t5510: harden the way verify-pack is used
[alt-git.git] / read-cache.c
blob525d138e90c524d08ef3d9755f1a2486c34adc39
1 /*
2 * GIT - The information manager from hell
4 * Copyright (C) Linus Torvalds, 2005
5 */
6 #define NO_THE_INDEX_COMPATIBILITY_MACROS
7 #include "cache.h"
8 #include "cache-tree.h"
9 #include "refs.h"
10 #include "dir.h"
12 /* Index extensions.
14 * The first letter should be 'A'..'Z' for extensions that are not
15 * necessary for a correct operation (i.e. optimization data).
16 * When new extensions are added that _needs_ to be understood in
17 * order to correctly interpret the index file, pick character that
18 * is outside the range, to cause the reader to abort.
21 #define CACHE_EXT(s) ( (s[0]<<24)|(s[1]<<16)|(s[2]<<8)|(s[3]) )
22 #define CACHE_EXT_TREE 0x54524545 /* "TREE" */
24 struct index_state the_index;
26 static void set_index_entry(struct index_state *istate, int nr, struct cache_entry *ce)
28 istate->cache[nr] = ce;
29 add_name_hash(istate, ce);
32 static void replace_index_entry(struct index_state *istate, int nr, struct cache_entry *ce)
34 struct cache_entry *old = istate->cache[nr];
36 remove_name_hash(old);
37 set_index_entry(istate, nr, ce);
38 istate->cache_changed = 1;
41 void rename_index_entry_at(struct index_state *istate, int nr, const char *new_name)
43 struct cache_entry *old = istate->cache[nr], *new;
44 int namelen = strlen(new_name);
46 new = xmalloc(cache_entry_size(namelen));
47 copy_cache_entry(new, old);
48 new->ce_flags &= ~(CE_STATE_MASK | CE_NAMEMASK);
49 new->ce_flags |= (namelen >= CE_NAMEMASK ? CE_NAMEMASK : namelen);
50 memcpy(new->name, new_name, namelen + 1);
52 cache_tree_invalidate_path(istate->cache_tree, old->name);
53 remove_index_entry_at(istate, nr);
54 add_index_entry(istate, new, ADD_CACHE_OK_TO_ADD|ADD_CACHE_OK_TO_REPLACE);
58 * This only updates the "non-critical" parts of the directory
59 * cache, ie the parts that aren't tracked by GIT, and only used
60 * to validate the cache.
62 void fill_stat_cache_info(struct cache_entry *ce, struct stat *st)
64 ce->ce_ctime = st->st_ctime;
65 ce->ce_mtime = st->st_mtime;
66 ce->ce_dev = st->st_dev;
67 ce->ce_ino = st->st_ino;
68 ce->ce_uid = st->st_uid;
69 ce->ce_gid = st->st_gid;
70 ce->ce_size = st->st_size;
72 if (assume_unchanged)
73 ce->ce_flags |= CE_VALID;
75 if (S_ISREG(st->st_mode))
76 ce_mark_uptodate(ce);
79 static int ce_compare_data(struct cache_entry *ce, struct stat *st)
81 int match = -1;
82 int fd = open(ce->name, O_RDONLY);
84 if (fd >= 0) {
85 unsigned char sha1[20];
86 if (!index_fd(sha1, fd, st, 0, OBJ_BLOB, ce->name))
87 match = hashcmp(sha1, ce->sha1);
88 /* index_fd() closed the file descriptor already */
90 return match;
93 static int ce_compare_link(struct cache_entry *ce, size_t expected_size)
95 int match = -1;
96 char *target;
97 void *buffer;
98 unsigned long size;
99 enum object_type type;
100 int len;
102 target = xmalloc(expected_size);
103 len = readlink(ce->name, target, expected_size);
104 if (len != expected_size) {
105 free(target);
106 return -1;
108 buffer = read_sha1_file(ce->sha1, &type, &size);
109 if (!buffer) {
110 free(target);
111 return -1;
113 if (size == expected_size)
114 match = memcmp(buffer, target, size);
115 free(buffer);
116 free(target);
117 return match;
120 static int ce_compare_gitlink(struct cache_entry *ce)
122 unsigned char sha1[20];
125 * We don't actually require that the .git directory
126 * under GITLINK directory be a valid git directory. It
127 * might even be missing (in case nobody populated that
128 * sub-project).
130 * If so, we consider it always to match.
132 if (resolve_gitlink_ref(ce->name, "HEAD", sha1) < 0)
133 return 0;
134 return hashcmp(sha1, ce->sha1);
137 static int ce_modified_check_fs(struct cache_entry *ce, struct stat *st)
139 switch (st->st_mode & S_IFMT) {
140 case S_IFREG:
141 if (ce_compare_data(ce, st))
142 return DATA_CHANGED;
143 break;
144 case S_IFLNK:
145 if (ce_compare_link(ce, xsize_t(st->st_size)))
146 return DATA_CHANGED;
147 break;
148 case S_IFDIR:
149 if (S_ISGITLINK(ce->ce_mode))
150 return ce_compare_gitlink(ce) ? DATA_CHANGED : 0;
151 default:
152 return TYPE_CHANGED;
154 return 0;
157 static int is_empty_blob_sha1(const unsigned char *sha1)
159 static const unsigned char empty_blob_sha1[20] = {
160 0xe6,0x9d,0xe2,0x9b,0xb2,0xd1,0xd6,0x43,0x4b,0x8b,
161 0x29,0xae,0x77,0x5a,0xd8,0xc2,0xe4,0x8c,0x53,0x91
164 return !hashcmp(sha1, empty_blob_sha1);
167 static int ce_match_stat_basic(struct cache_entry *ce, struct stat *st)
169 unsigned int changed = 0;
171 if (ce->ce_flags & CE_REMOVE)
172 return MODE_CHANGED | DATA_CHANGED | TYPE_CHANGED;
174 switch (ce->ce_mode & S_IFMT) {
175 case S_IFREG:
176 changed |= !S_ISREG(st->st_mode) ? TYPE_CHANGED : 0;
177 /* We consider only the owner x bit to be relevant for
178 * "mode changes"
180 if (trust_executable_bit &&
181 (0100 & (ce->ce_mode ^ st->st_mode)))
182 changed |= MODE_CHANGED;
183 break;
184 case S_IFLNK:
185 if (!S_ISLNK(st->st_mode) &&
186 (has_symlinks || !S_ISREG(st->st_mode)))
187 changed |= TYPE_CHANGED;
188 break;
189 case S_IFGITLINK:
190 /* We ignore most of the st_xxx fields for gitlinks */
191 if (!S_ISDIR(st->st_mode))
192 changed |= TYPE_CHANGED;
193 else if (ce_compare_gitlink(ce))
194 changed |= DATA_CHANGED;
195 return changed;
196 default:
197 die("internal error: ce_mode is %o", ce->ce_mode);
199 if (ce->ce_mtime != (unsigned int) st->st_mtime)
200 changed |= MTIME_CHANGED;
201 if (trust_ctime && ce->ce_ctime != (unsigned int) st->st_ctime)
202 changed |= CTIME_CHANGED;
204 if (ce->ce_uid != (unsigned int) st->st_uid ||
205 ce->ce_gid != (unsigned int) st->st_gid)
206 changed |= OWNER_CHANGED;
207 if (ce->ce_ino != (unsigned int) st->st_ino)
208 changed |= INODE_CHANGED;
210 #ifdef USE_STDEV
212 * st_dev breaks on network filesystems where different
213 * clients will have different views of what "device"
214 * the filesystem is on
216 if (ce->ce_dev != (unsigned int) st->st_dev)
217 changed |= INODE_CHANGED;
218 #endif
220 if (ce->ce_size != (unsigned int) st->st_size)
221 changed |= DATA_CHANGED;
223 /* Racily smudged entry? */
224 if (!ce->ce_size) {
225 if (!is_empty_blob_sha1(ce->sha1))
226 changed |= DATA_CHANGED;
229 return changed;
232 static int is_racy_timestamp(const struct index_state *istate, struct cache_entry *ce)
234 return (!S_ISGITLINK(ce->ce_mode) &&
235 istate->timestamp &&
236 ((unsigned int)istate->timestamp) <= ce->ce_mtime);
239 int ie_match_stat(const struct index_state *istate,
240 struct cache_entry *ce, struct stat *st,
241 unsigned int options)
243 unsigned int changed;
244 int ignore_valid = options & CE_MATCH_IGNORE_VALID;
245 int assume_racy_is_modified = options & CE_MATCH_RACY_IS_DIRTY;
248 * If it's marked as always valid in the index, it's
249 * valid whatever the checked-out copy says.
251 if (!ignore_valid && (ce->ce_flags & CE_VALID))
252 return 0;
254 changed = ce_match_stat_basic(ce, st);
257 * Within 1 second of this sequence:
258 * echo xyzzy >file && git-update-index --add file
259 * running this command:
260 * echo frotz >file
261 * would give a falsely clean cache entry. The mtime and
262 * length match the cache, and other stat fields do not change.
264 * We could detect this at update-index time (the cache entry
265 * being registered/updated records the same time as "now")
266 * and delay the return from git-update-index, but that would
267 * effectively mean we can make at most one commit per second,
268 * which is not acceptable. Instead, we check cache entries
269 * whose mtime are the same as the index file timestamp more
270 * carefully than others.
272 if (!changed && is_racy_timestamp(istate, ce)) {
273 if (assume_racy_is_modified)
274 changed |= DATA_CHANGED;
275 else
276 changed |= ce_modified_check_fs(ce, st);
279 return changed;
282 int ie_modified(const struct index_state *istate,
283 struct cache_entry *ce, struct stat *st, unsigned int options)
285 int changed, changed_fs;
287 changed = ie_match_stat(istate, ce, st, options);
288 if (!changed)
289 return 0;
291 * If the mode or type has changed, there's no point in trying
292 * to refresh the entry - it's not going to match
294 if (changed & (MODE_CHANGED | TYPE_CHANGED))
295 return changed;
298 * Immediately after read-tree or update-index --cacheinfo,
299 * the length field is zero, as we have never even read the
300 * lstat(2) information once, and we cannot trust DATA_CHANGED
301 * returned by ie_match_stat() which in turn was returned by
302 * ce_match_stat_basic() to signal that the filesize of the
303 * blob changed. We have to actually go to the filesystem to
304 * see if the contents match, and if so, should answer "unchanged".
306 * The logic does not apply to gitlinks, as ce_match_stat_basic()
307 * already has checked the actual HEAD from the filesystem in the
308 * subproject. If ie_match_stat() already said it is different,
309 * then we know it is.
311 if ((changed & DATA_CHANGED) &&
312 (S_ISGITLINK(ce->ce_mode) || ce->ce_size != 0))
313 return changed;
315 changed_fs = ce_modified_check_fs(ce, st);
316 if (changed_fs)
317 return changed | changed_fs;
318 return 0;
321 int base_name_compare(const char *name1, int len1, int mode1,
322 const char *name2, int len2, int mode2)
324 unsigned char c1, c2;
325 int len = len1 < len2 ? len1 : len2;
326 int cmp;
328 cmp = memcmp(name1, name2, len);
329 if (cmp)
330 return cmp;
331 c1 = name1[len];
332 c2 = name2[len];
333 if (!c1 && S_ISDIR(mode1))
334 c1 = '/';
335 if (!c2 && S_ISDIR(mode2))
336 c2 = '/';
337 return (c1 < c2) ? -1 : (c1 > c2) ? 1 : 0;
341 * df_name_compare() is identical to base_name_compare(), except it
342 * compares conflicting directory/file entries as equal. Note that
343 * while a directory name compares as equal to a regular file, they
344 * then individually compare _differently_ to a filename that has
345 * a dot after the basename (because '\0' < '.' < '/').
347 * This is used by routines that want to traverse the git namespace
348 * but then handle conflicting entries together when possible.
350 int df_name_compare(const char *name1, int len1, int mode1,
351 const char *name2, int len2, int mode2)
353 int len = len1 < len2 ? len1 : len2, cmp;
354 unsigned char c1, c2;
356 cmp = memcmp(name1, name2, len);
357 if (cmp)
358 return cmp;
359 /* Directories and files compare equal (same length, same name) */
360 if (len1 == len2)
361 return 0;
362 c1 = name1[len];
363 if (!c1 && S_ISDIR(mode1))
364 c1 = '/';
365 c2 = name2[len];
366 if (!c2 && S_ISDIR(mode2))
367 c2 = '/';
368 if (c1 == '/' && !c2)
369 return 0;
370 if (c2 == '/' && !c1)
371 return 0;
372 return c1 - c2;
375 int cache_name_compare(const char *name1, int flags1, const char *name2, int flags2)
377 int len1 = flags1 & CE_NAMEMASK;
378 int len2 = flags2 & CE_NAMEMASK;
379 int len = len1 < len2 ? len1 : len2;
380 int cmp;
382 cmp = memcmp(name1, name2, len);
383 if (cmp)
384 return cmp;
385 if (len1 < len2)
386 return -1;
387 if (len1 > len2)
388 return 1;
390 /* Compare stages */
391 flags1 &= CE_STAGEMASK;
392 flags2 &= CE_STAGEMASK;
394 if (flags1 < flags2)
395 return -1;
396 if (flags1 > flags2)
397 return 1;
398 return 0;
401 int index_name_pos(const struct index_state *istate, const char *name, int namelen)
403 int first, last;
405 first = 0;
406 last = istate->cache_nr;
407 while (last > first) {
408 int next = (last + first) >> 1;
409 struct cache_entry *ce = istate->cache[next];
410 int cmp = cache_name_compare(name, namelen, ce->name, ce->ce_flags);
411 if (!cmp)
412 return next;
413 if (cmp < 0) {
414 last = next;
415 continue;
417 first = next+1;
419 return -first-1;
422 /* Remove entry, return true if there are more entries to go.. */
423 int remove_index_entry_at(struct index_state *istate, int pos)
425 struct cache_entry *ce = istate->cache[pos];
427 remove_name_hash(ce);
428 istate->cache_changed = 1;
429 istate->cache_nr--;
430 if (pos >= istate->cache_nr)
431 return 0;
432 memmove(istate->cache + pos,
433 istate->cache + pos + 1,
434 (istate->cache_nr - pos) * sizeof(struct cache_entry *));
435 return 1;
438 int remove_file_from_index(struct index_state *istate, const char *path)
440 int pos = index_name_pos(istate, path, strlen(path));
441 if (pos < 0)
442 pos = -pos-1;
443 cache_tree_invalidate_path(istate->cache_tree, path);
444 while (pos < istate->cache_nr && !strcmp(istate->cache[pos]->name, path))
445 remove_index_entry_at(istate, pos);
446 return 0;
449 static int compare_name(struct cache_entry *ce, const char *path, int namelen)
451 return namelen != ce_namelen(ce) || memcmp(path, ce->name, namelen);
454 static int index_name_pos_also_unmerged(struct index_state *istate,
455 const char *path, int namelen)
457 int pos = index_name_pos(istate, path, namelen);
458 struct cache_entry *ce;
460 if (pos >= 0)
461 return pos;
463 /* maybe unmerged? */
464 pos = -1 - pos;
465 if (pos >= istate->cache_nr ||
466 compare_name((ce = istate->cache[pos]), path, namelen))
467 return -1;
469 /* order of preference: stage 2, 1, 3 */
470 if (ce_stage(ce) == 1 && pos + 1 < istate->cache_nr &&
471 ce_stage((ce = istate->cache[pos + 1])) == 2 &&
472 !compare_name(ce, path, namelen))
473 pos++;
474 return pos;
477 static int different_name(struct cache_entry *ce, struct cache_entry *alias)
479 int len = ce_namelen(ce);
480 return ce_namelen(alias) != len || memcmp(ce->name, alias->name, len);
484 * If we add a filename that aliases in the cache, we will use the
485 * name that we already have - but we don't want to update the same
486 * alias twice, because that implies that there were actually two
487 * different files with aliasing names!
489 * So we use the CE_ADDED flag to verify that the alias was an old
490 * one before we accept it as
492 static struct cache_entry *create_alias_ce(struct cache_entry *ce, struct cache_entry *alias)
494 int len;
495 struct cache_entry *new;
497 if (alias->ce_flags & CE_ADDED)
498 die("Will not add file alias '%s' ('%s' already exists in index)", ce->name, alias->name);
500 /* Ok, create the new entry using the name of the existing alias */
501 len = ce_namelen(alias);
502 new = xcalloc(1, cache_entry_size(len));
503 memcpy(new->name, alias->name, len);
504 copy_cache_entry(new, ce);
505 free(ce);
506 return new;
509 int add_to_index(struct index_state *istate, const char *path, struct stat *st, int flags)
511 int size, namelen, was_same;
512 mode_t st_mode = st->st_mode;
513 struct cache_entry *ce, *alias;
514 unsigned ce_option = CE_MATCH_IGNORE_VALID|CE_MATCH_RACY_IS_DIRTY;
515 int verbose = flags & (ADD_CACHE_VERBOSE | ADD_CACHE_PRETEND);
516 int pretend = flags & ADD_CACHE_PRETEND;
518 if (!S_ISREG(st_mode) && !S_ISLNK(st_mode) && !S_ISDIR(st_mode))
519 return error("%s: can only add regular files, symbolic links or git-directories", path);
521 namelen = strlen(path);
522 if (S_ISDIR(st_mode)) {
523 while (namelen && path[namelen-1] == '/')
524 namelen--;
526 size = cache_entry_size(namelen);
527 ce = xcalloc(1, size);
528 memcpy(ce->name, path, namelen);
529 ce->ce_flags = namelen;
530 fill_stat_cache_info(ce, st);
532 if (trust_executable_bit && has_symlinks)
533 ce->ce_mode = create_ce_mode(st_mode);
534 else {
535 /* If there is an existing entry, pick the mode bits and type
536 * from it, otherwise assume unexecutable regular file.
538 struct cache_entry *ent;
539 int pos = index_name_pos_also_unmerged(istate, path, namelen);
541 ent = (0 <= pos) ? istate->cache[pos] : NULL;
542 ce->ce_mode = ce_mode_from_stat(ent, st_mode);
545 alias = index_name_exists(istate, ce->name, ce_namelen(ce), ignore_case);
546 if (alias && !ce_stage(alias) && !ie_match_stat(istate, alias, st, ce_option)) {
547 /* Nothing changed, really */
548 free(ce);
549 ce_mark_uptodate(alias);
550 alias->ce_flags |= CE_ADDED;
551 return 0;
553 if (index_path(ce->sha1, path, st, 1))
554 return error("unable to index file %s", path);
555 if (ignore_case && alias && different_name(ce, alias))
556 ce = create_alias_ce(ce, alias);
557 ce->ce_flags |= CE_ADDED;
559 /* It was suspected to be racily clean, but it turns out to be Ok */
560 was_same = (alias &&
561 !ce_stage(alias) &&
562 !hashcmp(alias->sha1, ce->sha1) &&
563 ce->ce_mode == alias->ce_mode);
565 if (pretend)
567 else if (add_index_entry(istate, ce, ADD_CACHE_OK_TO_ADD|ADD_CACHE_OK_TO_REPLACE))
568 return error("unable to add %s to index",path);
569 if (verbose && !was_same)
570 printf("add '%s'\n", path);
571 return 0;
574 int add_file_to_index(struct index_state *istate, const char *path, int flags)
576 struct stat st;
577 if (lstat(path, &st))
578 die("%s: unable to stat (%s)", path, strerror(errno));
579 return add_to_index(istate, path, &st, flags);
582 struct cache_entry *make_cache_entry(unsigned int mode,
583 const unsigned char *sha1, const char *path, int stage,
584 int refresh)
586 int size, len;
587 struct cache_entry *ce;
589 if (!verify_path(path))
590 return NULL;
592 len = strlen(path);
593 size = cache_entry_size(len);
594 ce = xcalloc(1, size);
596 hashcpy(ce->sha1, sha1);
597 memcpy(ce->name, path, len);
598 ce->ce_flags = create_ce_flags(len, stage);
599 ce->ce_mode = create_ce_mode(mode);
601 if (refresh)
602 return refresh_cache_entry(ce, 0);
604 return ce;
607 int ce_same_name(struct cache_entry *a, struct cache_entry *b)
609 int len = ce_namelen(a);
610 return ce_namelen(b) == len && !memcmp(a->name, b->name, len);
613 int ce_path_match(const struct cache_entry *ce, const char **pathspec)
615 const char *match, *name;
616 int len;
618 if (!pathspec)
619 return 1;
621 len = ce_namelen(ce);
622 name = ce->name;
623 while ((match = *pathspec++) != NULL) {
624 int matchlen = strlen(match);
625 if (matchlen > len)
626 continue;
627 if (memcmp(name, match, matchlen))
628 continue;
629 if (matchlen && name[matchlen-1] == '/')
630 return 1;
631 if (name[matchlen] == '/' || !name[matchlen])
632 return 1;
633 if (!matchlen)
634 return 1;
636 return 0;
640 * We fundamentally don't like some paths: we don't want
641 * dot or dot-dot anywhere, and for obvious reasons don't
642 * want to recurse into ".git" either.
644 * Also, we don't want double slashes or slashes at the
645 * end that can make pathnames ambiguous.
647 static int verify_dotfile(const char *rest)
650 * The first character was '.', but that
651 * has already been discarded, we now test
652 * the rest.
654 switch (*rest) {
655 /* "." is not allowed */
656 case '\0': case '/':
657 return 0;
660 * ".git" followed by NUL or slash is bad. This
661 * shares the path end test with the ".." case.
663 case 'g':
664 if (rest[1] != 'i')
665 break;
666 if (rest[2] != 't')
667 break;
668 rest += 2;
669 /* fallthrough */
670 case '.':
671 if (rest[1] == '\0' || rest[1] == '/')
672 return 0;
674 return 1;
677 int verify_path(const char *path)
679 char c;
681 goto inside;
682 for (;;) {
683 if (!c)
684 return 1;
685 if (c == '/') {
686 inside:
687 c = *path++;
688 switch (c) {
689 default:
690 continue;
691 case '/': case '\0':
692 break;
693 case '.':
694 if (verify_dotfile(path))
695 continue;
697 return 0;
699 c = *path++;
704 * Do we have another file that has the beginning components being a
705 * proper superset of the name we're trying to add?
707 static int has_file_name(struct index_state *istate,
708 const struct cache_entry *ce, int pos, int ok_to_replace)
710 int retval = 0;
711 int len = ce_namelen(ce);
712 int stage = ce_stage(ce);
713 const char *name = ce->name;
715 while (pos < istate->cache_nr) {
716 struct cache_entry *p = istate->cache[pos++];
718 if (len >= ce_namelen(p))
719 break;
720 if (memcmp(name, p->name, len))
721 break;
722 if (ce_stage(p) != stage)
723 continue;
724 if (p->name[len] != '/')
725 continue;
726 if (p->ce_flags & CE_REMOVE)
727 continue;
728 retval = -1;
729 if (!ok_to_replace)
730 break;
731 remove_index_entry_at(istate, --pos);
733 return retval;
737 * Do we have another file with a pathname that is a proper
738 * subset of the name we're trying to add?
740 static int has_dir_name(struct index_state *istate,
741 const struct cache_entry *ce, int pos, int ok_to_replace)
743 int retval = 0;
744 int stage = ce_stage(ce);
745 const char *name = ce->name;
746 const char *slash = name + ce_namelen(ce);
748 for (;;) {
749 int len;
751 for (;;) {
752 if (*--slash == '/')
753 break;
754 if (slash <= ce->name)
755 return retval;
757 len = slash - name;
759 pos = index_name_pos(istate, name, create_ce_flags(len, stage));
760 if (pos >= 0) {
762 * Found one, but not so fast. This could
763 * be a marker that says "I was here, but
764 * I am being removed". Such an entry is
765 * not a part of the resulting tree, and
766 * it is Ok to have a directory at the same
767 * path.
769 if (!(istate->cache[pos]->ce_flags & CE_REMOVE)) {
770 retval = -1;
771 if (!ok_to_replace)
772 break;
773 remove_index_entry_at(istate, pos);
774 continue;
777 else
778 pos = -pos-1;
781 * Trivial optimization: if we find an entry that
782 * already matches the sub-directory, then we know
783 * we're ok, and we can exit.
785 while (pos < istate->cache_nr) {
786 struct cache_entry *p = istate->cache[pos];
787 if ((ce_namelen(p) <= len) ||
788 (p->name[len] != '/') ||
789 memcmp(p->name, name, len))
790 break; /* not our subdirectory */
791 if (ce_stage(p) == stage && !(p->ce_flags & CE_REMOVE))
793 * p is at the same stage as our entry, and
794 * is a subdirectory of what we are looking
795 * at, so we cannot have conflicts at our
796 * level or anything shorter.
798 return retval;
799 pos++;
802 return retval;
805 /* We may be in a situation where we already have path/file and path
806 * is being added, or we already have path and path/file is being
807 * added. Either one would result in a nonsense tree that has path
808 * twice when git-write-tree tries to write it out. Prevent it.
810 * If ok-to-replace is specified, we remove the conflicting entries
811 * from the cache so the caller should recompute the insert position.
812 * When this happens, we return non-zero.
814 static int check_file_directory_conflict(struct index_state *istate,
815 const struct cache_entry *ce,
816 int pos, int ok_to_replace)
818 int retval;
821 * When ce is an "I am going away" entry, we allow it to be added
823 if (ce->ce_flags & CE_REMOVE)
824 return 0;
827 * We check if the path is a sub-path of a subsequent pathname
828 * first, since removing those will not change the position
829 * in the array.
831 retval = has_file_name(istate, ce, pos, ok_to_replace);
834 * Then check if the path might have a clashing sub-directory
835 * before it.
837 return retval + has_dir_name(istate, ce, pos, ok_to_replace);
840 static int add_index_entry_with_check(struct index_state *istate, struct cache_entry *ce, int option)
842 int pos;
843 int ok_to_add = option & ADD_CACHE_OK_TO_ADD;
844 int ok_to_replace = option & ADD_CACHE_OK_TO_REPLACE;
845 int skip_df_check = option & ADD_CACHE_SKIP_DFCHECK;
847 cache_tree_invalidate_path(istate->cache_tree, ce->name);
848 pos = index_name_pos(istate, ce->name, ce->ce_flags);
850 /* existing match? Just replace it. */
851 if (pos >= 0) {
852 replace_index_entry(istate, pos, ce);
853 return 0;
855 pos = -pos-1;
858 * Inserting a merged entry ("stage 0") into the index
859 * will always replace all non-merged entries..
861 if (pos < istate->cache_nr && ce_stage(ce) == 0) {
862 while (ce_same_name(istate->cache[pos], ce)) {
863 ok_to_add = 1;
864 if (!remove_index_entry_at(istate, pos))
865 break;
869 if (!ok_to_add)
870 return -1;
871 if (!verify_path(ce->name))
872 return -1;
874 if (!skip_df_check &&
875 check_file_directory_conflict(istate, ce, pos, ok_to_replace)) {
876 if (!ok_to_replace)
877 return error("'%s' appears as both a file and as a directory",
878 ce->name);
879 pos = index_name_pos(istate, ce->name, ce->ce_flags);
880 pos = -pos-1;
882 return pos + 1;
885 int add_index_entry(struct index_state *istate, struct cache_entry *ce, int option)
887 int pos;
889 if (option & ADD_CACHE_JUST_APPEND)
890 pos = istate->cache_nr;
891 else {
892 int ret;
893 ret = add_index_entry_with_check(istate, ce, option);
894 if (ret <= 0)
895 return ret;
896 pos = ret - 1;
899 /* Make sure the array is big enough .. */
900 if (istate->cache_nr == istate->cache_alloc) {
901 istate->cache_alloc = alloc_nr(istate->cache_alloc);
902 istate->cache = xrealloc(istate->cache,
903 istate->cache_alloc * sizeof(struct cache_entry *));
906 /* Add it in.. */
907 istate->cache_nr++;
908 if (istate->cache_nr > pos + 1)
909 memmove(istate->cache + pos + 1,
910 istate->cache + pos,
911 (istate->cache_nr - pos - 1) * sizeof(ce));
912 set_index_entry(istate, pos, ce);
913 istate->cache_changed = 1;
914 return 0;
918 * "refresh" does not calculate a new sha1 file or bring the
919 * cache up-to-date for mode/content changes. But what it
920 * _does_ do is to "re-match" the stat information of a file
921 * with the cache, so that you can refresh the cache for a
922 * file that hasn't been changed but where the stat entry is
923 * out of date.
925 * For example, you'd want to do this after doing a "git-read-tree",
926 * to link up the stat cache details with the proper files.
928 static struct cache_entry *refresh_cache_ent(struct index_state *istate,
929 struct cache_entry *ce,
930 unsigned int options, int *err)
932 struct stat st;
933 struct cache_entry *updated;
934 int changed, size;
935 int ignore_valid = options & CE_MATCH_IGNORE_VALID;
937 if (ce_uptodate(ce))
938 return ce;
941 * CE_VALID means the user promised us that the change to
942 * the work tree does not matter and told us not to worry.
944 if (!ignore_valid && (ce->ce_flags & CE_VALID)) {
945 ce_mark_uptodate(ce);
946 return ce;
949 if (lstat(ce->name, &st) < 0) {
950 if (err)
951 *err = errno;
952 return NULL;
955 changed = ie_match_stat(istate, ce, &st, options);
956 if (!changed) {
958 * The path is unchanged. If we were told to ignore
959 * valid bit, then we did the actual stat check and
960 * found that the entry is unmodified. If the entry
961 * is not marked VALID, this is the place to mark it
962 * valid again, under "assume unchanged" mode.
964 if (ignore_valid && assume_unchanged &&
965 !(ce->ce_flags & CE_VALID))
966 ; /* mark this one VALID again */
967 else {
969 * We do not mark the index itself "modified"
970 * because CE_UPTODATE flag is in-core only;
971 * we are not going to write this change out.
973 ce_mark_uptodate(ce);
974 return ce;
978 if (ie_modified(istate, ce, &st, options)) {
979 if (err)
980 *err = EINVAL;
981 return NULL;
984 size = ce_size(ce);
985 updated = xmalloc(size);
986 memcpy(updated, ce, size);
987 fill_stat_cache_info(updated, &st);
989 * If ignore_valid is not set, we should leave CE_VALID bit
990 * alone. Otherwise, paths marked with --no-assume-unchanged
991 * (i.e. things to be edited) will reacquire CE_VALID bit
992 * automatically, which is not really what we want.
994 if (!ignore_valid && assume_unchanged &&
995 !(ce->ce_flags & CE_VALID))
996 updated->ce_flags &= ~CE_VALID;
998 return updated;
1001 int refresh_index(struct index_state *istate, unsigned int flags, const char **pathspec, char *seen)
1003 int i;
1004 int has_errors = 0;
1005 int really = (flags & REFRESH_REALLY) != 0;
1006 int allow_unmerged = (flags & REFRESH_UNMERGED) != 0;
1007 int quiet = (flags & REFRESH_QUIET) != 0;
1008 int not_new = (flags & REFRESH_IGNORE_MISSING) != 0;
1009 int ignore_submodules = (flags & REFRESH_IGNORE_SUBMODULES) != 0;
1010 unsigned int options = really ? CE_MATCH_IGNORE_VALID : 0;
1011 const char *needs_update_message;
1013 needs_update_message = ((flags & REFRESH_SAY_CHANGED)
1014 ? "locally modified" : "needs update");
1015 for (i = 0; i < istate->cache_nr; i++) {
1016 struct cache_entry *ce, *new;
1017 int cache_errno = 0;
1019 ce = istate->cache[i];
1020 if (ignore_submodules && S_ISGITLINK(ce->ce_mode))
1021 continue;
1023 if (ce_stage(ce)) {
1024 while ((i < istate->cache_nr) &&
1025 ! strcmp(istate->cache[i]->name, ce->name))
1026 i++;
1027 i--;
1028 if (allow_unmerged)
1029 continue;
1030 printf("%s: needs merge\n", ce->name);
1031 has_errors = 1;
1032 continue;
1035 if (pathspec && !match_pathspec(pathspec, ce->name, strlen(ce->name), 0, seen))
1036 continue;
1038 new = refresh_cache_ent(istate, ce, options, &cache_errno);
1039 if (new == ce)
1040 continue;
1041 if (!new) {
1042 if (not_new && cache_errno == ENOENT)
1043 continue;
1044 if (really && cache_errno == EINVAL) {
1045 /* If we are doing --really-refresh that
1046 * means the index is not valid anymore.
1048 ce->ce_flags &= ~CE_VALID;
1049 istate->cache_changed = 1;
1051 if (quiet)
1052 continue;
1053 printf("%s: %s\n", ce->name, needs_update_message);
1054 has_errors = 1;
1055 continue;
1058 replace_index_entry(istate, i, new);
1060 return has_errors;
1063 struct cache_entry *refresh_cache_entry(struct cache_entry *ce, int really)
1065 return refresh_cache_ent(&the_index, ce, really, NULL);
1068 static int verify_hdr(struct cache_header *hdr, unsigned long size)
1070 SHA_CTX c;
1071 unsigned char sha1[20];
1073 if (hdr->hdr_signature != htonl(CACHE_SIGNATURE))
1074 return error("bad signature");
1075 if (hdr->hdr_version != htonl(2))
1076 return error("bad index version");
1077 SHA1_Init(&c);
1078 SHA1_Update(&c, hdr, size - 20);
1079 SHA1_Final(sha1, &c);
1080 if (hashcmp(sha1, (unsigned char *)hdr + size - 20))
1081 return error("bad index file sha1 signature");
1082 return 0;
1085 static int read_index_extension(struct index_state *istate,
1086 const char *ext, void *data, unsigned long sz)
1088 switch (CACHE_EXT(ext)) {
1089 case CACHE_EXT_TREE:
1090 istate->cache_tree = cache_tree_read(data, sz);
1091 break;
1092 default:
1093 if (*ext < 'A' || 'Z' < *ext)
1094 return error("index uses %.4s extension, which we do not understand",
1095 ext);
1096 fprintf(stderr, "ignoring %.4s extension\n", ext);
1097 break;
1099 return 0;
1102 int read_index(struct index_state *istate)
1104 return read_index_from(istate, get_index_file());
1107 static void convert_from_disk(struct ondisk_cache_entry *ondisk, struct cache_entry *ce)
1109 size_t len;
1111 ce->ce_ctime = ntohl(ondisk->ctime.sec);
1112 ce->ce_mtime = ntohl(ondisk->mtime.sec);
1113 ce->ce_dev = ntohl(ondisk->dev);
1114 ce->ce_ino = ntohl(ondisk->ino);
1115 ce->ce_mode = ntohl(ondisk->mode);
1116 ce->ce_uid = ntohl(ondisk->uid);
1117 ce->ce_gid = ntohl(ondisk->gid);
1118 ce->ce_size = ntohl(ondisk->size);
1119 /* On-disk flags are just 16 bits */
1120 ce->ce_flags = ntohs(ondisk->flags);
1121 hashcpy(ce->sha1, ondisk->sha1);
1123 len = ce->ce_flags & CE_NAMEMASK;
1124 if (len == CE_NAMEMASK)
1125 len = strlen(ondisk->name);
1127 * NEEDSWORK: If the original index is crafted, this copy could
1128 * go unchecked.
1130 memcpy(ce->name, ondisk->name, len + 1);
1133 static inline size_t estimate_cache_size(size_t ondisk_size, unsigned int entries)
1135 long per_entry;
1137 per_entry = sizeof(struct cache_entry) - sizeof(struct ondisk_cache_entry);
1140 * Alignment can cause differences. This should be "alignof", but
1141 * since that's a gcc'ism, just use the size of a pointer.
1143 per_entry += sizeof(void *);
1144 return ondisk_size + entries*per_entry;
1147 /* remember to discard_cache() before reading a different cache! */
1148 int read_index_from(struct index_state *istate, const char *path)
1150 int fd, i;
1151 struct stat st;
1152 unsigned long src_offset, dst_offset;
1153 struct cache_header *hdr;
1154 void *mmap;
1155 size_t mmap_size;
1157 errno = EBUSY;
1158 if (istate->initialized)
1159 return istate->cache_nr;
1161 errno = ENOENT;
1162 istate->timestamp = 0;
1163 fd = open(path, O_RDONLY);
1164 if (fd < 0) {
1165 if (errno == ENOENT)
1166 return 0;
1167 die("index file open failed (%s)", strerror(errno));
1170 if (fstat(fd, &st))
1171 die("cannot stat the open index (%s)", strerror(errno));
1173 errno = EINVAL;
1174 mmap_size = xsize_t(st.st_size);
1175 if (mmap_size < sizeof(struct cache_header) + 20)
1176 die("index file smaller than expected");
1178 mmap = xmmap(NULL, mmap_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
1179 close(fd);
1180 if (mmap == MAP_FAILED)
1181 die("unable to map index file");
1183 hdr = mmap;
1184 if (verify_hdr(hdr, mmap_size) < 0)
1185 goto unmap;
1187 istate->cache_nr = ntohl(hdr->hdr_entries);
1188 istate->cache_alloc = alloc_nr(istate->cache_nr);
1189 istate->cache = xcalloc(istate->cache_alloc, sizeof(struct cache_entry *));
1192 * The disk format is actually larger than the in-memory format,
1193 * due to space for nsec etc, so even though the in-memory one
1194 * has room for a few more flags, we can allocate using the same
1195 * index size
1197 istate->alloc = xmalloc(estimate_cache_size(mmap_size, istate->cache_nr));
1198 istate->initialized = 1;
1200 src_offset = sizeof(*hdr);
1201 dst_offset = 0;
1202 for (i = 0; i < istate->cache_nr; i++) {
1203 struct ondisk_cache_entry *disk_ce;
1204 struct cache_entry *ce;
1206 disk_ce = (struct ondisk_cache_entry *)((char *)mmap + src_offset);
1207 ce = (struct cache_entry *)((char *)istate->alloc + dst_offset);
1208 convert_from_disk(disk_ce, ce);
1209 set_index_entry(istate, i, ce);
1211 src_offset += ondisk_ce_size(ce);
1212 dst_offset += ce_size(ce);
1214 istate->timestamp = st.st_mtime;
1215 while (src_offset <= mmap_size - 20 - 8) {
1216 /* After an array of active_nr index entries,
1217 * there can be arbitrary number of extended
1218 * sections, each of which is prefixed with
1219 * extension name (4-byte) and section length
1220 * in 4-byte network byte order.
1222 unsigned long extsize;
1223 memcpy(&extsize, (char *)mmap + src_offset + 4, 4);
1224 extsize = ntohl(extsize);
1225 if (read_index_extension(istate,
1226 (const char *) mmap + src_offset,
1227 (char *) mmap + src_offset + 8,
1228 extsize) < 0)
1229 goto unmap;
1230 src_offset += 8;
1231 src_offset += extsize;
1233 munmap(mmap, mmap_size);
1234 return istate->cache_nr;
1236 unmap:
1237 munmap(mmap, mmap_size);
1238 errno = EINVAL;
1239 die("index file corrupt");
1242 int is_index_unborn(struct index_state *istate)
1244 return (!istate->cache_nr && !istate->alloc && !istate->timestamp);
1247 int discard_index(struct index_state *istate)
1249 istate->cache_nr = 0;
1250 istate->cache_changed = 0;
1251 istate->timestamp = 0;
1252 istate->name_hash_initialized = 0;
1253 free_hash(&istate->name_hash);
1254 cache_tree_free(&(istate->cache_tree));
1255 free(istate->alloc);
1256 istate->alloc = NULL;
1257 istate->initialized = 0;
1259 /* no need to throw away allocated active_cache */
1260 return 0;
1263 int unmerged_index(const struct index_state *istate)
1265 int i;
1266 for (i = 0; i < istate->cache_nr; i++) {
1267 if (ce_stage(istate->cache[i]))
1268 return 1;
1270 return 0;
1273 #define WRITE_BUFFER_SIZE 8192
1274 static unsigned char write_buffer[WRITE_BUFFER_SIZE];
1275 static unsigned long write_buffer_len;
1277 static int ce_write_flush(SHA_CTX *context, int fd)
1279 unsigned int buffered = write_buffer_len;
1280 if (buffered) {
1281 SHA1_Update(context, write_buffer, buffered);
1282 if (write_in_full(fd, write_buffer, buffered) != buffered)
1283 return -1;
1284 write_buffer_len = 0;
1286 return 0;
1289 static int ce_write(SHA_CTX *context, int fd, void *data, unsigned int len)
1291 while (len) {
1292 unsigned int buffered = write_buffer_len;
1293 unsigned int partial = WRITE_BUFFER_SIZE - buffered;
1294 if (partial > len)
1295 partial = len;
1296 memcpy(write_buffer + buffered, data, partial);
1297 buffered += partial;
1298 if (buffered == WRITE_BUFFER_SIZE) {
1299 write_buffer_len = buffered;
1300 if (ce_write_flush(context, fd))
1301 return -1;
1302 buffered = 0;
1304 write_buffer_len = buffered;
1305 len -= partial;
1306 data = (char *) data + partial;
1308 return 0;
1311 static int write_index_ext_header(SHA_CTX *context, int fd,
1312 unsigned int ext, unsigned int sz)
1314 ext = htonl(ext);
1315 sz = htonl(sz);
1316 return ((ce_write(context, fd, &ext, 4) < 0) ||
1317 (ce_write(context, fd, &sz, 4) < 0)) ? -1 : 0;
1320 static int ce_flush(SHA_CTX *context, int fd)
1322 unsigned int left = write_buffer_len;
1324 if (left) {
1325 write_buffer_len = 0;
1326 SHA1_Update(context, write_buffer, left);
1329 /* Flush first if not enough space for SHA1 signature */
1330 if (left + 20 > WRITE_BUFFER_SIZE) {
1331 if (write_in_full(fd, write_buffer, left) != left)
1332 return -1;
1333 left = 0;
1336 /* Append the SHA1 signature at the end */
1337 SHA1_Final(write_buffer + left, context);
1338 left += 20;
1339 return (write_in_full(fd, write_buffer, left) != left) ? -1 : 0;
1342 static void ce_smudge_racily_clean_entry(struct cache_entry *ce)
1345 * The only thing we care about in this function is to smudge the
1346 * falsely clean entry due to touch-update-touch race, so we leave
1347 * everything else as they are. We are called for entries whose
1348 * ce_mtime match the index file mtime.
1350 * Note that this actually does not do much for gitlinks, for
1351 * which ce_match_stat_basic() always goes to the actual
1352 * contents. The caller checks with is_racy_timestamp() which
1353 * always says "no" for gitlinks, so we are not called for them ;-)
1355 struct stat st;
1357 if (lstat(ce->name, &st) < 0)
1358 return;
1359 if (ce_match_stat_basic(ce, &st))
1360 return;
1361 if (ce_modified_check_fs(ce, &st)) {
1362 /* This is "racily clean"; smudge it. Note that this
1363 * is a tricky code. At first glance, it may appear
1364 * that it can break with this sequence:
1366 * $ echo xyzzy >frotz
1367 * $ git-update-index --add frotz
1368 * $ : >frotz
1369 * $ sleep 3
1370 * $ echo filfre >nitfol
1371 * $ git-update-index --add nitfol
1373 * but it does not. When the second update-index runs,
1374 * it notices that the entry "frotz" has the same timestamp
1375 * as index, and if we were to smudge it by resetting its
1376 * size to zero here, then the object name recorded
1377 * in index is the 6-byte file but the cached stat information
1378 * becomes zero --- which would then match what we would
1379 * obtain from the filesystem next time we stat("frotz").
1381 * However, the second update-index, before calling
1382 * this function, notices that the cached size is 6
1383 * bytes and what is on the filesystem is an empty
1384 * file, and never calls us, so the cached size information
1385 * for "frotz" stays 6 which does not match the filesystem.
1387 ce->ce_size = 0;
1391 static int ce_write_entry(SHA_CTX *c, int fd, struct cache_entry *ce)
1393 int size = ondisk_ce_size(ce);
1394 struct ondisk_cache_entry *ondisk = xcalloc(1, size);
1396 ondisk->ctime.sec = htonl(ce->ce_ctime);
1397 ondisk->ctime.nsec = 0;
1398 ondisk->mtime.sec = htonl(ce->ce_mtime);
1399 ondisk->mtime.nsec = 0;
1400 ondisk->dev = htonl(ce->ce_dev);
1401 ondisk->ino = htonl(ce->ce_ino);
1402 ondisk->mode = htonl(ce->ce_mode);
1403 ondisk->uid = htonl(ce->ce_uid);
1404 ondisk->gid = htonl(ce->ce_gid);
1405 ondisk->size = htonl(ce->ce_size);
1406 hashcpy(ondisk->sha1, ce->sha1);
1407 ondisk->flags = htons(ce->ce_flags);
1408 memcpy(ondisk->name, ce->name, ce_namelen(ce));
1410 return ce_write(c, fd, ondisk, size);
1413 int write_index(const struct index_state *istate, int newfd)
1415 SHA_CTX c;
1416 struct cache_header hdr;
1417 int i, err, removed;
1418 struct cache_entry **cache = istate->cache;
1419 int entries = istate->cache_nr;
1421 for (i = removed = 0; i < entries; i++)
1422 if (cache[i]->ce_flags & CE_REMOVE)
1423 removed++;
1425 hdr.hdr_signature = htonl(CACHE_SIGNATURE);
1426 hdr.hdr_version = htonl(2);
1427 hdr.hdr_entries = htonl(entries - removed);
1429 SHA1_Init(&c);
1430 if (ce_write(&c, newfd, &hdr, sizeof(hdr)) < 0)
1431 return -1;
1433 for (i = 0; i < entries; i++) {
1434 struct cache_entry *ce = cache[i];
1435 if (ce->ce_flags & CE_REMOVE)
1436 continue;
1437 if (!ce_uptodate(ce) && is_racy_timestamp(istate, ce))
1438 ce_smudge_racily_clean_entry(ce);
1439 if (ce_write_entry(&c, newfd, ce) < 0)
1440 return -1;
1443 /* Write extension data here */
1444 if (istate->cache_tree) {
1445 struct strbuf sb;
1447 strbuf_init(&sb, 0);
1448 cache_tree_write(&sb, istate->cache_tree);
1449 err = write_index_ext_header(&c, newfd, CACHE_EXT_TREE, sb.len) < 0
1450 || ce_write(&c, newfd, sb.buf, sb.len) < 0;
1451 strbuf_release(&sb);
1452 if (err)
1453 return -1;
1455 return ce_flush(&c, newfd);
1459 * Read the index file that is potentially unmerged into given
1460 * index_state, dropping any unmerged entries. Returns true is
1461 * the index is unmerged. Callers who want to refuse to work
1462 * from an unmerged state can call this and check its return value,
1463 * instead of calling read_cache().
1465 int read_index_unmerged(struct index_state *istate)
1467 int i;
1468 int unmerged = 0;
1470 read_index(istate);
1471 for (i = 0; i < istate->cache_nr; i++) {
1472 struct cache_entry *ce = istate->cache[i];
1473 struct cache_entry *new_ce;
1474 int size, len;
1476 if (!ce_stage(ce))
1477 continue;
1478 unmerged = 1;
1479 len = strlen(ce->name);
1480 size = cache_entry_size(len);
1481 new_ce = xcalloc(1, size);
1482 hashcpy(new_ce->sha1, ce->sha1);
1483 memcpy(new_ce->name, ce->name, len);
1484 new_ce->ce_flags = create_ce_flags(len, 0);
1485 new_ce->ce_mode = ce->ce_mode;
1486 if (add_index_entry(istate, new_ce, 0))
1487 return error("%s: cannot drop to stage #0",
1488 ce->name);
1489 i = index_name_pos(istate, new_ce->name, len);
1491 return unmerged;
1495 * Returns 1 if the path is an "other" path with respect to
1496 * the index; that is, the path is not mentioned in the index at all,
1497 * either as a file, a directory with some files in the index,
1498 * or as an unmerged entry.
1500 * We helpfully remove a trailing "/" from directories so that
1501 * the output of read_directory can be used as-is.
1503 int index_name_is_other(const struct index_state *istate, const char *name,
1504 int namelen)
1506 int pos;
1507 if (namelen && name[namelen - 1] == '/')
1508 namelen--;
1509 pos = index_name_pos(istate, name, namelen);
1510 if (0 <= pos)
1511 return 0; /* exact match */
1512 pos = -pos - 1;
1513 if (pos < istate->cache_nr) {
1514 struct cache_entry *ce = istate->cache[pos];
1515 if (ce_namelen(ce) == namelen &&
1516 !memcmp(ce->name, name, namelen))
1517 return 0; /* Yup, this one exists unmerged */
1519 return 1;