git-cvsserver: protect against NULL in crypt(3)
[git.git] / streaming.c
blob5f480ad50c415cc48a591adb29b46f00b67468d7
1 /*
2 * Copyright (c) 2011, Google Inc.
3 */
4 #include "cache.h"
5 #include "streaming.h"
6 #include "repository.h"
7 #include "object-store.h"
8 #include "replace-object.h"
9 #include "packfile.h"
11 typedef int (*open_istream_fn)(struct git_istream *,
12 struct repository *,
13 const struct object_id *,
14 enum object_type *);
15 typedef int (*close_istream_fn)(struct git_istream *);
16 typedef ssize_t (*read_istream_fn)(struct git_istream *, char *, size_t);
18 #define FILTER_BUFFER (1024*16)
20 struct filtered_istream {
21 struct git_istream *upstream;
22 struct stream_filter *filter;
23 char ibuf[FILTER_BUFFER];
24 char obuf[FILTER_BUFFER];
25 int i_end, i_ptr;
26 int o_end, o_ptr;
27 int input_finished;
30 struct git_istream {
31 open_istream_fn open;
32 close_istream_fn close;
33 read_istream_fn read;
35 unsigned long size; /* inflated size of full object */
36 git_zstream z;
37 enum { z_unused, z_used, z_done, z_error } z_state;
39 union {
40 struct {
41 char *buf; /* from read_object() */
42 unsigned long read_ptr;
43 } incore;
45 struct {
46 void *mapped;
47 unsigned long mapsize;
48 char hdr[32];
49 int hdr_avail;
50 int hdr_used;
51 } loose;
53 struct {
54 struct packed_git *pack;
55 off_t pos;
56 } in_pack;
58 struct filtered_istream filtered;
59 } u;
62 /*****************************************************************
64 * Common helpers
66 *****************************************************************/
68 static void close_deflated_stream(struct git_istream *st)
70 if (st->z_state == z_used)
71 git_inflate_end(&st->z);
75 /*****************************************************************
77 * Filtered stream
79 *****************************************************************/
81 static int close_istream_filtered(struct git_istream *st)
83 free_stream_filter(st->u.filtered.filter);
84 return close_istream(st->u.filtered.upstream);
87 static ssize_t read_istream_filtered(struct git_istream *st, char *buf,
88 size_t sz)
90 struct filtered_istream *fs = &(st->u.filtered);
91 size_t filled = 0;
93 while (sz) {
94 /* do we already have filtered output? */
95 if (fs->o_ptr < fs->o_end) {
96 size_t to_move = fs->o_end - fs->o_ptr;
97 if (sz < to_move)
98 to_move = sz;
99 memcpy(buf + filled, fs->obuf + fs->o_ptr, to_move);
100 fs->o_ptr += to_move;
101 sz -= to_move;
102 filled += to_move;
103 continue;
105 fs->o_end = fs->o_ptr = 0;
107 /* do we have anything to feed the filter with? */
108 if (fs->i_ptr < fs->i_end) {
109 size_t to_feed = fs->i_end - fs->i_ptr;
110 size_t to_receive = FILTER_BUFFER;
111 if (stream_filter(fs->filter,
112 fs->ibuf + fs->i_ptr, &to_feed,
113 fs->obuf, &to_receive))
114 return -1;
115 fs->i_ptr = fs->i_end - to_feed;
116 fs->o_end = FILTER_BUFFER - to_receive;
117 continue;
120 /* tell the filter to drain upon no more input */
121 if (fs->input_finished) {
122 size_t to_receive = FILTER_BUFFER;
123 if (stream_filter(fs->filter,
124 NULL, NULL,
125 fs->obuf, &to_receive))
126 return -1;
127 fs->o_end = FILTER_BUFFER - to_receive;
128 if (!fs->o_end)
129 break;
130 continue;
132 fs->i_end = fs->i_ptr = 0;
134 /* refill the input from the upstream */
135 if (!fs->input_finished) {
136 fs->i_end = read_istream(fs->upstream, fs->ibuf, FILTER_BUFFER);
137 if (fs->i_end < 0)
138 return -1;
139 if (fs->i_end)
140 continue;
142 fs->input_finished = 1;
144 return filled;
147 static struct git_istream *attach_stream_filter(struct git_istream *st,
148 struct stream_filter *filter)
150 struct git_istream *ifs = xmalloc(sizeof(*ifs));
151 struct filtered_istream *fs = &(ifs->u.filtered);
153 ifs->close = close_istream_filtered;
154 ifs->read = read_istream_filtered;
155 fs->upstream = st;
156 fs->filter = filter;
157 fs->i_end = fs->i_ptr = 0;
158 fs->o_end = fs->o_ptr = 0;
159 fs->input_finished = 0;
160 ifs->size = -1; /* unknown */
161 return ifs;
164 /*****************************************************************
166 * Loose object stream
168 *****************************************************************/
170 static ssize_t read_istream_loose(struct git_istream *st, char *buf, size_t sz)
172 size_t total_read = 0;
174 switch (st->z_state) {
175 case z_done:
176 return 0;
177 case z_error:
178 return -1;
179 default:
180 break;
183 if (st->u.loose.hdr_used < st->u.loose.hdr_avail) {
184 size_t to_copy = st->u.loose.hdr_avail - st->u.loose.hdr_used;
185 if (sz < to_copy)
186 to_copy = sz;
187 memcpy(buf, st->u.loose.hdr + st->u.loose.hdr_used, to_copy);
188 st->u.loose.hdr_used += to_copy;
189 total_read += to_copy;
192 while (total_read < sz) {
193 int status;
195 st->z.next_out = (unsigned char *)buf + total_read;
196 st->z.avail_out = sz - total_read;
197 status = git_inflate(&st->z, Z_FINISH);
199 total_read = st->z.next_out - (unsigned char *)buf;
201 if (status == Z_STREAM_END) {
202 git_inflate_end(&st->z);
203 st->z_state = z_done;
204 break;
206 if (status != Z_OK && (status != Z_BUF_ERROR || total_read < sz)) {
207 git_inflate_end(&st->z);
208 st->z_state = z_error;
209 return -1;
212 return total_read;
215 static int close_istream_loose(struct git_istream *st)
217 close_deflated_stream(st);
218 munmap(st->u.loose.mapped, st->u.loose.mapsize);
219 return 0;
222 static int open_istream_loose(struct git_istream *st, struct repository *r,
223 const struct object_id *oid,
224 enum object_type *type)
226 st->u.loose.mapped = map_loose_object(r, oid, &st->u.loose.mapsize);
227 if (!st->u.loose.mapped)
228 return -1;
229 if ((unpack_loose_header(&st->z,
230 st->u.loose.mapped,
231 st->u.loose.mapsize,
232 st->u.loose.hdr,
233 sizeof(st->u.loose.hdr)) < 0) ||
234 (parse_loose_header(st->u.loose.hdr, &st->size) < 0)) {
235 git_inflate_end(&st->z);
236 munmap(st->u.loose.mapped, st->u.loose.mapsize);
237 return -1;
240 st->u.loose.hdr_used = strlen(st->u.loose.hdr) + 1;
241 st->u.loose.hdr_avail = st->z.total_out;
242 st->z_state = z_used;
243 st->close = close_istream_loose;
244 st->read = read_istream_loose;
246 return 0;
250 /*****************************************************************
252 * Non-delta packed object stream
254 *****************************************************************/
256 static ssize_t read_istream_pack_non_delta(struct git_istream *st, char *buf,
257 size_t sz)
259 size_t total_read = 0;
261 switch (st->z_state) {
262 case z_unused:
263 memset(&st->z, 0, sizeof(st->z));
264 git_inflate_init(&st->z);
265 st->z_state = z_used;
266 break;
267 case z_done:
268 return 0;
269 case z_error:
270 return -1;
271 case z_used:
272 break;
275 while (total_read < sz) {
276 int status;
277 struct pack_window *window = NULL;
278 unsigned char *mapped;
280 mapped = use_pack(st->u.in_pack.pack, &window,
281 st->u.in_pack.pos, &st->z.avail_in);
283 st->z.next_out = (unsigned char *)buf + total_read;
284 st->z.avail_out = sz - total_read;
285 st->z.next_in = mapped;
286 status = git_inflate(&st->z, Z_FINISH);
288 st->u.in_pack.pos += st->z.next_in - mapped;
289 total_read = st->z.next_out - (unsigned char *)buf;
290 unuse_pack(&window);
292 if (status == Z_STREAM_END) {
293 git_inflate_end(&st->z);
294 st->z_state = z_done;
295 break;
299 * Unlike the loose object case, we do not have to worry here
300 * about running out of input bytes and spinning infinitely. If
301 * we get Z_BUF_ERROR due to too few input bytes, then we'll
302 * replenish them in the next use_pack() call when we loop. If
303 * we truly hit the end of the pack (i.e., because it's corrupt
304 * or truncated), then use_pack() catches that and will die().
306 if (status != Z_OK && status != Z_BUF_ERROR) {
307 git_inflate_end(&st->z);
308 st->z_state = z_error;
309 return -1;
312 return total_read;
315 static int close_istream_pack_non_delta(struct git_istream *st)
317 close_deflated_stream(st);
318 return 0;
321 static int open_istream_pack_non_delta(struct git_istream *st,
322 struct repository *r,
323 const struct object_id *oid,
324 enum object_type *type)
326 struct pack_window *window;
327 enum object_type in_pack_type;
329 window = NULL;
331 in_pack_type = unpack_object_header(st->u.in_pack.pack,
332 &window,
333 &st->u.in_pack.pos,
334 &st->size);
335 unuse_pack(&window);
336 switch (in_pack_type) {
337 default:
338 return -1; /* we do not do deltas for now */
339 case OBJ_COMMIT:
340 case OBJ_TREE:
341 case OBJ_BLOB:
342 case OBJ_TAG:
343 break;
345 st->z_state = z_unused;
346 st->close = close_istream_pack_non_delta;
347 st->read = read_istream_pack_non_delta;
349 return 0;
353 /*****************************************************************
355 * In-core stream
357 *****************************************************************/
359 static int close_istream_incore(struct git_istream *st)
361 free(st->u.incore.buf);
362 return 0;
365 static ssize_t read_istream_incore(struct git_istream *st, char *buf, size_t sz)
367 size_t read_size = sz;
368 size_t remainder = st->size - st->u.incore.read_ptr;
370 if (remainder <= read_size)
371 read_size = remainder;
372 if (read_size) {
373 memcpy(buf, st->u.incore.buf + st->u.incore.read_ptr, read_size);
374 st->u.incore.read_ptr += read_size;
376 return read_size;
379 static int open_istream_incore(struct git_istream *st, struct repository *r,
380 const struct object_id *oid, enum object_type *type)
382 st->u.incore.buf = read_object_file_extended(r, oid, type, &st->size, 0);
383 st->u.incore.read_ptr = 0;
384 st->close = close_istream_incore;
385 st->read = read_istream_incore;
387 return st->u.incore.buf ? 0 : -1;
390 /*****************************************************************************
391 * static helpers variables and functions for users of streaming interface
392 *****************************************************************************/
394 static int istream_source(struct git_istream *st,
395 struct repository *r,
396 const struct object_id *oid,
397 enum object_type *type)
399 unsigned long size;
400 int status;
401 struct object_info oi = OBJECT_INFO_INIT;
403 oi.typep = type;
404 oi.sizep = &size;
405 status = oid_object_info_extended(r, oid, &oi, 0);
406 if (status < 0)
407 return status;
409 switch (oi.whence) {
410 case OI_LOOSE:
411 st->open = open_istream_loose;
412 return 0;
413 case OI_PACKED:
414 if (!oi.u.packed.is_delta && big_file_threshold < size) {
415 st->u.in_pack.pack = oi.u.packed.pack;
416 st->u.in_pack.pos = oi.u.packed.offset;
417 st->open = open_istream_pack_non_delta;
418 return 0;
420 /* fallthru */
421 default:
422 st->open = open_istream_incore;
423 return 0;
427 /****************************************************************
428 * Users of streaming interface
429 ****************************************************************/
431 int close_istream(struct git_istream *st)
433 int r = st->close(st);
434 free(st);
435 return r;
438 ssize_t read_istream(struct git_istream *st, void *buf, size_t sz)
440 return st->read(st, buf, sz);
443 struct git_istream *open_istream(struct repository *r,
444 const struct object_id *oid,
445 enum object_type *type,
446 unsigned long *size,
447 struct stream_filter *filter)
449 struct git_istream *st = xmalloc(sizeof(*st));
450 const struct object_id *real = lookup_replace_object(r, oid);
451 int ret = istream_source(st, r, real, type);
453 if (ret) {
454 free(st);
455 return NULL;
458 if (st->open(st, r, real, type)) {
459 if (open_istream_incore(st, r, real, type)) {
460 free(st);
461 return NULL;
464 if (filter) {
465 /* Add "&& !is_null_stream_filter(filter)" for performance */
466 struct git_istream *nst = attach_stream_filter(st, filter);
467 if (!nst) {
468 close_istream(st);
469 return NULL;
471 st = nst;
474 *size = st->size;
475 return st;
478 int stream_blob_to_fd(int fd, const struct object_id *oid, struct stream_filter *filter,
479 int can_seek)
481 struct git_istream *st;
482 enum object_type type;
483 unsigned long sz;
484 ssize_t kept = 0;
485 int result = -1;
487 st = open_istream(the_repository, oid, &type, &sz, filter);
488 if (!st) {
489 if (filter)
490 free_stream_filter(filter);
491 return result;
493 if (type != OBJ_BLOB)
494 goto close_and_exit;
495 for (;;) {
496 char buf[1024 * 16];
497 ssize_t wrote, holeto;
498 ssize_t readlen = read_istream(st, buf, sizeof(buf));
500 if (readlen < 0)
501 goto close_and_exit;
502 if (!readlen)
503 break;
504 if (can_seek && sizeof(buf) == readlen) {
505 for (holeto = 0; holeto < readlen; holeto++)
506 if (buf[holeto])
507 break;
508 if (readlen == holeto) {
509 kept += holeto;
510 continue;
514 if (kept && lseek(fd, kept, SEEK_CUR) == (off_t) -1)
515 goto close_and_exit;
516 else
517 kept = 0;
518 wrote = write_in_full(fd, buf, readlen);
520 if (wrote < 0)
521 goto close_and_exit;
523 if (kept && (lseek(fd, kept - 1, SEEK_CUR) == (off_t) -1 ||
524 xwrite(fd, "", 1) != 1))
525 goto close_and_exit;
526 result = 0;
528 close_and_exit:
529 close_istream(st);
530 return result;