filebuf.c 12.9 KB
Newer Older
1
/*
Edward Thomson committed
2
 * Copyright (C) the libgit2 contributors. All rights reserved.
3
 *
Vicent Marti committed
4 5
 * This file is part of libgit2, distributed under the GNU GPL v2 with
 * a Linking Exception. For full terms see the included COPYING file.
6
 */
7

8
#include "filebuf.h"
9

10
#include "futils.h"
11 12 13

static const size_t WRITE_BUFFER_SIZE = (4096 * 2);

14 15 16 17 18 19 20 21 22 23 24 25 26
enum buferr_t {
	BUFERR_OK = 0,
	BUFERR_WRITE,
	BUFERR_ZLIB,
	BUFERR_MEM
};

#define ENSURE_BUF_OK(buf) if ((buf)->last_error != BUFERR_OK) { return -1; }

static int verify_last_error(git_filebuf *file)
{
	switch (file->last_error) {
	case BUFERR_WRITE:
27
		git_error_set(GIT_ERROR_OS, "failed to write out file");
28 29 30
		return -1;

	case BUFERR_MEM:
31
		git_error_set_oom();
32 33 34
		return -1;

	case BUFERR_ZLIB:
35
		git_error_set(GIT_ERROR_ZLIB,
36 37 38 39 40 41 42 43
			"Buffer error when writing out ZLib data");
		return -1;

	default:
		return 0;
	}
}

44
static int lock_file(git_filebuf *file, int flags, mode_t mode)
45
{
46
	if (git_path_exists(file->path_lock) == true) {
47 48 49 50
		git_error_clear(); /* actual OS error code just confuses */
		git_error_set(GIT_ERROR_OS,
			"failed to lock file '%s' for writing", file->path_lock);
		return GIT_ELOCKED;
51 52
	}

53
	/* create path to the file buffer is required */
54
	if (flags & GIT_FILEBUF_CREATE_LEADING_DIRS) {
55
		/* XXX: Should dirmode here be configurable? Or is 0777 always fine? */
56
		file->fd = git_futils_creat_locked_withpath(file->path_lock, 0777, mode);
57
	} else {
58
		file->fd = git_futils_creat_locked(file->path_lock, mode);
59
	}
60 61

	if (file->fd < 0)
62
		return file->fd;
63

64 65
	file->fd_is_open = true;

66
	if ((flags & GIT_FILEBUF_APPEND) && git_path_exists(file->path_original) == true) {
67
		git_file source;
68
		char buffer[FILEIO_BUFSIZE];
Vicent Marti committed
69
		ssize_t read_bytes;
70
		int error = 0;
71

Vicent Marti committed
72
		source = p_open(file->path_original, O_RDONLY);
73
		if (source < 0) {
74
			git_error_set(GIT_ERROR_OS,
75
				"failed to open file '%s' for reading",
76
				file->path_original);
77 78
			return -1;
		}
79

Vicent Marti committed
80
		while ((read_bytes = p_read(source, buffer, sizeof(buffer))) > 0) {
81 82
			if ((error = p_write(file->fd, buffer, read_bytes)) < 0)
				break;
83 84
			if (file->compute_digest)
				git_hash_update(&file->digest, buffer, read_bytes);
85 86
		}

Vicent Marti committed
87
		p_close(source);
Vicent Marti committed
88 89

		if (read_bytes < 0) {
90
			git_error_set(GIT_ERROR_OS, "failed to read file '%s'", file->path_original);
Vicent Marti committed
91
			return -1;
92
		} else if (error < 0) {
93
			git_error_set(GIT_ERROR_OS, "failed to write file '%s'", file->path_lock);
94
			return -1;
Vicent Marti committed
95
		}
96 97
	}

98
	return 0;
99 100 101 102
}

void git_filebuf_cleanup(git_filebuf *file)
{
103
	if (file->fd_is_open && file->fd >= 0)
Vicent Marti committed
104
		p_close(file->fd);
105

106
	if (file->created_lock && !file->did_rename && file->path_lock && git_path_exists(file->path_lock))
Vicent Marti committed
107
		p_unlink(file->path_lock);
108

109 110 111
	if (file->compute_digest) {
		git_hash_ctx_cleanup(&file->digest);
		file->compute_digest = 0;
112
	}
113

114 115
	if (file->buffer)
		git__free(file->buffer);
116

117 118 119 120 121 122 123 124 125 126
	/* use the presence of z_buf to decide if we need to deflateEnd */
	if (file->z_buf) {
		git__free(file->z_buf);
		deflateEnd(&file->zs);
	}

	if (file->path_original)
		git__free(file->path_original);
	if (file->path_lock)
		git__free(file->path_lock);
127

128 129
	memset(file, 0x0, sizeof(git_filebuf));
	file->fd = -1;
130 131
}

Vicent Marti committed
132
GIT_INLINE(int) flush_buffer(git_filebuf *file)
133
{
Vicent Marti committed
134 135 136 137
	int result = file->write(file, file->buffer, file->buf_pos);
	file->buf_pos = 0;
	return result;
}
138

139 140 141 142 143
int git_filebuf_flush(git_filebuf *file)
{
	return flush_buffer(file);
}

144
static int write_normal(git_filebuf *file, void *source, size_t len)
Vicent Marti committed
145 146
{
	if (len > 0) {
147 148 149 150 151
		if (p_write(file->fd, (void *)source, len) < 0) {
			file->last_error = BUFERR_WRITE;
			return -1;
		}

152 153
		if (file->compute_digest)
			git_hash_update(&file->digest, source, len);
154 155
	}

156
	return 0;
157 158
}

159
static int write_deflate(git_filebuf *file, void *source, size_t len)
Vicent Marti committed
160 161 162 163
{
	z_stream *zs = &file->zs;

	if (len > 0 || file->flush_mode == Z_FINISH) {
164
		zs->next_in = source;
165
		zs->avail_in = (uInt)len;
Vicent Marti committed
166 167

		do {
168
			size_t have;
Vicent Marti committed
169 170

			zs->next_out = file->z_buf;
171
			zs->avail_out = (uInt)file->buf_size;
Vicent Marti committed
172

173 174 175 176
			if (deflate(zs, file->flush_mode) == Z_STREAM_ERROR) {
				file->last_error = BUFERR_ZLIB;
				return -1;
			}
Vicent Marti committed
177

178
			have = file->buf_size - (size_t)zs->avail_out;
Vicent Marti committed
179

180 181 182 183
			if (p_write(file->fd, file->z_buf, have) < 0) {
				file->last_error = BUFERR_WRITE;
				return -1;
			}
Vicent Marti committed
184

185
		} while (zs->avail_out == 0);
Vicent Marti committed
186

187
		GIT_ASSERT(zs->avail_in == 0);
Vicent Marti committed
188

189 190
		if (file->compute_digest)
			git_hash_update(&file->digest, source, len);
Vicent Marti committed
191 192
	}

193
	return 0;
Vicent Marti committed
194 195
}

196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216
#define MAX_SYMLINK_DEPTH 5

static int resolve_symlink(git_buf *out, const char *path)
{
	int i, error, root;
	ssize_t ret;
	struct stat st;
	git_buf curpath = GIT_BUF_INIT, target = GIT_BUF_INIT;

	if ((error = git_buf_grow(&target, GIT_PATH_MAX + 1)) < 0 ||
	    (error = git_buf_puts(&curpath, path)) < 0)
		return error;

	for (i = 0; i < MAX_SYMLINK_DEPTH; i++) {
		error = p_lstat(curpath.ptr, &st);
		if (error < 0 && errno == ENOENT) {
			error = git_buf_puts(out, curpath.ptr);
			goto cleanup;
		}

		if (error < 0) {
217
			git_error_set(GIT_ERROR_OS, "failed to stat '%s'", curpath.ptr);
218 219 220 221 222 223 224 225 226 227 228
			error = -1;
			goto cleanup;
		}

		if (!S_ISLNK(st.st_mode)) {
			error = git_buf_puts(out, curpath.ptr);
			goto cleanup;
		}

		ret = p_readlink(curpath.ptr, target.ptr, GIT_PATH_MAX);
		if (ret < 0) {
229
			git_error_set(GIT_ERROR_OS, "failed to read symlink '%s'", curpath.ptr);
230 231 232 233 234
			error = -1;
			goto cleanup;
		}

		if (ret == GIT_PATH_MAX) {
235
			git_error_set(GIT_ERROR_INVALID, "symlink target too long");
236 237 238 239 240 241 242 243 244 245
			error = -1;
			goto cleanup;
		}

		/* readlink(2) won't NUL-terminate for us */
		target.ptr[ret] = '\0';
		target.size = ret;

		root = git_path_root(target.ptr);
		if (root >= 0) {
246
			if ((error = git_buf_sets(&curpath, target.ptr)) < 0)
247 248 249 250 251 252 253 254
				goto cleanup;
		} else {
			git_buf dir = GIT_BUF_INIT;

			if ((error = git_path_dirname_r(&dir, curpath.ptr)) < 0)
				goto cleanup;

			git_buf_swap(&curpath, &dir);
255
			git_buf_dispose(&dir);
256 257 258 259 260 261

			if ((error = git_path_apply_relative(&curpath, target.ptr)) < 0)
				goto cleanup;
		}
	}

262
	git_error_set(GIT_ERROR_INVALID, "maximum symlink depth reached");
263 264 265
	error = -1;

cleanup:
266 267
	git_buf_dispose(&curpath);
	git_buf_dispose(&target);
268 269 270
	return error;
}

271
int git_filebuf_open(git_filebuf *file, const char *path, int flags, mode_t mode)
272
{
273 274 275 276 277
	return git_filebuf_open_withsize(file, path, flags, mode, WRITE_BUFFER_SIZE);
}

int git_filebuf_open_withsize(git_filebuf *file, const char *path, int flags, mode_t mode, size_t size)
{
278
	int compression, error = -1;
279
	size_t path_len, alloc_len;
280

281 282 283
	GIT_ASSERT_ARG(file);
	GIT_ASSERT_ARG(path);
	GIT_ASSERT(file->buffer == NULL);
284

285 286
	memset(file, 0x0, sizeof(git_filebuf));

287 288 289
	if (flags & GIT_FILEBUF_DO_NOT_BUFFER)
		file->do_not_buffer = true;

290 291 292
	if (flags & GIT_FILEBUF_FSYNC)
		file->do_fsync = true;

293
	file->buf_size = size;
294 295
	file->buf_pos = 0;
	file->fd = -1;
296
	file->last_error = BUFERR_OK;
297

Vicent Marti committed
298
	/* Allocate the main cache buffer */
299 300
	if (!file->do_not_buffer) {
		file->buffer = git__malloc(file->buf_size);
301
		GIT_ERROR_CHECK_ALLOC(file->buffer);
302
	}
303

Vicent Marti committed
304 305
	/* If we are hashing on-write, allocate a new hash context */
	if (flags & GIT_FILEBUF_HASH_CONTENTS) {
306
		file->compute_digest = 1;
307

308
		if (git_hash_ctx_init(&file->digest) < 0)
309
			goto cleanup;
310 311
	}

312
	compression = flags >> GIT_FILEBUF_DEFLATE_SHIFT;
313

314 315
	/* If we are deflating on-write, */
	if (compression != 0) {
Vicent Marti committed
316
		/* Initialize the ZLib stream */
317
		if (deflateInit(&file->zs, compression) != Z_OK) {
318
			git_error_set(GIT_ERROR_ZLIB, "failed to initialize zlib");
Vicent Marti committed
319 320
			goto cleanup;
		}
321

Vicent Marti committed
322 323
		/* Allocate the Zlib cache buffer */
		file->z_buf = git__malloc(file->buf_size);
324
		GIT_ERROR_CHECK_ALLOC(file->z_buf);
Vicent Marti committed
325 326 327 328 329 330

		/* Never flush */
		file->flush_mode = Z_NO_FLUSH;
		file->write = &write_deflate;
	} else {
		file->write = &write_normal;
331 332
	}

Vicent Marti committed
333 334
	/* If we are writing to a temp file */
	if (flags & GIT_FILEBUF_TEMPORARY) {
335
		git_buf tmp_path = GIT_BUF_INIT;
Vicent Marti committed
336 337

		/* Open the file as temporary for locking */
338
		file->fd = git_futils_mktmp(&tmp_path, path, mode);
339

Vicent Marti committed
340
		if (file->fd < 0) {
341
			git_buf_dispose(&tmp_path);
Vicent Marti committed
342 343
			goto cleanup;
		}
344
		file->fd_is_open = true;
345
		file->created_lock = true;
Vicent Marti committed
346 347 348

		/* No original path */
		file->path_original = NULL;
349
		file->path_lock = git_buf_detach(&tmp_path);
350
		GIT_ERROR_CHECK_ALLOC(file->path_lock);
Vicent Marti committed
351
	} else {
352 353 354 355
		git_buf resolved_path = GIT_BUF_INIT;

		if ((error = resolve_symlink(&resolved_path, path)) < 0)
			goto cleanup;
Vicent Marti committed
356 357

		/* Save the original path of the file */
358 359
		path_len = resolved_path.size;
		file->path_original = git_buf_detach(&resolved_path);
Vicent Marti committed
360 361

		/* create the locking path by appending ".lock" to the original */
362
		GIT_ERROR_CHECK_ALLOC_ADD(&alloc_len, path_len, GIT_FILELOCK_EXTLENGTH);
363
		file->path_lock = git__malloc(alloc_len);
364
		GIT_ERROR_CHECK_ALLOC(file->path_lock);
Vicent Marti committed
365 366 367 368

		memcpy(file->path_lock, file->path_original, path_len);
		memcpy(file->path_lock + path_len, GIT_FILELOCK_EXTENSION, GIT_FILELOCK_EXTLENGTH);

369
		if (git_path_isdir(file->path_original)) {
370
			git_error_set(GIT_ERROR_FILESYSTEM, "path '%s' is a directory", file->path_original);
371 372 373 374
			error = GIT_EDIRECTORY;
			goto cleanup;
		}

Vicent Marti committed
375
		/* open the file for locking */
376
		if ((error = lock_file(file, flags, mode)) < 0)
Vicent Marti committed
377
			goto cleanup;
378 379

		file->created_lock = true;
Vicent Marti committed
380
	}
381

382
	return 0;
383 384 385

cleanup:
	git_filebuf_cleanup(file);
386
	return error;
387 388 389 390
}

int git_filebuf_hash(git_oid *oid, git_filebuf *file)
{
391 392 393
	GIT_ASSERT_ARG(oid);
	GIT_ASSERT_ARG(file);
	GIT_ASSERT_ARG(file->compute_digest);
394

395 396 397 398
	flush_buffer(file);

	if (verify_last_error(file) < 0)
		return -1;
399

400 401 402
	git_hash_final(oid, &file->digest);
	git_hash_ctx_cleanup(&file->digest);
	file->compute_digest = 0;
403

404
	return 0;
405 406
}

407
int git_filebuf_commit_at(git_filebuf *file, const char *path)
Vicent Marti committed
408
{
409
	git__free(file->path_original);
Vicent Marti committed
410
	file->path_original = git__strdup(path);
411
	GIT_ERROR_CHECK_ALLOC(file->path_original);
Vicent Marti committed
412

413
	return git_filebuf_commit(file);
Vicent Marti committed
414 415
}

416
int git_filebuf_commit(git_filebuf *file)
417
{
Vicent Marti committed
418
	/* temporary files cannot be committed */
419 420
	GIT_ASSERT_ARG(file);
	GIT_ASSERT(file->path_original);
Vicent Marti committed
421 422

	file->flush_mode = Z_FINISH;
423 424 425 426
	flush_buffer(file);

	if (verify_last_error(file) < 0)
		goto on_error;
427

428
	file->fd_is_open = false;
429

430
	if (file->do_fsync && p_fsync(file->fd) < 0) {
431
		git_error_set(GIT_ERROR_OS, "failed to fsync '%s'", file->path_lock);
432 433 434
		goto on_error;
	}

435
	if (p_close(file->fd) < 0) {
436
		git_error_set(GIT_ERROR_OS, "failed to close file at '%s'", file->path_lock);
437 438 439 440 441
		goto on_error;
	}

	file->fd = -1;

442
	if (p_rename(file->path_lock, file->path_original) < 0) {
443
		git_error_set(GIT_ERROR_OS, "failed to rename lockfile to '%s'", file->path_original);
444 445
		goto on_error;
	}
446

447 448 449
	if (file->do_fsync && git_futils_fsync_parent(file->path_original) < 0)
		goto on_error;

450 451
	file->did_rename = true;

452
	git_filebuf_cleanup(file);
453 454 455 456 457
	return 0;

on_error:
	git_filebuf_cleanup(file);
	return -1;
458 459
}

Vicent Marti committed
460
GIT_INLINE(void) add_to_cache(git_filebuf *file, const void *buf, size_t len)
461 462 463 464 465
{
	memcpy(file->buffer + file->buf_pos, buf, len);
	file->buf_pos += len;
}

Vicent Marti committed
466
int git_filebuf_write(git_filebuf *file, const void *buff, size_t len)
467
{
Vicent Marti committed
468
	const unsigned char *buf = buff;
469

470 471
	ENSURE_BUF_OK(file);

472 473 474
	if (file->do_not_buffer)
		return file->write(file, (void *)buff, len);

475 476 477 478 479 480
	for (;;) {
		size_t space_left = file->buf_size - file->buf_pos;

		/* cache if it's small */
		if (space_left > len) {
			add_to_cache(file, buf, len);
481
			return 0;
482 483
		}

484
		add_to_cache(file, buf, space_left);
485 486
		if (flush_buffer(file) < 0)
			return -1;
487

488 489
		len -= space_left;
		buf += space_left;
490 491 492 493 494 495 496 497 498
	}
}

int git_filebuf_reserve(git_filebuf *file, void **buffer, size_t len)
{
	size_t space_left = file->buf_size - file->buf_pos;

	*buffer = NULL;

499 500 501 502 503 504
	ENSURE_BUF_OK(file);

	if (len > file->buf_size) {
		file->last_error = BUFERR_MEM;
		return -1;
	}
505 506

	if (space_left <= len) {
507 508
		if (flush_buffer(file) < 0)
			return -1;
509 510 511 512 513
	}

	*buffer = (file->buffer + file->buf_pos);
	file->buf_pos += len;

514
	return 0;
515 516
}

517 518 519
int git_filebuf_printf(git_filebuf *file, const char *format, ...)
{
	va_list arglist;
520
	size_t space_left, len, alloclen;
521
	int written, res;
522
	char *tmp_buffer;
523

524 525
	ENSURE_BUF_OK(file);

526 527 528 529
	space_left = file->buf_size - file->buf_pos;

	do {
		va_start(arglist, format);
530
		written = p_vsnprintf((char *)file->buffer + file->buf_pos, space_left, format, arglist);
531 532
		va_end(arglist);

533
		if (written < 0) {
534 535 536
			file->last_error = BUFERR_MEM;
			return -1;
		}
537

538 539
		len = written;
		if (len + 1 <= space_left) {
540
			file->buf_pos += len;
541
			return 0;
542
		}
543

544 545
		if (flush_buffer(file) < 0)
			return -1;
546

547 548
		space_left = file->buf_size - file->buf_pos;

549
	} while (len + 1 <= space_left);
550

551 552
	if (GIT_ADD_SIZET_OVERFLOW(&alloclen, len, 1) ||
		!(tmp_buffer = git__malloc(alloclen))) {
553 554 555
		file->last_error = BUFERR_MEM;
		return -1;
	}
556 557

	va_start(arglist, format);
558
	written = p_vsnprintf(tmp_buffer, len + 1, format, arglist);
559 560
	va_end(arglist);

561
	if (written < 0) {
562
		git__free(tmp_buffer);
563 564
		file->last_error = BUFERR_MEM;
		return -1;
565 566
	}

567
	res = git_filebuf_write(file, tmp_buffer, len);
568
	git__free(tmp_buffer);
569

570
	return res;
571 572
}

573 574 575 576 577 578 579 580 581 582 583
int git_filebuf_stats(time_t *mtime, size_t *size, git_filebuf *file)
{
	int res;
	struct stat st;

	if (file->fd_is_open)
		res = p_fstat(file->fd, &st);
	else
		res = p_stat(file->path_original, &st);

	if (res < 0) {
584
		git_error_set(GIT_ERROR_OS, "could not get stat info for '%s'",
585 586 587 588 589 590 591 592 593 594 595
			file->path_original);
		return res;
	}

	if (mtime)
		*mtime = st.st_mtime;
	if (size)
		*size = (size_t)st.st_size;

	return 0;
}