rerere: make sure it works even in a workdir attached to a young repository
[git/git.git] / sha1_file.c
1 /*
2 * GIT - The information manager from hell
3 *
4 * Copyright (C) Linus Torvalds, 2005
5 *
6 * This handles basic git sha1 object files - packing, unpacking,
7 * creation etc.
8 */
9 #include "cache.h"
10 #include "delta.h"
11 #include "pack.h"
12 #include "blob.h"
13 #include "commit.h"
14 #include "tag.h"
15 #include "tree.h"
16 #include "refs.h"
17 #include "pack-revindex.h"
18 #include "sha1-lookup.h"
19
20 #ifndef O_NOATIME
21 #if defined(__linux__) && (defined(__i386__) || defined(__PPC__))
22 #define O_NOATIME 01000000
23 #else
24 #define O_NOATIME 0
25 #endif
26 #endif
27
28 #ifdef NO_C99_FORMAT
29 #define SZ_FMT "lu"
30 static unsigned long sz_fmt(size_t s) { return (unsigned long)s; }
31 #else
32 #define SZ_FMT "zu"
33 static size_t sz_fmt(size_t s) { return s; }
34 #endif
35
36 const unsigned char null_sha1[20];
37
38 static inline int offset_1st_component(const char *path)
39 {
40 if (has_dos_drive_prefix(path))
41 return 2 + (path[2] == '/');
42 return *path == '/';
43 }
44
45 int mkdir_in_gitdir(const char *path)
46 {
47 if (mkdir(path, 0777)) {
48 int saved_errno = errno;
49 struct stat st;
50 struct strbuf sb = STRBUF_INIT;
51
52 if (errno != EEXIST)
53 return -1;
54 /*
55 * Are we looking at a path in a symlinked worktree
56 * whose original repository does not yet have it?
57 * e.g. .git/rr-cache pointing at its original
58 * repository in which the user hasn't performed any
59 * conflict resolution yet?
60 */
61 if (lstat(path, &st) || !S_ISLNK(st.st_mode) ||
62 strbuf_readlink(&sb, path, st.st_size) ||
63 !is_absolute_path(sb.buf) ||
64 mkdir(sb.buf, 0777)) {
65 strbuf_release(&sb);
66 errno = saved_errno;
67 return -1;
68 }
69 strbuf_release(&sb);
70 }
71 return adjust_shared_perm(path);
72 }
73
74 int safe_create_leading_directories(char *path)
75 {
76 char *pos = path + offset_1st_component(path);
77 struct stat st;
78
79 while (pos) {
80 pos = strchr(pos, '/');
81 if (!pos)
82 break;
83 while (*++pos == '/')
84 ;
85 if (!*pos)
86 break;
87 *--pos = '\0';
88 if (!stat(path, &st)) {
89 /* path exists */
90 if (!S_ISDIR(st.st_mode)) {
91 *pos = '/';
92 return -3;
93 }
94 }
95 else if (mkdir(path, 0777)) {
96 *pos = '/';
97 return -1;
98 }
99 else if (adjust_shared_perm(path)) {
100 *pos = '/';
101 return -2;
102 }
103 *pos++ = '/';
104 }
105 return 0;
106 }
107
108 int safe_create_leading_directories_const(const char *path)
109 {
110 /* path points to cache entries, so xstrdup before messing with it */
111 char *buf = xstrdup(path);
112 int result = safe_create_leading_directories(buf);
113 free(buf);
114 return result;
115 }
116
117 static void fill_sha1_path(char *pathbuf, const unsigned char *sha1)
118 {
119 int i;
120 for (i = 0; i < 20; i++) {
121 static char hex[] = "0123456789abcdef";
122 unsigned int val = sha1[i];
123 char *pos = pathbuf + i*2 + (i > 0);
124 *pos++ = hex[val >> 4];
125 *pos = hex[val & 0xf];
126 }
127 }
128
129 /*
130 * NOTE! This returns a statically allocated buffer, so you have to be
131 * careful about using it. Do an "xstrdup()" if you need to save the
132 * filename.
133 *
134 * Also note that this returns the location for creating. Reading
135 * SHA1 file can happen from any alternate directory listed in the
136 * DB_ENVIRONMENT environment variable if it is not found in
137 * the primary object database.
138 */
139 char *sha1_file_name(const unsigned char *sha1)
140 {
141 static char *name, *base;
142
143 if (!base) {
144 const char *sha1_file_directory = get_object_directory();
145 int len = strlen(sha1_file_directory);
146 base = xmalloc(len + 60);
147 memcpy(base, sha1_file_directory, len);
148 memset(base+len, 0, 60);
149 base[len] = '/';
150 base[len+3] = '/';
151 name = base + len + 1;
152 }
153 fill_sha1_path(name, sha1);
154 return base;
155 }
156
157 static char *sha1_get_pack_name(const unsigned char *sha1,
158 char **name, char **base, const char *which)
159 {
160 static const char hex[] = "0123456789abcdef";
161 char *buf;
162 int i;
163
164 if (!*base) {
165 const char *sha1_file_directory = get_object_directory();
166 int len = strlen(sha1_file_directory);
167 *base = xmalloc(len + 60);
168 sprintf(*base, "%s/pack/pack-1234567890123456789012345678901234567890.%s",
169 sha1_file_directory, which);
170 *name = *base + len + 11;
171 }
172
173 buf = *name;
174
175 for (i = 0; i < 20; i++) {
176 unsigned int val = *sha1++;
177 *buf++ = hex[val >> 4];
178 *buf++ = hex[val & 0xf];
179 }
180
181 return *base;
182 }
183
184 char *sha1_pack_name(const unsigned char *sha1)
185 {
186 static char *name, *base;
187
188 return sha1_get_pack_name(sha1, &name, &base, "pack");
189 }
190
191 char *sha1_pack_index_name(const unsigned char *sha1)
192 {
193 static char *name, *base;
194
195 return sha1_get_pack_name(sha1, &name, &base, "idx");
196 }
197
198 struct alternate_object_database *alt_odb_list;
199 static struct alternate_object_database **alt_odb_tail;
200
201 static void read_info_alternates(const char * alternates, int depth);
202
203 /*
204 * Prepare alternate object database registry.
205 *
206 * The variable alt_odb_list points at the list of struct
207 * alternate_object_database. The elements on this list come from
208 * non-empty elements from colon separated ALTERNATE_DB_ENVIRONMENT
209 * environment variable, and $GIT_OBJECT_DIRECTORY/info/alternates,
210 * whose contents is similar to that environment variable but can be
211 * LF separated. Its base points at a statically allocated buffer that
212 * contains "/the/directory/corresponding/to/.git/objects/...", while
213 * its name points just after the slash at the end of ".git/objects/"
214 * in the example above, and has enough space to hold 40-byte hex
215 * SHA1, an extra slash for the first level indirection, and the
216 * terminating NUL.
217 */
218 static int link_alt_odb_entry(const char * entry, int len, const char * relative_base, int depth)
219 {
220 const char *objdir = get_object_directory();
221 struct alternate_object_database *ent;
222 struct alternate_object_database *alt;
223 /* 43 = 40-byte + 2 '/' + terminating NUL */
224 int pfxlen = len;
225 int entlen = pfxlen + 43;
226 int base_len = -1;
227
228 if (!is_absolute_path(entry) && relative_base) {
229 /* Relative alt-odb */
230 if (base_len < 0)
231 base_len = strlen(relative_base) + 1;
232 entlen += base_len;
233 pfxlen += base_len;
234 }
235 ent = xmalloc(sizeof(*ent) + entlen);
236
237 if (!is_absolute_path(entry) && relative_base) {
238 memcpy(ent->base, relative_base, base_len - 1);
239 ent->base[base_len - 1] = '/';
240 memcpy(ent->base + base_len, entry, len);
241 }
242 else
243 memcpy(ent->base, entry, pfxlen);
244
245 ent->name = ent->base + pfxlen + 1;
246 ent->base[pfxlen + 3] = '/';
247 ent->base[pfxlen] = ent->base[entlen-1] = 0;
248
249 /* Detect cases where alternate disappeared */
250 if (!is_directory(ent->base)) {
251 error("object directory %s does not exist; "
252 "check .git/objects/info/alternates.",
253 ent->base);
254 free(ent);
255 return -1;
256 }
257
258 /* Prevent the common mistake of listing the same
259 * thing twice, or object directory itself.
260 */
261 for (alt = alt_odb_list; alt; alt = alt->next) {
262 if (!memcmp(ent->base, alt->base, pfxlen)) {
263 free(ent);
264 return -1;
265 }
266 }
267 if (!memcmp(ent->base, objdir, pfxlen)) {
268 free(ent);
269 return -1;
270 }
271
272 /* add the alternate entry */
273 *alt_odb_tail = ent;
274 alt_odb_tail = &(ent->next);
275 ent->next = NULL;
276
277 /* recursively add alternates */
278 read_info_alternates(ent->base, depth + 1);
279
280 ent->base[pfxlen] = '/';
281
282 return 0;
283 }
284
285 static void link_alt_odb_entries(const char *alt, const char *ep, int sep,
286 const char *relative_base, int depth)
287 {
288 const char *cp, *last;
289
290 if (depth > 5) {
291 error("%s: ignoring alternate object stores, nesting too deep.",
292 relative_base);
293 return;
294 }
295
296 last = alt;
297 while (last < ep) {
298 cp = last;
299 if (cp < ep && *cp == '#') {
300 while (cp < ep && *cp != sep)
301 cp++;
302 last = cp + 1;
303 continue;
304 }
305 while (cp < ep && *cp != sep)
306 cp++;
307 if (last != cp) {
308 if (!is_absolute_path(last) && depth) {
309 error("%s: ignoring relative alternate object store %s",
310 relative_base, last);
311 } else {
312 link_alt_odb_entry(last, cp - last,
313 relative_base, depth);
314 }
315 }
316 while (cp < ep && *cp == sep)
317 cp++;
318 last = cp;
319 }
320 }
321
322 static void read_info_alternates(const char * relative_base, int depth)
323 {
324 char *map;
325 size_t mapsz;
326 struct stat st;
327 const char alt_file_name[] = "info/alternates";
328 /* Given that relative_base is no longer than PATH_MAX,
329 ensure that "path" has enough space to append "/", the
330 file name, "info/alternates", and a trailing NUL. */
331 char path[PATH_MAX + 1 + sizeof alt_file_name];
332 int fd;
333
334 sprintf(path, "%s/%s", relative_base, alt_file_name);
335 fd = open(path, O_RDONLY);
336 if (fd < 0)
337 return;
338 if (fstat(fd, &st) || (st.st_size == 0)) {
339 close(fd);
340 return;
341 }
342 mapsz = xsize_t(st.st_size);
343 map = xmmap(NULL, mapsz, PROT_READ, MAP_PRIVATE, fd, 0);
344 close(fd);
345
346 link_alt_odb_entries(map, map + mapsz, '\n', relative_base, depth);
347
348 munmap(map, mapsz);
349 }
350
351 void add_to_alternates_file(const char *reference)
352 {
353 struct lock_file *lock = xcalloc(1, sizeof(struct lock_file));
354 int fd = hold_lock_file_for_append(lock, git_path("objects/info/alternates"), LOCK_DIE_ON_ERROR);
355 char *alt = mkpath("%s/objects\n", reference);
356 write_or_die(fd, alt, strlen(alt));
357 if (commit_lock_file(lock))
358 die("could not close alternates file");
359 if (alt_odb_tail)
360 link_alt_odb_entries(alt, alt + strlen(alt), '\n', NULL, 0);
361 }
362
363 void foreach_alt_odb(alt_odb_fn fn, void *cb)
364 {
365 struct alternate_object_database *ent;
366
367 prepare_alt_odb();
368 for (ent = alt_odb_list; ent; ent = ent->next)
369 if (fn(ent, cb))
370 return;
371 }
372
373 void prepare_alt_odb(void)
374 {
375 const char *alt;
376
377 if (alt_odb_tail)
378 return;
379
380 alt = getenv(ALTERNATE_DB_ENVIRONMENT);
381 if (!alt) alt = "";
382
383 alt_odb_tail = &alt_odb_list;
384 link_alt_odb_entries(alt, alt + strlen(alt), PATH_SEP, NULL, 0);
385
386 read_info_alternates(get_object_directory(), 0);
387 }
388
389 static int has_loose_object_local(const unsigned char *sha1)
390 {
391 char *name = sha1_file_name(sha1);
392 return !access(name, F_OK);
393 }
394
395 int has_loose_object_nonlocal(const unsigned char *sha1)
396 {
397 struct alternate_object_database *alt;
398 prepare_alt_odb();
399 for (alt = alt_odb_list; alt; alt = alt->next) {
400 fill_sha1_path(alt->name, sha1);
401 if (!access(alt->base, F_OK))
402 return 1;
403 }
404 return 0;
405 }
406
407 static int has_loose_object(const unsigned char *sha1)
408 {
409 return has_loose_object_local(sha1) ||
410 has_loose_object_nonlocal(sha1);
411 }
412
413 static unsigned int pack_used_ctr;
414 static unsigned int pack_mmap_calls;
415 static unsigned int peak_pack_open_windows;
416 static unsigned int pack_open_windows;
417 static size_t peak_pack_mapped;
418 static size_t pack_mapped;
419 struct packed_git *packed_git;
420
421 void pack_report(void)
422 {
423 fprintf(stderr,
424 "pack_report: getpagesize() = %10" SZ_FMT "\n"
425 "pack_report: core.packedGitWindowSize = %10" SZ_FMT "\n"
426 "pack_report: core.packedGitLimit = %10" SZ_FMT "\n",
427 sz_fmt(getpagesize()),
428 sz_fmt(packed_git_window_size),
429 sz_fmt(packed_git_limit));
430 fprintf(stderr,
431 "pack_report: pack_used_ctr = %10u\n"
432 "pack_report: pack_mmap_calls = %10u\n"
433 "pack_report: pack_open_windows = %10u / %10u\n"
434 "pack_report: pack_mapped = "
435 "%10" SZ_FMT " / %10" SZ_FMT "\n",
436 pack_used_ctr,
437 pack_mmap_calls,
438 pack_open_windows, peak_pack_open_windows,
439 sz_fmt(pack_mapped), sz_fmt(peak_pack_mapped));
440 }
441
442 static int check_packed_git_idx(const char *path, struct packed_git *p)
443 {
444 void *idx_map;
445 struct pack_idx_header *hdr;
446 size_t idx_size;
447 uint32_t version, nr, i, *index;
448 int fd = open(path, O_RDONLY);
449 struct stat st;
450
451 if (fd < 0)
452 return -1;
453 if (fstat(fd, &st)) {
454 close(fd);
455 return -1;
456 }
457 idx_size = xsize_t(st.st_size);
458 if (idx_size < 4 * 256 + 20 + 20) {
459 close(fd);
460 return error("index file %s is too small", path);
461 }
462 idx_map = xmmap(NULL, idx_size, PROT_READ, MAP_PRIVATE, fd, 0);
463 close(fd);
464
465 hdr = idx_map;
466 if (hdr->idx_signature == htonl(PACK_IDX_SIGNATURE)) {
467 version = ntohl(hdr->idx_version);
468 if (version < 2 || version > 2) {
469 munmap(idx_map, idx_size);
470 return error("index file %s is version %"PRIu32
471 " and is not supported by this binary"
472 " (try upgrading GIT to a newer version)",
473 path, version);
474 }
475 } else
476 version = 1;
477
478 nr = 0;
479 index = idx_map;
480 if (version > 1)
481 index += 2; /* skip index header */
482 for (i = 0; i < 256; i++) {
483 uint32_t n = ntohl(index[i]);
484 if (n < nr) {
485 munmap(idx_map, idx_size);
486 return error("non-monotonic index %s", path);
487 }
488 nr = n;
489 }
490
491 if (version == 1) {
492 /*
493 * Total size:
494 * - 256 index entries 4 bytes each
495 * - 24-byte entries * nr (20-byte sha1 + 4-byte offset)
496 * - 20-byte SHA1 of the packfile
497 * - 20-byte SHA1 file checksum
498 */
499 if (idx_size != 4*256 + nr * 24 + 20 + 20) {
500 munmap(idx_map, idx_size);
501 return error("wrong index v1 file size in %s", path);
502 }
503 } else if (version == 2) {
504 /*
505 * Minimum size:
506 * - 8 bytes of header
507 * - 256 index entries 4 bytes each
508 * - 20-byte sha1 entry * nr
509 * - 4-byte crc entry * nr
510 * - 4-byte offset entry * nr
511 * - 20-byte SHA1 of the packfile
512 * - 20-byte SHA1 file checksum
513 * And after the 4-byte offset table might be a
514 * variable sized table containing 8-byte entries
515 * for offsets larger than 2^31.
516 */
517 unsigned long min_size = 8 + 4*256 + nr*(20 + 4 + 4) + 20 + 20;
518 unsigned long max_size = min_size;
519 if (nr)
520 max_size += (nr - 1)*8;
521 if (idx_size < min_size || idx_size > max_size) {
522 munmap(idx_map, idx_size);
523 return error("wrong index v2 file size in %s", path);
524 }
525 if (idx_size != min_size &&
526 /*
527 * make sure we can deal with large pack offsets.
528 * 31-bit signed offset won't be enough, neither
529 * 32-bit unsigned one will be.
530 */
531 (sizeof(off_t) <= 4)) {
532 munmap(idx_map, idx_size);
533 return error("pack too large for current definition of off_t in %s", path);
534 }
535 }
536
537 p->index_version = version;
538 p->index_data = idx_map;
539 p->index_size = idx_size;
540 p->num_objects = nr;
541 return 0;
542 }
543
544 int open_pack_index(struct packed_git *p)
545 {
546 char *idx_name;
547 int ret;
548
549 if (p->index_data)
550 return 0;
551
552 idx_name = xstrdup(p->pack_name);
553 strcpy(idx_name + strlen(idx_name) - strlen(".pack"), ".idx");
554 ret = check_packed_git_idx(idx_name, p);
555 free(idx_name);
556 return ret;
557 }
558
559 static void scan_windows(struct packed_git *p,
560 struct packed_git **lru_p,
561 struct pack_window **lru_w,
562 struct pack_window **lru_l)
563 {
564 struct pack_window *w, *w_l;
565
566 for (w_l = NULL, w = p->windows; w; w = w->next) {
567 if (!w->inuse_cnt) {
568 if (!*lru_w || w->last_used < (*lru_w)->last_used) {
569 *lru_p = p;
570 *lru_w = w;
571 *lru_l = w_l;
572 }
573 }
574 w_l = w;
575 }
576 }
577
578 static int unuse_one_window(struct packed_git *current, int keep_fd)
579 {
580 struct packed_git *p, *lru_p = NULL;
581 struct pack_window *lru_w = NULL, *lru_l = NULL;
582
583 if (current)
584 scan_windows(current, &lru_p, &lru_w, &lru_l);
585 for (p = packed_git; p; p = p->next)
586 scan_windows(p, &lru_p, &lru_w, &lru_l);
587 if (lru_p) {
588 munmap(lru_w->base, lru_w->len);
589 pack_mapped -= lru_w->len;
590 if (lru_l)
591 lru_l->next = lru_w->next;
592 else {
593 lru_p->windows = lru_w->next;
594 if (!lru_p->windows && lru_p->pack_fd != keep_fd) {
595 close(lru_p->pack_fd);
596 lru_p->pack_fd = -1;
597 }
598 }
599 free(lru_w);
600 pack_open_windows--;
601 return 1;
602 }
603 return 0;
604 }
605
606 void release_pack_memory(size_t need, int fd)
607 {
608 size_t cur = pack_mapped;
609 while (need >= (cur - pack_mapped) && unuse_one_window(NULL, fd))
610 ; /* nothing */
611 }
612
613 void close_pack_windows(struct packed_git *p)
614 {
615 while (p->windows) {
616 struct pack_window *w = p->windows;
617
618 if (w->inuse_cnt)
619 die("pack '%s' still has open windows to it",
620 p->pack_name);
621 munmap(w->base, w->len);
622 pack_mapped -= w->len;
623 pack_open_windows--;
624 p->windows = w->next;
625 free(w);
626 }
627 }
628
629 void unuse_pack(struct pack_window **w_cursor)
630 {
631 struct pack_window *w = *w_cursor;
632 if (w) {
633 w->inuse_cnt--;
634 *w_cursor = NULL;
635 }
636 }
637
638 /*
639 * This is used by git-repack in case a newly created pack happens to
640 * contain the same set of objects as an existing one. In that case
641 * the resulting file might be different even if its name would be the
642 * same. It is best to close any reference to the old pack before it is
643 * replaced on disk. Of course no index pointers nor windows for given pack
644 * must subsist at this point. If ever objects from this pack are requested
645 * again, the new version of the pack will be reinitialized through
646 * reprepare_packed_git().
647 */
648 void free_pack_by_name(const char *pack_name)
649 {
650 struct packed_git *p, **pp = &packed_git;
651
652 while (*pp) {
653 p = *pp;
654 if (strcmp(pack_name, p->pack_name) == 0) {
655 clear_delta_base_cache();
656 close_pack_windows(p);
657 if (p->pack_fd != -1)
658 close(p->pack_fd);
659 if (p->index_data)
660 munmap((void *)p->index_data, p->index_size);
661 free(p->bad_object_sha1);
662 *pp = p->next;
663 free(p);
664 return;
665 }
666 pp = &p->next;
667 }
668 }
669
670 /*
671 * Do not call this directly as this leaks p->pack_fd on error return;
672 * call open_packed_git() instead.
673 */
674 static int open_packed_git_1(struct packed_git *p)
675 {
676 struct stat st;
677 struct pack_header hdr;
678 unsigned char sha1[20];
679 unsigned char *idx_sha1;
680 long fd_flag;
681
682 if (!p->index_data && open_pack_index(p))
683 return error("packfile %s index unavailable", p->pack_name);
684
685 p->pack_fd = open(p->pack_name, O_RDONLY);
686 while (p->pack_fd < 0 && errno == EMFILE && unuse_one_window(p, -1))
687 p->pack_fd = open(p->pack_name, O_RDONLY);
688 if (p->pack_fd < 0 || fstat(p->pack_fd, &st))
689 return -1;
690
691 /* If we created the struct before we had the pack we lack size. */
692 if (!p->pack_size) {
693 if (!S_ISREG(st.st_mode))
694 return error("packfile %s not a regular file", p->pack_name);
695 p->pack_size = st.st_size;
696 } else if (p->pack_size != st.st_size)
697 return error("packfile %s size changed", p->pack_name);
698
699 /* We leave these file descriptors open with sliding mmap;
700 * there is no point keeping them open across exec(), though.
701 */
702 fd_flag = fcntl(p->pack_fd, F_GETFD, 0);
703 if (fd_flag < 0)
704 return error("cannot determine file descriptor flags");
705 fd_flag |= FD_CLOEXEC;
706 if (fcntl(p->pack_fd, F_SETFD, fd_flag) == -1)
707 return error("cannot set FD_CLOEXEC");
708
709 /* Verify we recognize this pack file format. */
710 if (read_in_full(p->pack_fd, &hdr, sizeof(hdr)) != sizeof(hdr))
711 return error("file %s is far too short to be a packfile", p->pack_name);
712 if (hdr.hdr_signature != htonl(PACK_SIGNATURE))
713 return error("file %s is not a GIT packfile", p->pack_name);
714 if (!pack_version_ok(hdr.hdr_version))
715 return error("packfile %s is version %"PRIu32" and not"
716 " supported (try upgrading GIT to a newer version)",
717 p->pack_name, ntohl(hdr.hdr_version));
718
719 /* Verify the pack matches its index. */
720 if (p->num_objects != ntohl(hdr.hdr_entries))
721 return error("packfile %s claims to have %"PRIu32" objects"
722 " while index indicates %"PRIu32" objects",
723 p->pack_name, ntohl(hdr.hdr_entries),
724 p->num_objects);
725 if (lseek(p->pack_fd, p->pack_size - sizeof(sha1), SEEK_SET) == -1)
726 return error("end of packfile %s is unavailable", p->pack_name);
727 if (read_in_full(p->pack_fd, sha1, sizeof(sha1)) != sizeof(sha1))
728 return error("packfile %s signature is unavailable", p->pack_name);
729 idx_sha1 = ((unsigned char *)p->index_data) + p->index_size - 40;
730 if (hashcmp(sha1, idx_sha1))
731 return error("packfile %s does not match index", p->pack_name);
732 return 0;
733 }
734
735 static int open_packed_git(struct packed_git *p)
736 {
737 if (!open_packed_git_1(p))
738 return 0;
739 if (p->pack_fd != -1) {
740 close(p->pack_fd);
741 p->pack_fd = -1;
742 }
743 return -1;
744 }
745
746 static int in_window(struct pack_window *win, off_t offset)
747 {
748 /* We must promise at least 20 bytes (one hash) after the
749 * offset is available from this window, otherwise the offset
750 * is not actually in this window and a different window (which
751 * has that one hash excess) must be used. This is to support
752 * the object header and delta base parsing routines below.
753 */
754 off_t win_off = win->offset;
755 return win_off <= offset
756 && (offset + 20) <= (win_off + win->len);
757 }
758
759 unsigned char *use_pack(struct packed_git *p,
760 struct pack_window **w_cursor,
761 off_t offset,
762 unsigned int *left)
763 {
764 struct pack_window *win = *w_cursor;
765
766 if (p->pack_fd == -1 && open_packed_git(p))
767 die("packfile %s cannot be accessed", p->pack_name);
768
769 /* Since packfiles end in a hash of their content and it's
770 * pointless to ask for an offset into the middle of that
771 * hash, and the in_window function above wouldn't match
772 * don't allow an offset too close to the end of the file.
773 */
774 if (offset > (p->pack_size - 20))
775 die("offset beyond end of packfile (truncated pack?)");
776
777 if (!win || !in_window(win, offset)) {
778 if (win)
779 win->inuse_cnt--;
780 for (win = p->windows; win; win = win->next) {
781 if (in_window(win, offset))
782 break;
783 }
784 if (!win) {
785 size_t window_align = packed_git_window_size / 2;
786 off_t len;
787 win = xcalloc(1, sizeof(*win));
788 win->offset = (offset / window_align) * window_align;
789 len = p->pack_size - win->offset;
790 if (len > packed_git_window_size)
791 len = packed_git_window_size;
792 win->len = (size_t)len;
793 pack_mapped += win->len;
794 while (packed_git_limit < pack_mapped
795 && unuse_one_window(p, p->pack_fd))
796 ; /* nothing */
797 win->base = xmmap(NULL, win->len,
798 PROT_READ, MAP_PRIVATE,
799 p->pack_fd, win->offset);
800 if (win->base == MAP_FAILED)
801 die("packfile %s cannot be mapped: %s",
802 p->pack_name,
803 strerror(errno));
804 pack_mmap_calls++;
805 pack_open_windows++;
806 if (pack_mapped > peak_pack_mapped)
807 peak_pack_mapped = pack_mapped;
808 if (pack_open_windows > peak_pack_open_windows)
809 peak_pack_open_windows = pack_open_windows;
810 win->next = p->windows;
811 p->windows = win;
812 }
813 }
814 if (win != *w_cursor) {
815 win->last_used = pack_used_ctr++;
816 win->inuse_cnt++;
817 *w_cursor = win;
818 }
819 offset -= win->offset;
820 if (left)
821 *left = win->len - xsize_t(offset);
822 return win->base + offset;
823 }
824
825 static struct packed_git *alloc_packed_git(int extra)
826 {
827 struct packed_git *p = xmalloc(sizeof(*p) + extra);
828 memset(p, 0, sizeof(*p));
829 p->pack_fd = -1;
830 return p;
831 }
832
833 struct packed_git *add_packed_git(const char *path, int path_len, int local)
834 {
835 struct stat st;
836 struct packed_git *p = alloc_packed_git(path_len + 2);
837
838 /*
839 * Make sure a corresponding .pack file exists and that
840 * the index looks sane.
841 */
842 path_len -= strlen(".idx");
843 if (path_len < 1) {
844 free(p);
845 return NULL;
846 }
847 memcpy(p->pack_name, path, path_len);
848
849 strcpy(p->pack_name + path_len, ".keep");
850 if (!access(p->pack_name, F_OK))
851 p->pack_keep = 1;
852
853 strcpy(p->pack_name + path_len, ".pack");
854 if (stat(p->pack_name, &st) || !S_ISREG(st.st_mode)) {
855 free(p);
856 return NULL;
857 }
858
859 /* ok, it looks sane as far as we can check without
860 * actually mapping the pack file.
861 */
862 p->pack_size = st.st_size;
863 p->pack_local = local;
864 p->mtime = st.st_mtime;
865 if (path_len < 40 || get_sha1_hex(path + path_len - 40, p->sha1))
866 hashclr(p->sha1);
867 return p;
868 }
869
870 struct packed_git *parse_pack_index(unsigned char *sha1)
871 {
872 const char *idx_path = sha1_pack_index_name(sha1);
873 const char *path = sha1_pack_name(sha1);
874 struct packed_git *p = alloc_packed_git(strlen(path) + 1);
875
876 strcpy(p->pack_name, path);
877 hashcpy(p->sha1, sha1);
878 if (check_packed_git_idx(idx_path, p)) {
879 free(p);
880 return NULL;
881 }
882
883 return p;
884 }
885
886 void install_packed_git(struct packed_git *pack)
887 {
888 pack->next = packed_git;
889 packed_git = pack;
890 }
891
892 static void prepare_packed_git_one(char *objdir, int local)
893 {
894 /* Ensure that this buffer is large enough so that we can
895 append "/pack/" without clobbering the stack even if
896 strlen(objdir) were PATH_MAX. */
897 char path[PATH_MAX + 1 + 4 + 1 + 1];
898 int len;
899 DIR *dir;
900 struct dirent *de;
901
902 sprintf(path, "%s/pack", objdir);
903 len = strlen(path);
904 dir = opendir(path);
905 while (!dir && errno == EMFILE && unuse_one_window(packed_git, -1))
906 dir = opendir(path);
907 if (!dir) {
908 if (errno != ENOENT)
909 error("unable to open object pack directory: %s: %s",
910 path, strerror(errno));
911 return;
912 }
913 path[len++] = '/';
914 while ((de = readdir(dir)) != NULL) {
915 int namelen = strlen(de->d_name);
916 struct packed_git *p;
917
918 if (!has_extension(de->d_name, ".idx"))
919 continue;
920
921 if (len + namelen + 1 > sizeof(path))
922 continue;
923
924 /* Don't reopen a pack we already have. */
925 strcpy(path + len, de->d_name);
926 for (p = packed_git; p; p = p->next) {
927 if (!memcmp(path, p->pack_name, len + namelen - 4))
928 break;
929 }
930 if (p)
931 continue;
932 /* See if it really is a valid .idx file with corresponding
933 * .pack file that we can map.
934 */
935 p = add_packed_git(path, len + namelen, local);
936 if (!p)
937 continue;
938 install_packed_git(p);
939 }
940 closedir(dir);
941 }
942
943 static int sort_pack(const void *a_, const void *b_)
944 {
945 struct packed_git *a = *((struct packed_git **)a_);
946 struct packed_git *b = *((struct packed_git **)b_);
947 int st;
948
949 /*
950 * Local packs tend to contain objects specific to our
951 * variant of the project than remote ones. In addition,
952 * remote ones could be on a network mounted filesystem.
953 * Favor local ones for these reasons.
954 */
955 st = a->pack_local - b->pack_local;
956 if (st)
957 return -st;
958
959 /*
960 * Younger packs tend to contain more recent objects,
961 * and more recent objects tend to get accessed more
962 * often.
963 */
964 if (a->mtime < b->mtime)
965 return 1;
966 else if (a->mtime == b->mtime)
967 return 0;
968 return -1;
969 }
970
971 static void rearrange_packed_git(void)
972 {
973 struct packed_git **ary, *p;
974 int i, n;
975
976 for (n = 0, p = packed_git; p; p = p->next)
977 n++;
978 if (n < 2)
979 return;
980
981 /* prepare an array of packed_git for easier sorting */
982 ary = xcalloc(n, sizeof(struct packed_git *));
983 for (n = 0, p = packed_git; p; p = p->next)
984 ary[n++] = p;
985
986 qsort(ary, n, sizeof(struct packed_git *), sort_pack);
987
988 /* link them back again */
989 for (i = 0; i < n - 1; i++)
990 ary[i]->next = ary[i + 1];
991 ary[n - 1]->next = NULL;
992 packed_git = ary[0];
993
994 free(ary);
995 }
996
997 static int prepare_packed_git_run_once = 0;
998 void prepare_packed_git(void)
999 {
1000 struct alternate_object_database *alt;
1001
1002 if (prepare_packed_git_run_once)
1003 return;
1004 prepare_packed_git_one(get_object_directory(), 1);
1005 prepare_alt_odb();
1006 for (alt = alt_odb_list; alt; alt = alt->next) {
1007 alt->name[-1] = 0;
1008 prepare_packed_git_one(alt->base, 0);
1009 alt->name[-1] = '/';
1010 }
1011 rearrange_packed_git();
1012 prepare_packed_git_run_once = 1;
1013 }
1014
1015 void reprepare_packed_git(void)
1016 {
1017 discard_revindex();
1018 prepare_packed_git_run_once = 0;
1019 prepare_packed_git();
1020 }
1021
1022 static void mark_bad_packed_object(struct packed_git *p,
1023 const unsigned char *sha1)
1024 {
1025 unsigned i;
1026 for (i = 0; i < p->num_bad_objects; i++)
1027 if (!hashcmp(sha1, p->bad_object_sha1 + 20 * i))
1028 return;
1029 p->bad_object_sha1 = xrealloc(p->bad_object_sha1, 20 * (p->num_bad_objects + 1));
1030 hashcpy(p->bad_object_sha1 + 20 * p->num_bad_objects, sha1);
1031 p->num_bad_objects++;
1032 }
1033
1034 static int has_packed_and_bad(const unsigned char *sha1)
1035 {
1036 struct packed_git *p;
1037 unsigned i;
1038
1039 for (p = packed_git; p; p = p->next)
1040 for (i = 0; i < p->num_bad_objects; i++)
1041 if (!hashcmp(sha1, p->bad_object_sha1 + 20 * i))
1042 return 1;
1043 return 0;
1044 }
1045
1046 int check_sha1_signature(const unsigned char *sha1, void *map, unsigned long size, const char *type)
1047 {
1048 unsigned char real_sha1[20];
1049 hash_sha1_file(map, size, type, real_sha1);
1050 return hashcmp(sha1, real_sha1) ? -1 : 0;
1051 }
1052
1053 static int git_open_noatime(const char *name)
1054 {
1055 static int sha1_file_open_flag = O_NOATIME;
1056 int fd = open(name, O_RDONLY | sha1_file_open_flag);
1057
1058 /* Might the failure be due to O_NOATIME? */
1059 if (fd < 0 && errno != ENOENT && sha1_file_open_flag) {
1060 fd = open(name, O_RDONLY);
1061 if (fd >= 0)
1062 sha1_file_open_flag = 0;
1063 }
1064 return fd;
1065 }
1066
1067 static int open_sha1_file(const unsigned char *sha1)
1068 {
1069 int fd;
1070 char *name = sha1_file_name(sha1);
1071 struct alternate_object_database *alt;
1072
1073 fd = git_open_noatime(name);
1074 if (fd >= 0)
1075 return fd;
1076
1077 prepare_alt_odb();
1078 errno = ENOENT;
1079 for (alt = alt_odb_list; alt; alt = alt->next) {
1080 name = alt->name;
1081 fill_sha1_path(name, sha1);
1082 fd = git_open_noatime(alt->base);
1083 if (fd >= 0)
1084 return fd;
1085 }
1086 return -1;
1087 }
1088
1089 static void *map_sha1_file(const unsigned char *sha1, unsigned long *size)
1090 {
1091 void *map;
1092 int fd;
1093
1094 fd = open_sha1_file(sha1);
1095 map = NULL;
1096 if (fd >= 0) {
1097 struct stat st;
1098
1099 if (!fstat(fd, &st)) {
1100 *size = xsize_t(st.st_size);
1101 map = xmmap(NULL, *size, PROT_READ, MAP_PRIVATE, fd, 0);
1102 }
1103 close(fd);
1104 }
1105 return map;
1106 }
1107
1108 static int legacy_loose_object(unsigned char *map)
1109 {
1110 unsigned int word;
1111
1112 /*
1113 * Is it a zlib-compressed buffer? If so, the first byte
1114 * must be 0x78 (15-bit window size, deflated), and the
1115 * first 16-bit word is evenly divisible by 31
1116 */
1117 word = (map[0] << 8) + map[1];
1118 if (map[0] == 0x78 && !(word % 31))
1119 return 1;
1120 else
1121 return 0;
1122 }
1123
1124 unsigned long unpack_object_header_buffer(const unsigned char *buf,
1125 unsigned long len, enum object_type *type, unsigned long *sizep)
1126 {
1127 unsigned shift;
1128 unsigned long size, c;
1129 unsigned long used = 0;
1130
1131 c = buf[used++];
1132 *type = (c >> 4) & 7;
1133 size = c & 15;
1134 shift = 4;
1135 while (c & 0x80) {
1136 if (len <= used || bitsizeof(long) <= shift) {
1137 error("bad object header");
1138 return 0;
1139 }
1140 c = buf[used++];
1141 size += (c & 0x7f) << shift;
1142 shift += 7;
1143 }
1144 *sizep = size;
1145 return used;
1146 }
1147
1148 static int unpack_sha1_header(z_stream *stream, unsigned char *map, unsigned long mapsize, void *buffer, unsigned long bufsiz)
1149 {
1150 unsigned long size, used;
1151 static const char valid_loose_object_type[8] = {
1152 0, /* OBJ_EXT */
1153 1, 1, 1, 1, /* "commit", "tree", "blob", "tag" */
1154 0, /* "delta" and others are invalid in a loose object */
1155 };
1156 enum object_type type;
1157
1158 /* Get the data stream */
1159 memset(stream, 0, sizeof(*stream));
1160 stream->next_in = map;
1161 stream->avail_in = mapsize;
1162 stream->next_out = buffer;
1163 stream->avail_out = bufsiz;
1164
1165 if (legacy_loose_object(map)) {
1166 git_inflate_init(stream);
1167 return git_inflate(stream, 0);
1168 }
1169
1170
1171 /*
1172 * There used to be a second loose object header format which
1173 * was meant to mimic the in-pack format, allowing for direct
1174 * copy of the object data. This format turned up not to be
1175 * really worth it and we don't write it any longer. But we
1176 * can still read it.
1177 */
1178 used = unpack_object_header_buffer(map, mapsize, &type, &size);
1179 if (!used || !valid_loose_object_type[type])
1180 return -1;
1181 map += used;
1182 mapsize -= used;
1183
1184 /* Set up the stream for the rest.. */
1185 stream->next_in = map;
1186 stream->avail_in = mapsize;
1187 git_inflate_init(stream);
1188
1189 /* And generate the fake traditional header */
1190 stream->total_out = 1 + snprintf(buffer, bufsiz, "%s %lu",
1191 typename(type), size);
1192 return 0;
1193 }
1194
1195 static void *unpack_sha1_rest(z_stream *stream, void *buffer, unsigned long size, const unsigned char *sha1)
1196 {
1197 int bytes = strlen(buffer) + 1;
1198 unsigned char *buf = xmallocz(size);
1199 unsigned long n;
1200 int status = Z_OK;
1201
1202 n = stream->total_out - bytes;
1203 if (n > size)
1204 n = size;
1205 memcpy(buf, (char *) buffer + bytes, n);
1206 bytes = n;
1207 if (bytes <= size) {
1208 /*
1209 * The above condition must be (bytes <= size), not
1210 * (bytes < size). In other words, even though we
1211 * expect no more output and set avail_out to zer0,
1212 * the input zlib stream may have bytes that express
1213 * "this concludes the stream", and we *do* want to
1214 * eat that input.
1215 *
1216 * Otherwise we would not be able to test that we
1217 * consumed all the input to reach the expected size;
1218 * we also want to check that zlib tells us that all
1219 * went well with status == Z_STREAM_END at the end.
1220 */
1221 stream->next_out = buf + bytes;
1222 stream->avail_out = size - bytes;
1223 while (status == Z_OK)
1224 status = git_inflate(stream, Z_FINISH);
1225 }
1226 if (status == Z_STREAM_END && !stream->avail_in) {
1227 git_inflate_end(stream);
1228 return buf;
1229 }
1230
1231 if (status < 0)
1232 error("corrupt loose object '%s'", sha1_to_hex(sha1));
1233 else if (stream->avail_in)
1234 error("garbage at end of loose object '%s'",
1235 sha1_to_hex(sha1));
1236 free(buf);
1237 return NULL;
1238 }
1239
1240 /*
1241 * We used to just use "sscanf()", but that's actually way
1242 * too permissive for what we want to check. So do an anal
1243 * object header parse by hand.
1244 */
1245 static int parse_sha1_header(const char *hdr, unsigned long *sizep)
1246 {
1247 char type[10];
1248 int i;
1249 unsigned long size;
1250
1251 /*
1252 * The type can be at most ten bytes (including the
1253 * terminating '\0' that we add), and is followed by
1254 * a space.
1255 */
1256 i = 0;
1257 for (;;) {
1258 char c = *hdr++;
1259 if (c == ' ')
1260 break;
1261 type[i++] = c;
1262 if (i >= sizeof(type))
1263 return -1;
1264 }
1265 type[i] = 0;
1266
1267 /*
1268 * The length must follow immediately, and be in canonical
1269 * decimal format (ie "010" is not valid).
1270 */
1271 size = *hdr++ - '0';
1272 if (size > 9)
1273 return -1;
1274 if (size) {
1275 for (;;) {
1276 unsigned long c = *hdr - '0';
1277 if (c > 9)
1278 break;
1279 hdr++;
1280 size = size * 10 + c;
1281 }
1282 }
1283 *sizep = size;
1284
1285 /*
1286 * The length must be followed by a zero byte
1287 */
1288 return *hdr ? -1 : type_from_string(type);
1289 }
1290
1291 static void *unpack_sha1_file(void *map, unsigned long mapsize, enum object_type *type, unsigned long *size, const unsigned char *sha1)
1292 {
1293 int ret;
1294 z_stream stream;
1295 char hdr[8192];
1296
1297 ret = unpack_sha1_header(&stream, map, mapsize, hdr, sizeof(hdr));
1298 if (ret < Z_OK || (*type = parse_sha1_header(hdr, size)) < 0)
1299 return NULL;
1300
1301 return unpack_sha1_rest(&stream, hdr, *size, sha1);
1302 }
1303
1304 unsigned long get_size_from_delta(struct packed_git *p,
1305 struct pack_window **w_curs,
1306 off_t curpos)
1307 {
1308 const unsigned char *data;
1309 unsigned char delta_head[20], *in;
1310 z_stream stream;
1311 int st;
1312
1313 memset(&stream, 0, sizeof(stream));
1314 stream.next_out = delta_head;
1315 stream.avail_out = sizeof(delta_head);
1316
1317 git_inflate_init(&stream);
1318 do {
1319 in = use_pack(p, w_curs, curpos, &stream.avail_in);
1320 stream.next_in = in;
1321 st = git_inflate(&stream, Z_FINISH);
1322 curpos += stream.next_in - in;
1323 } while ((st == Z_OK || st == Z_BUF_ERROR) &&
1324 stream.total_out < sizeof(delta_head));
1325 git_inflate_end(&stream);
1326 if ((st != Z_STREAM_END) && stream.total_out != sizeof(delta_head)) {
1327 error("delta data unpack-initial failed");
1328 return 0;
1329 }
1330
1331 /* Examine the initial part of the delta to figure out
1332 * the result size.
1333 */
1334 data = delta_head;
1335
1336 /* ignore base size */
1337 get_delta_hdr_size(&data, delta_head+sizeof(delta_head));
1338
1339 /* Read the result size */
1340 return get_delta_hdr_size(&data, delta_head+sizeof(delta_head));
1341 }
1342
1343 static off_t get_delta_base(struct packed_git *p,
1344 struct pack_window **w_curs,
1345 off_t *curpos,
1346 enum object_type type,
1347 off_t delta_obj_offset)
1348 {
1349 unsigned char *base_info = use_pack(p, w_curs, *curpos, NULL);
1350 off_t base_offset;
1351
1352 /* use_pack() assured us we have [base_info, base_info + 20)
1353 * as a range that we can look at without walking off the
1354 * end of the mapped window. Its actually the hash size
1355 * that is assured. An OFS_DELTA longer than the hash size
1356 * is stupid, as then a REF_DELTA would be smaller to store.
1357 */
1358 if (type == OBJ_OFS_DELTA) {
1359 unsigned used = 0;
1360 unsigned char c = base_info[used++];
1361 base_offset = c & 127;
1362 while (c & 128) {
1363 base_offset += 1;
1364 if (!base_offset || MSB(base_offset, 7))
1365 return 0; /* overflow */
1366 c = base_info[used++];
1367 base_offset = (base_offset << 7) + (c & 127);
1368 }
1369 base_offset = delta_obj_offset - base_offset;
1370 if (base_offset <= 0 || base_offset >= delta_obj_offset)
1371 return 0; /* out of bound */
1372 *curpos += used;
1373 } else if (type == OBJ_REF_DELTA) {
1374 /* The base entry _must_ be in the same pack */
1375 base_offset = find_pack_entry_one(base_info, p);
1376 *curpos += 20;
1377 } else
1378 die("I am totally screwed");
1379 return base_offset;
1380 }
1381
1382 /* forward declaration for a mutually recursive function */
1383 static int packed_object_info(struct packed_git *p, off_t offset,
1384 unsigned long *sizep);
1385
1386 static int packed_delta_info(struct packed_git *p,
1387 struct pack_window **w_curs,
1388 off_t curpos,
1389 enum object_type type,
1390 off_t obj_offset,
1391 unsigned long *sizep)
1392 {
1393 off_t base_offset;
1394
1395 base_offset = get_delta_base(p, w_curs, &curpos, type, obj_offset);
1396 if (!base_offset)
1397 return OBJ_BAD;
1398 type = packed_object_info(p, base_offset, NULL);
1399 if (type <= OBJ_NONE) {
1400 struct revindex_entry *revidx;
1401 const unsigned char *base_sha1;
1402 revidx = find_pack_revindex(p, base_offset);
1403 if (!revidx)
1404 return OBJ_BAD;
1405 base_sha1 = nth_packed_object_sha1(p, revidx->nr);
1406 mark_bad_packed_object(p, base_sha1);
1407 type = sha1_object_info(base_sha1, NULL);
1408 if (type <= OBJ_NONE)
1409 return OBJ_BAD;
1410 }
1411
1412 /* We choose to only get the type of the base object and
1413 * ignore potentially corrupt pack file that expects the delta
1414 * based on a base with a wrong size. This saves tons of
1415 * inflate() calls.
1416 */
1417 if (sizep) {
1418 *sizep = get_size_from_delta(p, w_curs, curpos);
1419 if (*sizep == 0)
1420 type = OBJ_BAD;
1421 }
1422
1423 return type;
1424 }
1425
1426 static int unpack_object_header(struct packed_git *p,
1427 struct pack_window **w_curs,
1428 off_t *curpos,
1429 unsigned long *sizep)
1430 {
1431 unsigned char *base;
1432 unsigned int left;
1433 unsigned long used;
1434 enum object_type type;
1435
1436 /* use_pack() assures us we have [base, base + 20) available
1437 * as a range that we can look at at. (Its actually the hash
1438 * size that is assured.) With our object header encoding
1439 * the maximum deflated object size is 2^137, which is just
1440 * insane, so we know won't exceed what we have been given.
1441 */
1442 base = use_pack(p, w_curs, *curpos, &left);
1443 used = unpack_object_header_buffer(base, left, &type, sizep);
1444 if (!used) {
1445 type = OBJ_BAD;
1446 } else
1447 *curpos += used;
1448
1449 return type;
1450 }
1451
1452 const char *packed_object_info_detail(struct packed_git *p,
1453 off_t obj_offset,
1454 unsigned long *size,
1455 unsigned long *store_size,
1456 unsigned int *delta_chain_length,
1457 unsigned char *base_sha1)
1458 {
1459 struct pack_window *w_curs = NULL;
1460 off_t curpos;
1461 unsigned long dummy;
1462 unsigned char *next_sha1;
1463 enum object_type type;
1464 struct revindex_entry *revidx;
1465
1466 *delta_chain_length = 0;
1467 curpos = obj_offset;
1468 type = unpack_object_header(p, &w_curs, &curpos, size);
1469
1470 revidx = find_pack_revindex(p, obj_offset);
1471 *store_size = revidx[1].offset - obj_offset;
1472
1473 for (;;) {
1474 switch (type) {
1475 default:
1476 die("pack %s contains unknown object type %d",
1477 p->pack_name, type);
1478 case OBJ_COMMIT:
1479 case OBJ_TREE:
1480 case OBJ_BLOB:
1481 case OBJ_TAG:
1482 unuse_pack(&w_curs);
1483 return typename(type);
1484 case OBJ_OFS_DELTA:
1485 obj_offset = get_delta_base(p, &w_curs, &curpos, type, obj_offset);
1486 if (!obj_offset)
1487 die("pack %s contains bad delta base reference of type %s",
1488 p->pack_name, typename(type));
1489 if (*delta_chain_length == 0) {
1490 revidx = find_pack_revindex(p, obj_offset);
1491 hashcpy(base_sha1, nth_packed_object_sha1(p, revidx->nr));
1492 }
1493 break;
1494 case OBJ_REF_DELTA:
1495 next_sha1 = use_pack(p, &w_curs, curpos, NULL);
1496 if (*delta_chain_length == 0)
1497 hashcpy(base_sha1, next_sha1);
1498 obj_offset = find_pack_entry_one(next_sha1, p);
1499 break;
1500 }
1501 (*delta_chain_length)++;
1502 curpos = obj_offset;
1503 type = unpack_object_header(p, &w_curs, &curpos, &dummy);
1504 }
1505 }
1506
1507 static int packed_object_info(struct packed_git *p, off_t obj_offset,
1508 unsigned long *sizep)
1509 {
1510 struct pack_window *w_curs = NULL;
1511 unsigned long size;
1512 off_t curpos = obj_offset;
1513 enum object_type type;
1514
1515 type = unpack_object_header(p, &w_curs, &curpos, &size);
1516
1517 switch (type) {
1518 case OBJ_OFS_DELTA:
1519 case OBJ_REF_DELTA:
1520 type = packed_delta_info(p, &w_curs, curpos,
1521 type, obj_offset, sizep);
1522 break;
1523 case OBJ_COMMIT:
1524 case OBJ_TREE:
1525 case OBJ_BLOB:
1526 case OBJ_TAG:
1527 if (sizep)
1528 *sizep = size;
1529 break;
1530 default:
1531 error("unknown object type %i at offset %"PRIuMAX" in %s",
1532 type, (uintmax_t)obj_offset, p->pack_name);
1533 type = OBJ_BAD;
1534 }
1535 unuse_pack(&w_curs);
1536 return type;
1537 }
1538
1539 static void *unpack_compressed_entry(struct packed_git *p,
1540 struct pack_window **w_curs,
1541 off_t curpos,
1542 unsigned long size)
1543 {
1544 int st;
1545 z_stream stream;
1546 unsigned char *buffer, *in;
1547
1548 buffer = xmallocz(size);
1549 memset(&stream, 0, sizeof(stream));
1550 stream.next_out = buffer;
1551 stream.avail_out = size + 1;
1552
1553 git_inflate_init(&stream);
1554 do {
1555 in = use_pack(p, w_curs, curpos, &stream.avail_in);
1556 stream.next_in = in;
1557 st = git_inflate(&stream, Z_FINISH);
1558 if (!stream.avail_out)
1559 break; /* the payload is larger than it should be */
1560 curpos += stream.next_in - in;
1561 } while (st == Z_OK || st == Z_BUF_ERROR);
1562 git_inflate_end(&stream);
1563 if ((st != Z_STREAM_END) || stream.total_out != size) {
1564 free(buffer);
1565 return NULL;
1566 }
1567
1568 return buffer;
1569 }
1570
1571 #define MAX_DELTA_CACHE (256)
1572
1573 static size_t delta_base_cached;
1574
1575 static struct delta_base_cache_lru_list {
1576 struct delta_base_cache_lru_list *prev;
1577 struct delta_base_cache_lru_list *next;
1578 } delta_base_cache_lru = { &delta_base_cache_lru, &delta_base_cache_lru };
1579
1580 static struct delta_base_cache_entry {
1581 struct delta_base_cache_lru_list lru;
1582 void *data;
1583 struct packed_git *p;
1584 off_t base_offset;
1585 unsigned long size;
1586 enum object_type type;
1587 } delta_base_cache[MAX_DELTA_CACHE];
1588
1589 static unsigned long pack_entry_hash(struct packed_git *p, off_t base_offset)
1590 {
1591 unsigned long hash;
1592
1593 hash = (unsigned long)p + (unsigned long)base_offset;
1594 hash += (hash >> 8) + (hash >> 16);
1595 return hash % MAX_DELTA_CACHE;
1596 }
1597
1598 static void *cache_or_unpack_entry(struct packed_git *p, off_t base_offset,
1599 unsigned long *base_size, enum object_type *type, int keep_cache)
1600 {
1601 void *ret;
1602 unsigned long hash = pack_entry_hash(p, base_offset);
1603 struct delta_base_cache_entry *ent = delta_base_cache + hash;
1604
1605 ret = ent->data;
1606 if (!ret || ent->p != p || ent->base_offset != base_offset)
1607 return unpack_entry(p, base_offset, type, base_size);
1608
1609 if (!keep_cache) {
1610 ent->data = NULL;
1611 ent->lru.next->prev = ent->lru.prev;
1612 ent->lru.prev->next = ent->lru.next;
1613 delta_base_cached -= ent->size;
1614 } else {
1615 ret = xmemdupz(ent->data, ent->size);
1616 }
1617 *type = ent->type;
1618 *base_size = ent->size;
1619 return ret;
1620 }
1621
1622 static inline void release_delta_base_cache(struct delta_base_cache_entry *ent)
1623 {
1624 if (ent->data) {
1625 free(ent->data);
1626 ent->data = NULL;
1627 ent->lru.next->prev = ent->lru.prev;
1628 ent->lru.prev->next = ent->lru.next;
1629 delta_base_cached -= ent->size;
1630 }
1631 }
1632
1633 void clear_delta_base_cache(void)
1634 {
1635 unsigned long p;
1636 for (p = 0; p < MAX_DELTA_CACHE; p++)
1637 release_delta_base_cache(&delta_base_cache[p]);
1638 }
1639
1640 static void add_delta_base_cache(struct packed_git *p, off_t base_offset,
1641 void *base, unsigned long base_size, enum object_type type)
1642 {
1643 unsigned long hash = pack_entry_hash(p, base_offset);
1644 struct delta_base_cache_entry *ent = delta_base_cache + hash;
1645 struct delta_base_cache_lru_list *lru;
1646
1647 release_delta_base_cache(ent);
1648 delta_base_cached += base_size;
1649
1650 for (lru = delta_base_cache_lru.next;
1651 delta_base_cached > delta_base_cache_limit
1652 && lru != &delta_base_cache_lru;
1653 lru = lru->next) {
1654 struct delta_base_cache_entry *f = (void *)lru;
1655 if (f->type == OBJ_BLOB)
1656 release_delta_base_cache(f);
1657 }
1658 for (lru = delta_base_cache_lru.next;
1659 delta_base_cached > delta_base_cache_limit
1660 && lru != &delta_base_cache_lru;
1661 lru = lru->next) {
1662 struct delta_base_cache_entry *f = (void *)lru;
1663 release_delta_base_cache(f);
1664 }
1665
1666 ent->p = p;
1667 ent->base_offset = base_offset;
1668 ent->type = type;
1669 ent->data = base;
1670 ent->size = base_size;
1671 ent->lru.next = &delta_base_cache_lru;
1672 ent->lru.prev = delta_base_cache_lru.prev;
1673 delta_base_cache_lru.prev->next = &ent->lru;
1674 delta_base_cache_lru.prev = &ent->lru;
1675 }
1676
1677 static void *read_object(const unsigned char *sha1, enum object_type *type,
1678 unsigned long *size);
1679
1680 static void *unpack_delta_entry(struct packed_git *p,
1681 struct pack_window **w_curs,
1682 off_t curpos,
1683 unsigned long delta_size,
1684 off_t obj_offset,
1685 enum object_type *type,
1686 unsigned long *sizep)
1687 {
1688 void *delta_data, *result, *base;
1689 unsigned long base_size;
1690 off_t base_offset;
1691
1692 base_offset = get_delta_base(p, w_curs, &curpos, *type, obj_offset);
1693 if (!base_offset) {
1694 error("failed to validate delta base reference "
1695 "at offset %"PRIuMAX" from %s",
1696 (uintmax_t)curpos, p->pack_name);
1697 return NULL;
1698 }
1699 unuse_pack(w_curs);
1700 base = cache_or_unpack_entry(p, base_offset, &base_size, type, 0);
1701 if (!base) {
1702 /*
1703 * We're probably in deep shit, but let's try to fetch
1704 * the required base anyway from another pack or loose.
1705 * This is costly but should happen only in the presence
1706 * of a corrupted pack, and is better than failing outright.
1707 */
1708 struct revindex_entry *revidx;
1709 const unsigned char *base_sha1;
1710 revidx = find_pack_revindex(p, base_offset);
1711 if (!revidx)
1712 return NULL;
1713 base_sha1 = nth_packed_object_sha1(p, revidx->nr);
1714 error("failed to read delta base object %s"
1715 " at offset %"PRIuMAX" from %s",
1716 sha1_to_hex(base_sha1), (uintmax_t)base_offset,
1717 p->pack_name);
1718 mark_bad_packed_object(p, base_sha1);
1719 base = read_object(base_sha1, type, &base_size);
1720 if (!base)
1721 return NULL;
1722 }
1723
1724 delta_data = unpack_compressed_entry(p, w_curs, curpos, delta_size);
1725 if (!delta_data) {
1726 error("failed to unpack compressed delta "
1727 "at offset %"PRIuMAX" from %s",
1728 (uintmax_t)curpos, p->pack_name);
1729 free(base);
1730 return NULL;
1731 }
1732 result = patch_delta(base, base_size,
1733 delta_data, delta_size,
1734 sizep);
1735 if (!result)
1736 die("failed to apply delta");
1737 free(delta_data);
1738 add_delta_base_cache(p, base_offset, base, base_size, *type);
1739 return result;
1740 }
1741
1742 int do_check_packed_object_crc;
1743
1744 void *unpack_entry(struct packed_git *p, off_t obj_offset,
1745 enum object_type *type, unsigned long *sizep)
1746 {
1747 struct pack_window *w_curs = NULL;
1748 off_t curpos = obj_offset;
1749 void *data;
1750
1751 if (do_check_packed_object_crc && p->index_version > 1) {
1752 struct revindex_entry *revidx = find_pack_revindex(p, obj_offset);
1753 unsigned long len = revidx[1].offset - obj_offset;
1754 if (check_pack_crc(p, &w_curs, obj_offset, len, revidx->nr)) {
1755 const unsigned char *sha1 =
1756 nth_packed_object_sha1(p, revidx->nr);
1757 error("bad packed object CRC for %s",
1758 sha1_to_hex(sha1));
1759 mark_bad_packed_object(p, sha1);
1760 unuse_pack(&w_curs);
1761 return NULL;
1762 }
1763 }
1764
1765 *type = unpack_object_header(p, &w_curs, &curpos, sizep);
1766 switch (*type) {
1767 case OBJ_OFS_DELTA:
1768 case OBJ_REF_DELTA:
1769 data = unpack_delta_entry(p, &w_curs, curpos, *sizep,
1770 obj_offset, type, sizep);
1771 break;
1772 case OBJ_COMMIT:
1773 case OBJ_TREE:
1774 case OBJ_BLOB:
1775 case OBJ_TAG:
1776 data = unpack_compressed_entry(p, &w_curs, curpos, *sizep);
1777 break;
1778 default:
1779 data = NULL;
1780 error("unknown object type %i at offset %"PRIuMAX" in %s",
1781 *type, (uintmax_t)obj_offset, p->pack_name);
1782 }
1783 unuse_pack(&w_curs);
1784 return data;
1785 }
1786
1787 const unsigned char *nth_packed_object_sha1(struct packed_git *p,
1788 uint32_t n)
1789 {
1790 const unsigned char *index = p->index_data;
1791 if (!index) {
1792 if (open_pack_index(p))
1793 return NULL;
1794 index = p->index_data;
1795 }
1796 if (n >= p->num_objects)
1797 return NULL;
1798 index += 4 * 256;
1799 if (p->index_version == 1) {
1800 return index + 24 * n + 4;
1801 } else {
1802 index += 8;
1803 return index + 20 * n;
1804 }
1805 }
1806
1807 off_t nth_packed_object_offset(const struct packed_git *p, uint32_t n)
1808 {
1809 const unsigned char *index = p->index_data;
1810 index += 4 * 256;
1811 if (p->index_version == 1) {
1812 return ntohl(*((uint32_t *)(index + 24 * n)));
1813 } else {
1814 uint32_t off;
1815 index += 8 + p->num_objects * (20 + 4);
1816 off = ntohl(*((uint32_t *)(index + 4 * n)));
1817 if (!(off & 0x80000000))
1818 return off;
1819 index += p->num_objects * 4 + (off & 0x7fffffff) * 8;
1820 return (((uint64_t)ntohl(*((uint32_t *)(index + 0)))) << 32) |
1821 ntohl(*((uint32_t *)(index + 4)));
1822 }
1823 }
1824
1825 off_t find_pack_entry_one(const unsigned char *sha1,
1826 struct packed_git *p)
1827 {
1828 const uint32_t *level1_ofs = p->index_data;
1829 const unsigned char *index = p->index_data;
1830 unsigned hi, lo, stride;
1831 static int use_lookup = -1;
1832 static int debug_lookup = -1;
1833
1834 if (debug_lookup < 0)
1835 debug_lookup = !!getenv("GIT_DEBUG_LOOKUP");
1836
1837 if (!index) {
1838 if (open_pack_index(p))
1839 return 0;
1840 level1_ofs = p->index_data;
1841 index = p->index_data;
1842 }
1843 if (p->index_version > 1) {
1844 level1_ofs += 2;
1845 index += 8;
1846 }
1847 index += 4 * 256;
1848 hi = ntohl(level1_ofs[*sha1]);
1849 lo = ((*sha1 == 0x0) ? 0 : ntohl(level1_ofs[*sha1 - 1]));
1850 if (p->index_version > 1) {
1851 stride = 20;
1852 } else {
1853 stride = 24;
1854 index += 4;
1855 }
1856
1857 if (debug_lookup)
1858 printf("%02x%02x%02x... lo %u hi %u nr %"PRIu32"\n",
1859 sha1[0], sha1[1], sha1[2], lo, hi, p->num_objects);
1860
1861 if (use_lookup < 0)
1862 use_lookup = !!getenv("GIT_USE_LOOKUP");
1863 if (use_lookup) {
1864 int pos = sha1_entry_pos(index, stride, 0,
1865 lo, hi, p->num_objects, sha1);
1866 if (pos < 0)
1867 return 0;
1868 return nth_packed_object_offset(p, pos);
1869 }
1870
1871 do {
1872 unsigned mi = (lo + hi) / 2;
1873 int cmp = hashcmp(index + mi * stride, sha1);
1874
1875 if (debug_lookup)
1876 printf("lo %u hi %u rg %u mi %u\n",
1877 lo, hi, hi - lo, mi);
1878 if (!cmp)
1879 return nth_packed_object_offset(p, mi);
1880 if (cmp > 0)
1881 hi = mi;
1882 else
1883 lo = mi+1;
1884 } while (lo < hi);
1885 return 0;
1886 }
1887
1888 static int find_pack_entry(const unsigned char *sha1, struct pack_entry *e)
1889 {
1890 static struct packed_git *last_found = (void *)1;
1891 struct packed_git *p;
1892 off_t offset;
1893
1894 prepare_packed_git();
1895 if (!packed_git)
1896 return 0;
1897 p = (last_found == (void *)1) ? packed_git : last_found;
1898
1899 do {
1900 if (p->num_bad_objects) {
1901 unsigned i;
1902 for (i = 0; i < p->num_bad_objects; i++)
1903 if (!hashcmp(sha1, p->bad_object_sha1 + 20 * i))
1904 goto next;
1905 }
1906
1907 offset = find_pack_entry_one(sha1, p);
1908 if (offset) {
1909 /*
1910 * We are about to tell the caller where they can
1911 * locate the requested object. We better make
1912 * sure the packfile is still here and can be
1913 * accessed before supplying that answer, as
1914 * it may have been deleted since the index
1915 * was loaded!
1916 */
1917 if (p->pack_fd == -1 && open_packed_git(p)) {
1918 error("packfile %s cannot be accessed", p->pack_name);
1919 goto next;
1920 }
1921 e->offset = offset;
1922 e->p = p;
1923 hashcpy(e->sha1, sha1);
1924 last_found = p;
1925 return 1;
1926 }
1927
1928 next:
1929 if (p == last_found)
1930 p = packed_git;
1931 else
1932 p = p->next;
1933 if (p == last_found)
1934 p = p->next;
1935 } while (p);
1936 return 0;
1937 }
1938
1939 struct packed_git *find_sha1_pack(const unsigned char *sha1,
1940 struct packed_git *packs)
1941 {
1942 struct packed_git *p;
1943
1944 for (p = packs; p; p = p->next) {
1945 if (find_pack_entry_one(sha1, p))
1946 return p;
1947 }
1948 return NULL;
1949
1950 }
1951
1952 static int sha1_loose_object_info(const unsigned char *sha1, unsigned long *sizep)
1953 {
1954 int status;
1955 unsigned long mapsize, size;
1956 void *map;
1957 z_stream stream;
1958 char hdr[32];
1959
1960 map = map_sha1_file(sha1, &mapsize);
1961 if (!map)
1962 return error("unable to find %s", sha1_to_hex(sha1));
1963 if (unpack_sha1_header(&stream, map, mapsize, hdr, sizeof(hdr)) < 0)
1964 status = error("unable to unpack %s header",
1965 sha1_to_hex(sha1));
1966 else if ((status = parse_sha1_header(hdr, &size)) < 0)
1967 status = error("unable to parse %s header", sha1_to_hex(sha1));
1968 else if (sizep)
1969 *sizep = size;
1970 git_inflate_end(&stream);
1971 munmap(map, mapsize);
1972 return status;
1973 }
1974
1975 int sha1_object_info(const unsigned char *sha1, unsigned long *sizep)
1976 {
1977 struct pack_entry e;
1978 int status;
1979
1980 if (!find_pack_entry(sha1, &e)) {
1981 /* Most likely it's a loose object. */
1982 status = sha1_loose_object_info(sha1, sizep);
1983 if (status >= 0)
1984 return status;
1985
1986 /* Not a loose object; someone else may have just packed it. */
1987 reprepare_packed_git();
1988 if (!find_pack_entry(sha1, &e))
1989 return status;
1990 }
1991
1992 status = packed_object_info(e.p, e.offset, sizep);
1993 if (status < 0) {
1994 mark_bad_packed_object(e.p, sha1);
1995 status = sha1_object_info(sha1, sizep);
1996 }
1997
1998 return status;
1999 }
2000
2001 static void *read_packed_sha1(const unsigned char *sha1,
2002 enum object_type *type, unsigned long *size)
2003 {
2004 struct pack_entry e;
2005 void *data;
2006
2007 if (!find_pack_entry(sha1, &e))
2008 return NULL;
2009 data = cache_or_unpack_entry(e.p, e.offset, size, type, 1);
2010 if (!data) {
2011 /*
2012 * We're probably in deep shit, but let's try to fetch
2013 * the required object anyway from another pack or loose.
2014 * This should happen only in the presence of a corrupted
2015 * pack, and is better than failing outright.
2016 */
2017 error("failed to read object %s at offset %"PRIuMAX" from %s",
2018 sha1_to_hex(sha1), (uintmax_t)e.offset, e.p->pack_name);
2019 mark_bad_packed_object(e.p, sha1);
2020 data = read_object(sha1, type, size);
2021 }
2022 return data;
2023 }
2024
2025 /*
2026 * This is meant to hold a *small* number of objects that you would
2027 * want read_sha1_file() to be able to return, but yet you do not want
2028 * to write them into the object store (e.g. a browse-only
2029 * application).
2030 */
2031 static struct cached_object {
2032 unsigned char sha1[20];
2033 enum object_type type;
2034 void *buf;
2035 unsigned long size;
2036 } *cached_objects;
2037 static int cached_object_nr, cached_object_alloc;
2038
2039 static struct cached_object empty_tree = {
2040 EMPTY_TREE_SHA1_BIN,
2041 OBJ_TREE,
2042 "",
2043 0
2044 };
2045
2046 static struct cached_object *find_cached_object(const unsigned char *sha1)
2047 {
2048 int i;
2049 struct cached_object *co = cached_objects;
2050
2051 for (i = 0; i < cached_object_nr; i++, co++) {
2052 if (!hashcmp(co->sha1, sha1))
2053 return co;
2054 }
2055 if (!hashcmp(sha1, empty_tree.sha1))
2056 return &empty_tree;
2057 return NULL;
2058 }
2059
2060 int pretend_sha1_file(void *buf, unsigned long len, enum object_type type,
2061 unsigned char *sha1)
2062 {
2063 struct cached_object *co;
2064
2065 hash_sha1_file(buf, len, typename(type), sha1);
2066 if (has_sha1_file(sha1) || find_cached_object(sha1))
2067 return 0;
2068 if (cached_object_alloc <= cached_object_nr) {
2069 cached_object_alloc = alloc_nr(cached_object_alloc);
2070 cached_objects = xrealloc(cached_objects,
2071 sizeof(*cached_objects) *
2072 cached_object_alloc);
2073 }
2074 co = &cached_objects[cached_object_nr++];
2075 co->size = len;
2076 co->type = type;
2077 co->buf = xmalloc(len);
2078 memcpy(co->buf, buf, len);
2079 hashcpy(co->sha1, sha1);
2080 return 0;
2081 }
2082
2083 static void *read_object(const unsigned char *sha1, enum object_type *type,
2084 unsigned long *size)
2085 {
2086 unsigned long mapsize;
2087 void *map, *buf;
2088 struct cached_object *co;
2089
2090 co = find_cached_object(sha1);
2091 if (co) {
2092 *type = co->type;
2093 *size = co->size;
2094 return xmemdupz(co->buf, co->size);
2095 }
2096
2097 buf = read_packed_sha1(sha1, type, size);
2098 if (buf)
2099 return buf;
2100 map = map_sha1_file(sha1, &mapsize);
2101 if (map) {
2102 buf = unpack_sha1_file(map, mapsize, type, size, sha1);
2103 munmap(map, mapsize);
2104 return buf;
2105 }
2106 reprepare_packed_git();
2107 return read_packed_sha1(sha1, type, size);
2108 }
2109
2110 void *read_sha1_file_repl(const unsigned char *sha1,
2111 enum object_type *type,
2112 unsigned long *size,
2113 const unsigned char **replacement)
2114 {
2115 const unsigned char *repl = lookup_replace_object(sha1);
2116 void *data = read_object(repl, type, size);
2117
2118 /* die if we replaced an object with one that does not exist */
2119 if (!data && repl != sha1)
2120 die("replacement %s not found for %s",
2121 sha1_to_hex(repl), sha1_to_hex(sha1));
2122
2123 /* legacy behavior is to die on corrupted objects */
2124 if (!data && (has_loose_object(repl) || has_packed_and_bad(repl)))
2125 die("object %s is corrupted", sha1_to_hex(repl));
2126
2127 if (replacement)
2128 *replacement = repl;
2129
2130 return data;
2131 }
2132
2133 void *read_object_with_reference(const unsigned char *sha1,
2134 const char *required_type_name,
2135 unsigned long *size,
2136 unsigned char *actual_sha1_return)
2137 {
2138 enum object_type type, required_type;
2139 void *buffer;
2140 unsigned long isize;
2141 unsigned char actual_sha1[20];
2142
2143 required_type = type_from_string(required_type_name);
2144 hashcpy(actual_sha1, sha1);
2145 while (1) {
2146 int ref_length = -1;
2147 const char *ref_type = NULL;
2148
2149 buffer = read_sha1_file(actual_sha1, &type, &isize);
2150 if (!buffer)
2151 return NULL;
2152 if (type == required_type) {
2153 *size = isize;
2154 if (actual_sha1_return)
2155 hashcpy(actual_sha1_return, actual_sha1);
2156 return buffer;
2157 }
2158 /* Handle references */
2159 else if (type == OBJ_COMMIT)
2160 ref_type = "tree ";
2161 else if (type == OBJ_TAG)
2162 ref_type = "object ";
2163 else {
2164 free(buffer);
2165 return NULL;
2166 }
2167 ref_length = strlen(ref_type);
2168
2169 if (ref_length + 40 > isize ||
2170 memcmp(buffer, ref_type, ref_length) ||
2171 get_sha1_hex((char *) buffer + ref_length, actual_sha1)) {
2172 free(buffer);
2173 return NULL;
2174 }
2175 free(buffer);
2176 /* Now we have the ID of the referred-to object in
2177 * actual_sha1. Check again. */
2178 }
2179 }
2180
2181 static void write_sha1_file_prepare(const void *buf, unsigned long len,
2182 const char *type, unsigned char *sha1,
2183 char *hdr, int *hdrlen)
2184 {
2185 git_SHA_CTX c;
2186
2187 /* Generate the header */
2188 *hdrlen = sprintf(hdr, "%s %lu", type, len)+1;
2189
2190 /* Sha1.. */
2191 git_SHA1_Init(&c);
2192 git_SHA1_Update(&c, hdr, *hdrlen);
2193 git_SHA1_Update(&c, buf, len);
2194 git_SHA1_Final(sha1, &c);
2195 }
2196
2197 /*
2198 * Move the just written object into its final resting place.
2199 * NEEDSWORK: this should be renamed to finalize_temp_file() as
2200 * "moving" is only a part of what it does, when no patch between
2201 * master to pu changes the call sites of this function.
2202 */
2203 int move_temp_to_file(const char *tmpfile, const char *filename)
2204 {
2205 int ret = 0;
2206
2207 if (object_creation_mode == OBJECT_CREATION_USES_RENAMES)
2208 goto try_rename;
2209 else if (link(tmpfile, filename))
2210 ret = errno;
2211
2212 /*
2213 * Coda hack - coda doesn't like cross-directory links,
2214 * so we fall back to a rename, which will mean that it
2215 * won't be able to check collisions, but that's not a
2216 * big deal.
2217 *
2218 * The same holds for FAT formatted media.
2219 *
2220 * When this succeeds, we just return. We have nothing
2221 * left to unlink.
2222 */
2223 if (ret && ret != EEXIST) {
2224 try_rename:
2225 if (!rename(tmpfile, filename))
2226 goto out;
2227 ret = errno;
2228 }
2229 unlink_or_warn(tmpfile);
2230 if (ret) {
2231 if (ret != EEXIST) {
2232 return error("unable to write sha1 filename %s: %s\n", filename, strerror(ret));
2233 }
2234 /* FIXME!!! Collision check here ? */
2235 }
2236
2237 out:
2238 if (adjust_shared_perm(filename))
2239 return error("unable to set permission to '%s'", filename);
2240 return 0;
2241 }
2242
2243 static int write_buffer(int fd, const void *buf, size_t len)
2244 {
2245 if (write_in_full(fd, buf, len) < 0)
2246 return error("file write error (%s)", strerror(errno));
2247 return 0;
2248 }
2249
2250 int hash_sha1_file(const void *buf, unsigned long len, const char *type,
2251 unsigned char *sha1)
2252 {
2253 char hdr[32];
2254 int hdrlen;
2255 write_sha1_file_prepare(buf, len, type, sha1, hdr, &hdrlen);
2256 return 0;
2257 }
2258
2259 /* Finalize a file on disk, and close it. */
2260 static void close_sha1_file(int fd)
2261 {
2262 if (fsync_object_files)
2263 fsync_or_die(fd, "sha1 file");
2264 if (close(fd) != 0)
2265 die_errno("error when closing sha1 file");
2266 }
2267
2268 /* Size of directory component, including the ending '/' */
2269 static inline int directory_size(const char *filename)
2270 {
2271 const char *s = strrchr(filename, '/');
2272 if (!s)
2273 return 0;
2274 return s - filename + 1;
2275 }
2276
2277 /*
2278 * This creates a temporary file in the same directory as the final
2279 * 'filename'
2280 *
2281 * We want to avoid cross-directory filename renames, because those
2282 * can have problems on various filesystems (FAT, NFS, Coda).
2283 */
2284 static int create_tmpfile(char *buffer, size_t bufsiz, const char *filename)
2285 {
2286 int fd, dirlen = directory_size(filename);
2287
2288 if (dirlen + 20 > bufsiz) {
2289 errno = ENAMETOOLONG;
2290 return -1;
2291 }
2292 memcpy(buffer, filename, dirlen);
2293 strcpy(buffer + dirlen, "tmp_obj_XXXXXX");
2294 fd = git_mkstemp_mode(buffer, 0444);
2295 if (fd < 0 && dirlen && errno == ENOENT) {
2296 /* Make sure the directory exists */
2297 memcpy(buffer, filename, dirlen);
2298 buffer[dirlen-1] = 0;
2299 if (mkdir(buffer, 0777) || adjust_shared_perm(buffer))
2300 return -1;
2301
2302 /* Try again */
2303 strcpy(buffer + dirlen - 1, "/tmp_obj_XXXXXX");
2304 fd = git_mkstemp_mode(buffer, 0444);
2305 }
2306 return fd;
2307 }
2308
2309 static int write_loose_object(const unsigned char *sha1, char *hdr, int hdrlen,
2310 void *buf, unsigned long len, time_t mtime)
2311 {
2312 int fd, ret;
2313 unsigned char compressed[4096];
2314 z_stream stream;
2315 git_SHA_CTX c;
2316 unsigned char parano_sha1[20];
2317 char *filename;
2318 static char tmpfile[PATH_MAX];
2319
2320 filename = sha1_file_name(sha1);
2321 fd = create_tmpfile(tmpfile, sizeof(tmpfile), filename);
2322 while (fd < 0 && errno == EMFILE && unuse_one_window(packed_git, -1))
2323 fd = create_tmpfile(tmpfile, sizeof(tmpfile), filename);
2324 if (fd < 0) {
2325 if (errno == EACCES)
2326 return error("insufficient permission for adding an object to repository database %s\n", get_object_directory());
2327 else
2328 return error("unable to create temporary sha1 filename %s: %s\n", tmpfile, strerror(errno));
2329 }
2330
2331 /* Set it up */
2332 memset(&stream, 0, sizeof(stream));
2333 deflateInit(&stream, zlib_compression_level);
2334 stream.next_out = compressed;
2335 stream.avail_out = sizeof(compressed);
2336 git_SHA1_Init(&c);
2337
2338 /* First header.. */
2339 stream.next_in = (unsigned char *)hdr;
2340 stream.avail_in = hdrlen;
2341 while (deflate(&stream, 0) == Z_OK)
2342 /* nothing */;
2343 git_SHA1_Update(&c, hdr, hdrlen);
2344
2345 /* Then the data itself.. */
2346 stream.next_in = buf;
2347 stream.avail_in = len;
2348 do {
2349 unsigned char *in0 = stream.next_in;
2350 ret = deflate(&stream, Z_FINISH);
2351 git_SHA1_Update(&c, in0, stream.next_in - in0);
2352 if (write_buffer(fd, compressed, stream.next_out - compressed) < 0)
2353 die("unable to write sha1 file");
2354 stream.next_out = compressed;
2355 stream.avail_out = sizeof(compressed);
2356 } while (ret == Z_OK);
2357
2358 if (ret != Z_STREAM_END)
2359 die("unable to deflate new object %s (%d)", sha1_to_hex(sha1), ret);
2360 ret = deflateEnd(&stream);
2361 if (ret != Z_OK)
2362 die("deflateEnd on object %s failed (%d)", sha1_to_hex(sha1), ret);
2363 git_SHA1_Final(parano_sha1, &c);
2364 if (hashcmp(sha1, parano_sha1) != 0)
2365 die("confused by unstable object source data for %s", sha1_to_hex(sha1));
2366
2367 close_sha1_file(fd);
2368
2369 if (mtime) {
2370 struct utimbuf utb;
2371 utb.actime = mtime;
2372 utb.modtime = mtime;
2373 if (utime(tmpfile, &utb) < 0)
2374 warning("failed utime() on %s: %s",
2375 tmpfile, strerror(errno));
2376 }
2377
2378 return move_temp_to_file(tmpfile, filename);
2379 }
2380
2381 int write_sha1_file(void *buf, unsigned long len, const char *type, unsigned char *returnsha1)
2382 {
2383 unsigned char sha1[20];
2384 char hdr[32];
2385 int hdrlen;
2386
2387 /* Normally if we have it in the pack then we do not bother writing
2388 * it out into .git/objects/??/?{38} file.
2389 */
2390 write_sha1_file_prepare(buf, len, type, sha1, hdr, &hdrlen);
2391 if (returnsha1)
2392 hashcpy(returnsha1, sha1);
2393 if (has_sha1_file(sha1))
2394 return 0;
2395 return write_loose_object(sha1, hdr, hdrlen, buf, len, 0);
2396 }
2397
2398 int force_object_loose(const unsigned char *sha1, time_t mtime)
2399 {
2400 void *buf;
2401 unsigned long len;
2402 enum object_type type;
2403 char hdr[32];
2404 int hdrlen;
2405 int ret;
2406
2407 if (has_loose_object(sha1))
2408 return 0;
2409 buf = read_packed_sha1(sha1, &type, &len);
2410 if (!buf)
2411 return error("cannot read sha1_file for %s", sha1_to_hex(sha1));
2412 hdrlen = sprintf(hdr, "%s %lu", typename(type), len) + 1;
2413 ret = write_loose_object(sha1, hdr, hdrlen, buf, len, mtime);
2414 free(buf);
2415
2416 return ret;
2417 }
2418
2419 int has_pack_index(const unsigned char *sha1)
2420 {
2421 struct stat st;
2422 if (stat(sha1_pack_index_name(sha1), &st))
2423 return 0;
2424 return 1;
2425 }
2426
2427 int has_sha1_pack(const unsigned char *sha1)
2428 {
2429 struct pack_entry e;
2430 return find_pack_entry(sha1, &e);
2431 }
2432
2433 int has_sha1_file(const unsigned char *sha1)
2434 {
2435 struct pack_entry e;
2436
2437 if (find_pack_entry(sha1, &e))
2438 return 1;
2439 return has_loose_object(sha1);
2440 }
2441
2442 static int index_mem(unsigned char *sha1, void *buf, size_t size,
2443 int write_object, enum object_type type, const char *path)
2444 {
2445 int ret, re_allocated = 0;
2446
2447 if (!type)
2448 type = OBJ_BLOB;
2449
2450 /*
2451 * Convert blobs to git internal format
2452 */
2453 if ((type == OBJ_BLOB) && path) {
2454 struct strbuf nbuf = STRBUF_INIT;
2455 if (convert_to_git(path, buf, size, &nbuf,
2456 write_object ? safe_crlf : 0)) {
2457 buf = strbuf_detach(&nbuf, &size);
2458 re_allocated = 1;
2459 }
2460 }
2461
2462 if (write_object)
2463 ret = write_sha1_file(buf, size, typename(type), sha1);
2464 else
2465 ret = hash_sha1_file(buf, size, typename(type), sha1);
2466 if (re_allocated)
2467 free(buf);
2468 return ret;
2469 }
2470
2471 #define SMALL_FILE_SIZE (32*1024)
2472
2473 int index_fd(unsigned char *sha1, int fd, struct stat *st, int write_object,
2474 enum object_type type, const char *path)
2475 {
2476 int ret;
2477 size_t size = xsize_t(st->st_size);
2478
2479 if (!S_ISREG(st->st_mode)) {
2480 struct strbuf sbuf = STRBUF_INIT;
2481 if (strbuf_read(&sbuf, fd, 4096) >= 0)
2482 ret = index_mem(sha1, sbuf.buf, sbuf.len, write_object,
2483 type, path);
2484 else
2485 ret = -1;
2486 strbuf_release(&sbuf);
2487 } else if (size <= SMALL_FILE_SIZE) {
2488 char *buf = xmalloc(size);
2489 if (size == read_in_full(fd, buf, size))
2490 ret = index_mem(sha1, buf, size, write_object, type,
2491 path);
2492 else
2493 ret = error("short read %s", strerror(errno));
2494 free(buf);
2495 } else if (size) {
2496 void *buf = xmmap(NULL, size, PROT_READ, MAP_PRIVATE, fd, 0);
2497 ret = index_mem(sha1, buf, size, write_object, type, path);
2498 munmap(buf, size);
2499 } else
2500 ret = index_mem(sha1, NULL, size, write_object, type, path);
2501 close(fd);
2502 return ret;
2503 }
2504
2505 int index_path(unsigned char *sha1, const char *path, struct stat *st, int write_object)
2506 {
2507 int fd;
2508 struct strbuf sb = STRBUF_INIT;
2509
2510 switch (st->st_mode & S_IFMT) {
2511 case S_IFREG:
2512 fd = open(path, O_RDONLY);
2513 if (fd < 0)
2514 return error("open(\"%s\"): %s", path,
2515 strerror(errno));
2516 if (index_fd(sha1, fd, st, write_object, OBJ_BLOB, path) < 0)
2517 return error("%s: failed to insert into database",
2518 path);
2519 break;
2520 case S_IFLNK:
2521 if (strbuf_readlink(&sb, path, st->st_size)) {
2522 char *errstr = strerror(errno);
2523 return error("readlink(\"%s\"): %s", path,
2524 errstr);
2525 }
2526 if (!write_object)
2527 hash_sha1_file(sb.buf, sb.len, blob_type, sha1);
2528 else if (write_sha1_file(sb.buf, sb.len, blob_type, sha1))
2529 return error("%s: failed to insert into database",
2530 path);
2531 strbuf_release(&sb);
2532 break;
2533 case S_IFDIR:
2534 return resolve_gitlink_ref(path, "HEAD", sha1);
2535 default:
2536 return error("%s: unsupported file type", path);
2537 }
2538 return 0;
2539 }
2540
2541 int read_pack_header(int fd, struct pack_header *header)
2542 {
2543 if (read_in_full(fd, header, sizeof(*header)) < sizeof(*header))
2544 /* "eof before pack header was fully read" */
2545 return PH_ERROR_EOF;
2546
2547 if (header->hdr_signature != htonl(PACK_SIGNATURE))
2548 /* "protocol error (pack signature mismatch detected)" */
2549 return PH_ERROR_PACK_SIGNATURE;
2550 if (!pack_version_ok(header->hdr_version))
2551 /* "protocol error (pack version unsupported)" */
2552 return PH_ERROR_PROTOCOL;
2553 return 0;
2554 }