1 /*
2 * Copyright (C) the libgit2 contributors. All rights reserved.
3 *
4 * This file is part of libgit2, distributed under the GNU GPL v2 with
5 * a Linking Exception. For full terms see the included COPYING file.
6 */
7
8 #include "filebuf.h"
9
10 #include "futils.h"
11
12 static const size_t WRITE_BUFFER_SIZE = (4096 * 2);
13
14 enum buferr_t {
15 BUFERR_OK = 0,
16 BUFERR_WRITE,
17 BUFERR_ZLIB,
18 BUFERR_MEM
19 };
20
21 #define ENSURE_BUF_OK(buf) if ((buf)->last_error != BUFERR_OK) { return -1; }
22
verify_last_error(git_filebuf * file)23 static int verify_last_error(git_filebuf *file)
24 {
25 switch (file->last_error) {
26 case BUFERR_WRITE:
27 git_error_set(GIT_ERROR_OS, "failed to write out file");
28 return -1;
29
30 case BUFERR_MEM:
31 git_error_set_oom();
32 return -1;
33
34 case BUFERR_ZLIB:
35 git_error_set(GIT_ERROR_ZLIB,
36 "Buffer error when writing out ZLib data");
37 return -1;
38
39 default:
40 return 0;
41 }
42 }
43
lock_file(git_filebuf * file,int flags,mode_t mode)44 static int lock_file(git_filebuf *file, int flags, mode_t mode)
45 {
46 if (git_path_exists(file->path_lock) == true) {
47 git_error_clear(); /* actual OS error code just confuses */
48 git_error_set(GIT_ERROR_OS,
49 "failed to lock file '%s' for writing", file->path_lock);
50 return GIT_ELOCKED;
51 }
52
53 /* create path to the file buffer is required */
54 if (flags & GIT_FILEBUF_CREATE_LEADING_DIRS) {
55 /* XXX: Should dirmode here be configurable? Or is 0777 always fine? */
56 file->fd = git_futils_creat_locked_withpath(file->path_lock, 0777, mode);
57 } else {
58 file->fd = git_futils_creat_locked(file->path_lock, mode);
59 }
60
61 if (file->fd < 0)
62 return file->fd;
63
64 file->fd_is_open = true;
65
66 if ((flags & GIT_FILEBUF_APPEND) && git_path_exists(file->path_original) == true) {
67 git_file source;
68 char buffer[FILEIO_BUFSIZE];
69 ssize_t read_bytes;
70 int error = 0;
71
72 source = p_open(file->path_original, O_RDONLY);
73 if (source < 0) {
74 git_error_set(GIT_ERROR_OS,
75 "failed to open file '%s' for reading",
76 file->path_original);
77 return -1;
78 }
79
80 while ((read_bytes = p_read(source, buffer, sizeof(buffer))) > 0) {
81 if ((error = p_write(file->fd, buffer, read_bytes)) < 0)
82 break;
83 if (file->compute_digest)
84 git_hash_update(&file->digest, buffer, read_bytes);
85 }
86
87 p_close(source);
88
89 if (read_bytes < 0) {
90 git_error_set(GIT_ERROR_OS, "failed to read file '%s'", file->path_original);
91 return -1;
92 } else if (error < 0) {
93 git_error_set(GIT_ERROR_OS, "failed to write file '%s'", file->path_lock);
94 return -1;
95 }
96 }
97
98 return 0;
99 }
100
git_filebuf_cleanup(git_filebuf * file)101 void git_filebuf_cleanup(git_filebuf *file)
102 {
103 if (file->fd_is_open && file->fd >= 0)
104 p_close(file->fd);
105
106 if (file->created_lock && !file->did_rename && file->path_lock && git_path_exists(file->path_lock))
107 p_unlink(file->path_lock);
108
109 if (file->compute_digest) {
110 git_hash_ctx_cleanup(&file->digest);
111 file->compute_digest = 0;
112 }
113
114 if (file->buffer)
115 git__free(file->buffer);
116
117 /* use the presence of z_buf to decide if we need to deflateEnd */
118 if (file->z_buf) {
119 git__free(file->z_buf);
120 deflateEnd(&file->zs);
121 }
122
123 if (file->path_original)
124 git__free(file->path_original);
125 if (file->path_lock)
126 git__free(file->path_lock);
127
128 memset(file, 0x0, sizeof(git_filebuf));
129 file->fd = -1;
130 }
131
flush_buffer(git_filebuf * file)132 GIT_INLINE(int) flush_buffer(git_filebuf *file)
133 {
134 int result = file->write(file, file->buffer, file->buf_pos);
135 file->buf_pos = 0;
136 return result;
137 }
138
git_filebuf_flush(git_filebuf * file)139 int git_filebuf_flush(git_filebuf *file)
140 {
141 return flush_buffer(file);
142 }
143
write_normal(git_filebuf * file,void * source,size_t len)144 static int write_normal(git_filebuf *file, void *source, size_t len)
145 {
146 if (len > 0) {
147 if (p_write(file->fd, (void *)source, len) < 0) {
148 file->last_error = BUFERR_WRITE;
149 return -1;
150 }
151
152 if (file->compute_digest)
153 git_hash_update(&file->digest, source, len);
154 }
155
156 return 0;
157 }
158
write_deflate(git_filebuf * file,void * source,size_t len)159 static int write_deflate(git_filebuf *file, void *source, size_t len)
160 {
161 z_stream *zs = &file->zs;
162
163 if (len > 0 || file->flush_mode == Z_FINISH) {
164 zs->next_in = source;
165 zs->avail_in = (uInt)len;
166
167 do {
168 size_t have;
169
170 zs->next_out = file->z_buf;
171 zs->avail_out = (uInt)file->buf_size;
172
173 if (deflate(zs, file->flush_mode) == Z_STREAM_ERROR) {
174 file->last_error = BUFERR_ZLIB;
175 return -1;
176 }
177
178 have = file->buf_size - (size_t)zs->avail_out;
179
180 if (p_write(file->fd, file->z_buf, have) < 0) {
181 file->last_error = BUFERR_WRITE;
182 return -1;
183 }
184
185 } while (zs->avail_out == 0);
186
187 GIT_ASSERT(zs->avail_in == 0);
188
189 if (file->compute_digest)
190 git_hash_update(&file->digest, source, len);
191 }
192
193 return 0;
194 }
195
196 #define MAX_SYMLINK_DEPTH 5
197
resolve_symlink(git_buf * out,const char * path)198 static int resolve_symlink(git_buf *out, const char *path)
199 {
200 int i, error, root;
201 ssize_t ret;
202 struct stat st;
203 git_buf curpath = GIT_BUF_INIT, target = GIT_BUF_INIT;
204
205 if ((error = git_buf_grow(&target, GIT_PATH_MAX + 1)) < 0 ||
206 (error = git_buf_puts(&curpath, path)) < 0)
207 return error;
208
209 for (i = 0; i < MAX_SYMLINK_DEPTH; i++) {
210 error = p_lstat(curpath.ptr, &st);
211 if (error < 0 && errno == ENOENT) {
212 error = git_buf_puts(out, curpath.ptr);
213 goto cleanup;
214 }
215
216 if (error < 0) {
217 git_error_set(GIT_ERROR_OS, "failed to stat '%s'", curpath.ptr);
218 error = -1;
219 goto cleanup;
220 }
221
222 if (!S_ISLNK(st.st_mode)) {
223 error = git_buf_puts(out, curpath.ptr);
224 goto cleanup;
225 }
226
227 ret = p_readlink(curpath.ptr, target.ptr, GIT_PATH_MAX);
228 if (ret < 0) {
229 git_error_set(GIT_ERROR_OS, "failed to read symlink '%s'", curpath.ptr);
230 error = -1;
231 goto cleanup;
232 }
233
234 if (ret == GIT_PATH_MAX) {
235 git_error_set(GIT_ERROR_INVALID, "symlink target too long");
236 error = -1;
237 goto cleanup;
238 }
239
240 /* readlink(2) won't NUL-terminate for us */
241 target.ptr[ret] = '\0';
242 target.size = ret;
243
244 root = git_path_root(target.ptr);
245 if (root >= 0) {
246 if ((error = git_buf_sets(&curpath, target.ptr)) < 0)
247 goto cleanup;
248 } else {
249 git_buf dir = GIT_BUF_INIT;
250
251 if ((error = git_path_dirname_r(&dir, curpath.ptr)) < 0)
252 goto cleanup;
253
254 git_buf_swap(&curpath, &dir);
255 git_buf_dispose(&dir);
256
257 if ((error = git_path_apply_relative(&curpath, target.ptr)) < 0)
258 goto cleanup;
259 }
260 }
261
262 git_error_set(GIT_ERROR_INVALID, "maximum symlink depth reached");
263 error = -1;
264
265 cleanup:
266 git_buf_dispose(&curpath);
267 git_buf_dispose(&target);
268 return error;
269 }
270
git_filebuf_open(git_filebuf * file,const char * path,int flags,mode_t mode)271 int git_filebuf_open(git_filebuf *file, const char *path, int flags, mode_t mode)
272 {
273 return git_filebuf_open_withsize(file, path, flags, mode, WRITE_BUFFER_SIZE);
274 }
275
git_filebuf_open_withsize(git_filebuf * file,const char * path,int flags,mode_t mode,size_t size)276 int git_filebuf_open_withsize(git_filebuf *file, const char *path, int flags, mode_t mode, size_t size)
277 {
278 int compression, error = -1;
279 size_t path_len, alloc_len;
280
281 GIT_ASSERT_ARG(file);
282 GIT_ASSERT_ARG(path);
283 GIT_ASSERT(file->buffer == NULL);
284
285 memset(file, 0x0, sizeof(git_filebuf));
286
287 if (flags & GIT_FILEBUF_DO_NOT_BUFFER)
288 file->do_not_buffer = true;
289
290 if (flags & GIT_FILEBUF_FSYNC)
291 file->do_fsync = true;
292
293 file->buf_size = size;
294 file->buf_pos = 0;
295 file->fd = -1;
296 file->last_error = BUFERR_OK;
297
298 /* Allocate the main cache buffer */
299 if (!file->do_not_buffer) {
300 file->buffer = git__malloc(file->buf_size);
301 GIT_ERROR_CHECK_ALLOC(file->buffer);
302 }
303
304 /* If we are hashing on-write, allocate a new hash context */
305 if (flags & GIT_FILEBUF_HASH_CONTENTS) {
306 file->compute_digest = 1;
307
308 if (git_hash_ctx_init(&file->digest) < 0)
309 goto cleanup;
310 }
311
312 compression = flags >> GIT_FILEBUF_DEFLATE_SHIFT;
313
314 /* If we are deflating on-write, */
315 if (compression != 0) {
316 /* Initialize the ZLib stream */
317 if (deflateInit(&file->zs, compression) != Z_OK) {
318 git_error_set(GIT_ERROR_ZLIB, "failed to initialize zlib");
319 goto cleanup;
320 }
321
322 /* Allocate the Zlib cache buffer */
323 file->z_buf = git__malloc(file->buf_size);
324 GIT_ERROR_CHECK_ALLOC(file->z_buf);
325
326 /* Never flush */
327 file->flush_mode = Z_NO_FLUSH;
328 file->write = &write_deflate;
329 } else {
330 file->write = &write_normal;
331 }
332
333 /* If we are writing to a temp file */
334 if (flags & GIT_FILEBUF_TEMPORARY) {
335 git_buf tmp_path = GIT_BUF_INIT;
336
337 /* Open the file as temporary for locking */
338 file->fd = git_futils_mktmp(&tmp_path, path, mode);
339
340 if (file->fd < 0) {
341 git_buf_dispose(&tmp_path);
342 goto cleanup;
343 }
344 file->fd_is_open = true;
345 file->created_lock = true;
346
347 /* No original path */
348 file->path_original = NULL;
349 file->path_lock = git_buf_detach(&tmp_path);
350 GIT_ERROR_CHECK_ALLOC(file->path_lock);
351 } else {
352 git_buf resolved_path = GIT_BUF_INIT;
353
354 if ((error = resolve_symlink(&resolved_path, path)) < 0)
355 goto cleanup;
356
357 /* Save the original path of the file */
358 path_len = resolved_path.size;
359 file->path_original = git_buf_detach(&resolved_path);
360
361 /* create the locking path by appending ".lock" to the original */
362 GIT_ERROR_CHECK_ALLOC_ADD(&alloc_len, path_len, GIT_FILELOCK_EXTLENGTH);
363 file->path_lock = git__malloc(alloc_len);
364 GIT_ERROR_CHECK_ALLOC(file->path_lock);
365
366 memcpy(file->path_lock, file->path_original, path_len);
367 memcpy(file->path_lock + path_len, GIT_FILELOCK_EXTENSION, GIT_FILELOCK_EXTLENGTH);
368
369 if (git_path_isdir(file->path_original)) {
370 git_error_set(GIT_ERROR_FILESYSTEM, "path '%s' is a directory", file->path_original);
371 error = GIT_EDIRECTORY;
372 goto cleanup;
373 }
374
375 /* open the file for locking */
376 if ((error = lock_file(file, flags, mode)) < 0)
377 goto cleanup;
378
379 file->created_lock = true;
380 }
381
382 return 0;
383
384 cleanup:
385 git_filebuf_cleanup(file);
386 return error;
387 }
388
git_filebuf_hash(git_oid * oid,git_filebuf * file)389 int git_filebuf_hash(git_oid *oid, git_filebuf *file)
390 {
391 GIT_ASSERT_ARG(oid);
392 GIT_ASSERT_ARG(file);
393 GIT_ASSERT_ARG(file->compute_digest);
394
395 flush_buffer(file);
396
397 if (verify_last_error(file) < 0)
398 return -1;
399
400 git_hash_final(oid, &file->digest);
401 git_hash_ctx_cleanup(&file->digest);
402 file->compute_digest = 0;
403
404 return 0;
405 }
406
git_filebuf_commit_at(git_filebuf * file,const char * path)407 int git_filebuf_commit_at(git_filebuf *file, const char *path)
408 {
409 git__free(file->path_original);
410 file->path_original = git__strdup(path);
411 GIT_ERROR_CHECK_ALLOC(file->path_original);
412
413 return git_filebuf_commit(file);
414 }
415
git_filebuf_commit(git_filebuf * file)416 int git_filebuf_commit(git_filebuf *file)
417 {
418 /* temporary files cannot be committed */
419 GIT_ASSERT_ARG(file);
420 GIT_ASSERT(file->path_original);
421
422 file->flush_mode = Z_FINISH;
423 flush_buffer(file);
424
425 if (verify_last_error(file) < 0)
426 goto on_error;
427
428 file->fd_is_open = false;
429
430 if (file->do_fsync && p_fsync(file->fd) < 0) {
431 git_error_set(GIT_ERROR_OS, "failed to fsync '%s'", file->path_lock);
432 goto on_error;
433 }
434
435 if (p_close(file->fd) < 0) {
436 git_error_set(GIT_ERROR_OS, "failed to close file at '%s'", file->path_lock);
437 goto on_error;
438 }
439
440 file->fd = -1;
441
442 if (p_rename(file->path_lock, file->path_original) < 0) {
443 git_error_set(GIT_ERROR_OS, "failed to rename lockfile to '%s'", file->path_original);
444 goto on_error;
445 }
446
447 if (file->do_fsync && git_futils_fsync_parent(file->path_original) < 0)
448 goto on_error;
449
450 file->did_rename = true;
451
452 git_filebuf_cleanup(file);
453 return 0;
454
455 on_error:
456 git_filebuf_cleanup(file);
457 return -1;
458 }
459
add_to_cache(git_filebuf * file,const void * buf,size_t len)460 GIT_INLINE(void) add_to_cache(git_filebuf *file, const void *buf, size_t len)
461 {
462 memcpy(file->buffer + file->buf_pos, buf, len);
463 file->buf_pos += len;
464 }
465
git_filebuf_write(git_filebuf * file,const void * buff,size_t len)466 int git_filebuf_write(git_filebuf *file, const void *buff, size_t len)
467 {
468 const unsigned char *buf = buff;
469
470 ENSURE_BUF_OK(file);
471
472 if (file->do_not_buffer)
473 return file->write(file, (void *)buff, len);
474
475 for (;;) {
476 size_t space_left = file->buf_size - file->buf_pos;
477
478 /* cache if it's small */
479 if (space_left > len) {
480 add_to_cache(file, buf, len);
481 return 0;
482 }
483
484 add_to_cache(file, buf, space_left);
485 if (flush_buffer(file) < 0)
486 return -1;
487
488 len -= space_left;
489 buf += space_left;
490 }
491 }
492
git_filebuf_reserve(git_filebuf * file,void ** buffer,size_t len)493 int git_filebuf_reserve(git_filebuf *file, void **buffer, size_t len)
494 {
495 size_t space_left = file->buf_size - file->buf_pos;
496
497 *buffer = NULL;
498
499 ENSURE_BUF_OK(file);
500
501 if (len > file->buf_size) {
502 file->last_error = BUFERR_MEM;
503 return -1;
504 }
505
506 if (space_left <= len) {
507 if (flush_buffer(file) < 0)
508 return -1;
509 }
510
511 *buffer = (file->buffer + file->buf_pos);
512 file->buf_pos += len;
513
514 return 0;
515 }
516
git_filebuf_printf(git_filebuf * file,const char * format,...)517 int git_filebuf_printf(git_filebuf *file, const char *format, ...)
518 {
519 va_list arglist;
520 size_t space_left, len, alloclen;
521 int written, res;
522 char *tmp_buffer;
523
524 ENSURE_BUF_OK(file);
525
526 space_left = file->buf_size - file->buf_pos;
527
528 do {
529 va_start(arglist, format);
530 written = p_vsnprintf((char *)file->buffer + file->buf_pos, space_left, format, arglist);
531 va_end(arglist);
532
533 if (written < 0) {
534 file->last_error = BUFERR_MEM;
535 return -1;
536 }
537
538 len = written;
539 if (len + 1 <= space_left) {
540 file->buf_pos += len;
541 return 0;
542 }
543
544 if (flush_buffer(file) < 0)
545 return -1;
546
547 space_left = file->buf_size - file->buf_pos;
548
549 } while (len + 1 <= space_left);
550
551 if (GIT_ADD_SIZET_OVERFLOW(&alloclen, len, 1) ||
552 !(tmp_buffer = git__malloc(alloclen))) {
553 file->last_error = BUFERR_MEM;
554 return -1;
555 }
556
557 va_start(arglist, format);
558 written = p_vsnprintf(tmp_buffer, len + 1, format, arglist);
559 va_end(arglist);
560
561 if (written < 0) {
562 git__free(tmp_buffer);
563 file->last_error = BUFERR_MEM;
564 return -1;
565 }
566
567 res = git_filebuf_write(file, tmp_buffer, len);
568 git__free(tmp_buffer);
569
570 return res;
571 }
572
git_filebuf_stats(time_t * mtime,size_t * size,git_filebuf * file)573 int git_filebuf_stats(time_t *mtime, size_t *size, git_filebuf *file)
574 {
575 int res;
576 struct stat st;
577
578 if (file->fd_is_open)
579 res = p_fstat(file->fd, &st);
580 else
581 res = p_stat(file->path_original, &st);
582
583 if (res < 0) {
584 git_error_set(GIT_ERROR_OS, "could not get stat info for '%s'",
585 file->path_original);
586 return res;
587 }
588
589 if (mtime)
590 *mtime = st.st_mtime;
591 if (size)
592 *size = (size_t)st.st_size;
593
594 return 0;
595 }
596