hdr, sizeof(hdr));
        hdr.hdr_entries = htonl(object_count);
+       git_SHA1_Update(&new_sha1_ctx, &hdr, sizeof(hdr));
        write_or_die(pack_fd, &hdr, sizeof(hdr));
-
-       SHA1_Init(&c);
-       SHA1_Update(&c, &hdr, sizeof(hdr));
+       partial_pack_offset -= sizeof(hdr);
 
        buf = xmalloc(buf_sz);
+       aligned_sz = buf_sz - sizeof(hdr);
        for (;;) {
-               ssize_t n = xread(pack_fd, buf, buf_sz);
+               ssize_t m, n;
+               m = (partial_pack_sha1 && partial_pack_offset < aligned_sz) ?
+                       partial_pack_offset : aligned_sz;
+               n = xread(pack_fd, buf, m);
                if (!n)
                        break;
                if (n < 0)
-                       die("Failed to checksum %s: %s", pack_name, strerror(errno));
-               SHA1_Update(&c, buf, n);
+                       die_errno("Failed to checksum '%s'", pack_name);
+               git_SHA1_Update(&new_sha1_ctx, buf, n);
+
+               aligned_sz -= n;
+               if (!aligned_sz)
+                       aligned_sz = buf_sz;
+
+               if (!partial_pack_sha1)
+                       continue;
+
+               git_SHA1_Update(&old_sha1_ctx, buf, n);
+               partial_pack_offset -= n;
+               if (partial_pack_offset == 0) {
+                       unsigned char sha1[20];
+                       git_SHA1_Final(sha1, &old_sha1_ctx);
+                       if (hashcmp(sha1, partial_pack_sha1) != 0)
+                               die("Unexpected checksum for %s "
+                                   "(disk corruption?)", pack_name);
+                       /*
+                        * Now let's compute the SHA1 of the remainder of the
+                        * pack, which also means making partial_pack_offset
+                        * big enough not to matter anymore.
+                        */
+                       git_SHA1_Init(&old_sha1_ctx);
+                       partial_pack_offset = ~partial_pack_offset;
+                       partial_pack_offset -= MSB(partial_pack_offset, 1);
+               }
        }
        free(buf);
 
-       SHA1_Final(pack_file_sha1, &c);
-       write_or_die(pack_fd, pack_file_sha1, 20);
+       if (partial_pack_sha1)
+               git_SHA1_Final(partial_pack_sha1, &old_sha1_ctx);
+       git_SHA1_Final(new_pack_sha1, &new_sha1_ctx);
+       write_or_die(pack_fd, new_pack_sha1, 20);
+       fsync_or_die(pack_fd, pack_name);
 }
 
 char *index_pack_lockfile(int ip_out)
@@ -186,7 +237,7 @@ char *index_pack_lockfile(int ip_out)
        char packname[46];
 
        /*
-        * The first thing we expects from index-pack's output
+        * The first thing we expect from index-pack's output
         * is "pack\t%40s\n" or "keep\t%40s\n" (46 bytes) where
         * %40s is the newly created pack SHA1 name.  In the "keep"
         * case, we need it to remove the corresponding .keep file