Merge branch 'ds/avoid-overflow-in-midpoint-computation'
[alt-git.git] / pack-write.c
blobfea62841920c9647edfcfba249a59bfb91170d8e
1 #include "cache.h"
2 #include "pack.h"
3 #include "csum-file.h"
5 void reset_pack_idx_option(struct pack_idx_option *opts)
7 memset(opts, 0, sizeof(*opts));
8 opts->version = 2;
9 opts->off32_limit = 0x7fffffff;
12 static int sha1_compare(const void *_a, const void *_b)
14 struct pack_idx_entry *a = *(struct pack_idx_entry **)_a;
15 struct pack_idx_entry *b = *(struct pack_idx_entry **)_b;
16 return oidcmp(&a->oid, &b->oid);
19 static int cmp_uint32(const void *a_, const void *b_)
21 uint32_t a = *((uint32_t *)a_);
22 uint32_t b = *((uint32_t *)b_);
24 return (a < b) ? -1 : (a != b);
27 static int need_large_offset(off_t offset, const struct pack_idx_option *opts)
29 uint32_t ofsval;
31 if ((offset >> 31) || (opts->off32_limit < offset))
32 return 1;
33 if (!opts->anomaly_nr)
34 return 0;
35 ofsval = offset;
36 return !!bsearch(&ofsval, opts->anomaly, opts->anomaly_nr,
37 sizeof(ofsval), cmp_uint32);
41 * On entry *sha1 contains the pack content SHA1 hash, on exit it is
42 * the SHA1 hash of sorted object names. The objects array passed in
43 * will be sorted by SHA1 on exit.
45 const char *write_idx_file(const char *index_name, struct pack_idx_entry **objects,
46 int nr_objects, const struct pack_idx_option *opts,
47 const unsigned char *sha1)
49 struct sha1file *f;
50 struct pack_idx_entry **sorted_by_sha, **list, **last;
51 off_t last_obj_offset = 0;
52 uint32_t array[256];
53 int i, fd;
54 uint32_t index_version;
56 if (nr_objects) {
57 sorted_by_sha = objects;
58 list = sorted_by_sha;
59 last = sorted_by_sha + nr_objects;
60 for (i = 0; i < nr_objects; ++i) {
61 if (objects[i]->offset > last_obj_offset)
62 last_obj_offset = objects[i]->offset;
64 QSORT(sorted_by_sha, nr_objects, sha1_compare);
66 else
67 sorted_by_sha = list = last = NULL;
69 if (opts->flags & WRITE_IDX_VERIFY) {
70 assert(index_name);
71 f = sha1fd_check(index_name);
72 } else {
73 if (!index_name) {
74 struct strbuf tmp_file = STRBUF_INIT;
75 fd = odb_mkstemp(&tmp_file, "pack/tmp_idx_XXXXXX");
76 index_name = strbuf_detach(&tmp_file, NULL);
77 } else {
78 unlink(index_name);
79 fd = open(index_name, O_CREAT|O_EXCL|O_WRONLY, 0600);
80 if (fd < 0)
81 die_errno("unable to create '%s'", index_name);
83 f = sha1fd(fd, index_name);
86 /* if last object's offset is >= 2^31 we should use index V2 */
87 index_version = need_large_offset(last_obj_offset, opts) ? 2 : opts->version;
89 /* index versions 2 and above need a header */
90 if (index_version >= 2) {
91 struct pack_idx_header hdr;
92 hdr.idx_signature = htonl(PACK_IDX_SIGNATURE);
93 hdr.idx_version = htonl(index_version);
94 sha1write(f, &hdr, sizeof(hdr));
98 * Write the first-level table (the list is sorted,
99 * but we use a 256-entry lookup to be able to avoid
100 * having to do eight extra binary search iterations).
102 for (i = 0; i < 256; i++) {
103 struct pack_idx_entry **next = list;
104 while (next < last) {
105 struct pack_idx_entry *obj = *next;
106 if (obj->oid.hash[0] != i)
107 break;
108 next++;
110 array[i] = htonl(next - sorted_by_sha);
111 list = next;
113 sha1write(f, array, 256 * 4);
116 * Write the actual SHA1 entries..
118 list = sorted_by_sha;
119 for (i = 0; i < nr_objects; i++) {
120 struct pack_idx_entry *obj = *list++;
121 if (index_version < 2) {
122 uint32_t offset = htonl(obj->offset);
123 sha1write(f, &offset, 4);
125 sha1write(f, obj->oid.hash, 20);
126 if ((opts->flags & WRITE_IDX_STRICT) &&
127 (i && !oidcmp(&list[-2]->oid, &obj->oid)))
128 die("The same object %s appears twice in the pack",
129 oid_to_hex(&obj->oid));
132 if (index_version >= 2) {
133 unsigned int nr_large_offset = 0;
135 /* write the crc32 table */
136 list = sorted_by_sha;
137 for (i = 0; i < nr_objects; i++) {
138 struct pack_idx_entry *obj = *list++;
139 uint32_t crc32_val = htonl(obj->crc32);
140 sha1write(f, &crc32_val, 4);
143 /* write the 32-bit offset table */
144 list = sorted_by_sha;
145 for (i = 0; i < nr_objects; i++) {
146 struct pack_idx_entry *obj = *list++;
147 uint32_t offset;
149 offset = (need_large_offset(obj->offset, opts)
150 ? (0x80000000 | nr_large_offset++)
151 : obj->offset);
152 offset = htonl(offset);
153 sha1write(f, &offset, 4);
156 /* write the large offset table */
157 list = sorted_by_sha;
158 while (nr_large_offset) {
159 struct pack_idx_entry *obj = *list++;
160 uint64_t offset = obj->offset;
161 uint32_t split[2];
163 if (!need_large_offset(offset, opts))
164 continue;
165 split[0] = htonl(offset >> 32);
166 split[1] = htonl(offset & 0xffffffff);
167 sha1write(f, split, 8);
168 nr_large_offset--;
172 sha1write(f, sha1, 20);
173 sha1close(f, NULL, ((opts->flags & WRITE_IDX_VERIFY)
174 ? CSUM_CLOSE : CSUM_FSYNC));
175 return index_name;
178 off_t write_pack_header(struct sha1file *f, uint32_t nr_entries)
180 struct pack_header hdr;
182 hdr.hdr_signature = htonl(PACK_SIGNATURE);
183 hdr.hdr_version = htonl(PACK_VERSION);
184 hdr.hdr_entries = htonl(nr_entries);
185 sha1write(f, &hdr, sizeof(hdr));
186 return sizeof(hdr);
190 * Update pack header with object_count and compute new SHA1 for pack data
191 * associated to pack_fd, and write that SHA1 at the end. That new SHA1
192 * is also returned in new_pack_sha1.
194 * If partial_pack_sha1 is non null, then the SHA1 of the existing pack
195 * (without the header update) is computed and validated against the
196 * one provided in partial_pack_sha1. The validation is performed at
197 * partial_pack_offset bytes in the pack file. The SHA1 of the remaining
198 * data (i.e. from partial_pack_offset to the end) is then computed and
199 * returned in partial_pack_sha1.
201 * Note that new_pack_sha1 is updated last, so both new_pack_sha1 and
202 * partial_pack_sha1 can refer to the same buffer if the caller is not
203 * interested in the resulting SHA1 of pack data above partial_pack_offset.
205 void fixup_pack_header_footer(int pack_fd,
206 unsigned char *new_pack_sha1,
207 const char *pack_name,
208 uint32_t object_count,
209 unsigned char *partial_pack_sha1,
210 off_t partial_pack_offset)
212 int aligned_sz, buf_sz = 8 * 1024;
213 git_SHA_CTX old_sha1_ctx, new_sha1_ctx;
214 struct pack_header hdr;
215 char *buf;
216 ssize_t read_result;
218 git_SHA1_Init(&old_sha1_ctx);
219 git_SHA1_Init(&new_sha1_ctx);
221 if (lseek(pack_fd, 0, SEEK_SET) != 0)
222 die_errno("Failed seeking to start of '%s'", pack_name);
223 read_result = read_in_full(pack_fd, &hdr, sizeof(hdr));
224 if (read_result < 0)
225 die_errno("Unable to reread header of '%s'", pack_name);
226 else if (read_result != sizeof(hdr))
227 die_errno("Unexpected short read for header of '%s'",
228 pack_name);
229 if (lseek(pack_fd, 0, SEEK_SET) != 0)
230 die_errno("Failed seeking to start of '%s'", pack_name);
231 git_SHA1_Update(&old_sha1_ctx, &hdr, sizeof(hdr));
232 hdr.hdr_entries = htonl(object_count);
233 git_SHA1_Update(&new_sha1_ctx, &hdr, sizeof(hdr));
234 write_or_die(pack_fd, &hdr, sizeof(hdr));
235 partial_pack_offset -= sizeof(hdr);
237 buf = xmalloc(buf_sz);
238 aligned_sz = buf_sz - sizeof(hdr);
239 for (;;) {
240 ssize_t m, n;
241 m = (partial_pack_sha1 && partial_pack_offset < aligned_sz) ?
242 partial_pack_offset : aligned_sz;
243 n = xread(pack_fd, buf, m);
244 if (!n)
245 break;
246 if (n < 0)
247 die_errno("Failed to checksum '%s'", pack_name);
248 git_SHA1_Update(&new_sha1_ctx, buf, n);
250 aligned_sz -= n;
251 if (!aligned_sz)
252 aligned_sz = buf_sz;
254 if (!partial_pack_sha1)
255 continue;
257 git_SHA1_Update(&old_sha1_ctx, buf, n);
258 partial_pack_offset -= n;
259 if (partial_pack_offset == 0) {
260 unsigned char sha1[20];
261 git_SHA1_Final(sha1, &old_sha1_ctx);
262 if (hashcmp(sha1, partial_pack_sha1) != 0)
263 die("Unexpected checksum for %s "
264 "(disk corruption?)", pack_name);
266 * Now let's compute the SHA1 of the remainder of the
267 * pack, which also means making partial_pack_offset
268 * big enough not to matter anymore.
270 git_SHA1_Init(&old_sha1_ctx);
271 partial_pack_offset = ~partial_pack_offset;
272 partial_pack_offset -= MSB(partial_pack_offset, 1);
275 free(buf);
277 if (partial_pack_sha1)
278 git_SHA1_Final(partial_pack_sha1, &old_sha1_ctx);
279 git_SHA1_Final(new_pack_sha1, &new_sha1_ctx);
280 write_or_die(pack_fd, new_pack_sha1, 20);
281 fsync_or_die(pack_fd, pack_name);
284 char *index_pack_lockfile(int ip_out)
286 char packname[46];
289 * The first thing we expect from index-pack's output
290 * is "pack\t%40s\n" or "keep\t%40s\n" (46 bytes) where
291 * %40s is the newly created pack SHA1 name. In the "keep"
292 * case, we need it to remove the corresponding .keep file
293 * later on. If we don't get that then tough luck with it.
295 if (read_in_full(ip_out, packname, 46) == 46 && packname[45] == '\n') {
296 const char *name;
297 packname[45] = 0;
298 if (skip_prefix(packname, "keep\t", &name))
299 return xstrfmt("%s/pack/pack-%s.keep",
300 get_object_directory(), name);
302 return NULL;
306 * The per-object header is a pretty dense thing, which is
307 * - first byte: low four bits are "size", then three bits of "type",
308 * and the high bit is "size continues".
309 * - each byte afterwards: low seven bits are size continuation,
310 * with the high bit being "size continues"
312 int encode_in_pack_object_header(unsigned char *hdr, int hdr_len,
313 enum object_type type, uintmax_t size)
315 int n = 1;
316 unsigned char c;
318 if (type < OBJ_COMMIT || type > OBJ_REF_DELTA)
319 die("bad type %d", type);
321 c = (type << 4) | (size & 15);
322 size >>= 4;
323 while (size) {
324 if (n == hdr_len)
325 die("object size is too enormous to format");
326 *hdr++ = c | 0x80;
327 c = size & 0x7f;
328 size >>= 7;
329 n++;
331 *hdr = c;
332 return n;
335 struct sha1file *create_tmp_packfile(char **pack_tmp_name)
337 struct strbuf tmpname = STRBUF_INIT;
338 int fd;
340 fd = odb_mkstemp(&tmpname, "pack/tmp_pack_XXXXXX");
341 *pack_tmp_name = strbuf_detach(&tmpname, NULL);
342 return sha1fd(fd, *pack_tmp_name);
345 void finish_tmp_packfile(struct strbuf *name_buffer,
346 const char *pack_tmp_name,
347 struct pack_idx_entry **written_list,
348 uint32_t nr_written,
349 struct pack_idx_option *pack_idx_opts,
350 unsigned char sha1[])
352 const char *idx_tmp_name;
353 int basename_len = name_buffer->len;
355 if (adjust_shared_perm(pack_tmp_name))
356 die_errno("unable to make temporary pack file readable");
358 idx_tmp_name = write_idx_file(NULL, written_list, nr_written,
359 pack_idx_opts, sha1);
360 if (adjust_shared_perm(idx_tmp_name))
361 die_errno("unable to make temporary index file readable");
363 strbuf_addf(name_buffer, "%s.pack", sha1_to_hex(sha1));
365 if (rename(pack_tmp_name, name_buffer->buf))
366 die_errno("unable to rename temporary pack file");
368 strbuf_setlen(name_buffer, basename_len);
370 strbuf_addf(name_buffer, "%s.idx", sha1_to_hex(sha1));
371 if (rename(idx_tmp_name, name_buffer->buf))
372 die_errno("unable to rename temporary index file");
374 strbuf_setlen(name_buffer, basename_len);
376 free((void *)idx_tmp_name);