| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Make our overflow checking look more like gcc and clang's, so that
we can substitute it out with the compiler instrinsics on platforms
that support it. This means dropping the ability to pass `NULL` as
an out parameter.
As a result, the macros also get updated to reflect this as well.
|
| |
|
|
|
|
| |
Use `size_t` to hold the size of arrays to ease overflow checking,
lest we check for overflow of a `size_t` then promptly truncate
by packing the length into a smaller type.
|
| |
|
|
|
| |
Introduce some helper macros to test integer overflow from arithmetic
and set error message appropriately.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When renaming a lock file to its final location, we need to make sure
that it is replaced atomically.
We currently have a workaround for Windows by removing the target file.
This means that the target file, which may be a ref or a packfile, may
cease to exist for a short wile, which shold be avoided.
Implement the workaround only in Windows, by making sure that the file
we want to replace is writable.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Report the index being locked with its own error code in order to be
able to differentiate, as a locked index is typically the result of a
crashed process or concurrent access, both of which often require user
intervention to fix.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a new API that allows users to reload the config if the
file has changed on disk. A new config callback function to
refresh the config was added.
The modified time and file size are used to test if the file needs
to be reloaded (and are now stored in the disk backend object).
In writing tests, just using mtime was a problem / race, so I
wanted to check file size as well. To support that, I extended
`git_futils_readbuffer_updated` to optionally check file size in
addition to mtime, and I added a new function `git_filebuf_stats`
to fetch the mtime and size for an open filebuf (so that the
config could be easily refreshed after a write).
Lastly, I moved some similar file checking code for attributes
into filebuf. It is still only being used for attrs, but it
seems potentially reusable, so I thought I'd move it over.
|
| | |
|
| |
|
|
|
|
| |
Just clean up valgrind warnings about uninitialized memory
and also clear out errno in some cases where it results in
a false error message being generated at a later point.
|
| | |
|
| | |
|
| |
|
|
|
| |
The new indexer needs to be able to bypass any kind of buffering, as
it's trying to map data that it has just written to disk.
|
| |
|
|
|
| |
Also cleaned up some previously converted code that still had
little things to polish.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This migrates odb.c, odb_loose.c, odb_pack.c and pack.c to
the new style of error handling. Also got the unix and win32
versions of map.c. There are some minor changes to other
files but no others were completely converted.
This also contains an update to filebuf so that a zeroed out
filebuf will not think that the fd (== 0) is actually open
(and inadvertently call close() on fd 0 if cleaned up).
Lastly, this was built and tested on win32 and contains a
bunch of fixes for the win32 build which was pretty broken.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Includes:
- Proper error reporting when encountering syntax errors in a
config file (file, line number, column).
- Rewritten `config_write`, now with 99% less goto-spaghetti
- Error state in `git_filebuf`: filebuf write functions no longer
need to be checked for error returns. If any of the writes performed
on a buffer fail, the last call to `git_filebuf_commit` or
`git_filebuf_hash` will fail accordingly and set the appropiate error
message. Baller!
|
| |
|
|
|
|
| |
Ended up migrating a bunch of upstream functions as well
including vector, attr_file, and odb in order to get this
to work right.
|
| |
|
|
|
| |
Yes, this is error handling solely for `refs.c`, but some of the
abstractions leak all ofer the code base.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Making a commit that results in a blob that already exists in the ODB (i.e.
committing something, then making a revert commit) will result in us trying
to p_rename -> MoveFileExW a temp file into the existing ODB entry. Despite
the MOVEFILE_REPLACE_EXISTING flag is passed in, Win32 does not care and
fails it with STATUS_ACCESS_DENIED.
To fix this, we p_unlink the ODB entry before attempting to rename it. This
call will typically fail, but we don't care, we'll let the p_rename fail if
the file actually does exist and we couldn't delete it for some reason (ACLs,
etc).
|
| |
|
|
| |
Signed-off-by: schu <schu-github@schulog.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
This takes all of the functions that look up simple data about
paths (such as `git_futils_isdir`) and moves them over to path.h
(becoming `git_path_isdir`). This leaves fileops.h just with
functions that actually manipulate the filesystem or look at
the file contents in some way.
As part of this, the dir.h header which is really just for win32
support was moved into win32 (with some minor changes).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This converts virtually all of the places that allocate GIT_PATH_MAX
buffers on the stack for manipulating paths to use git_buf objects
instead. The patch is pretty careful not to touch the public API
for libgit2, so there are a few places that still use GIT_PATH_MAX.
This extends and changes some details of the git_buf implementation
to add a couple of extra functions and to make error handling easier.
This includes serious alterations to all the path.c functions, and
several of the fileops.c ones, too. Also, there are a number of new
functions that parallel existing ones except that use a git_buf
instead of a stack-based buffer (such as git_config_find_global_r
that exists alongsize git_config_find_global).
This also modifies the win32 version of p_realpath to allocate whatever
buffer size is needed to accommodate the realpath instead of hardcoding
a GIT_PATH_MAX limit, but that change needs to be tested still.
|
| |
|
|
|
|
|
|
| |
Update all stack allocations of git_filebuf to use GIT_FILEBUF_INIT
and make git_filebuf_open and git_filebuf_cleanup safe to be called
multiple times on the same buffer.
Signed-off-by: Vicent Marti <tanoku@gmail.com>
|
| |
|
|
|
|
| |
Move the callers of git_futils_mv_atomic to use p_rename.
Signed-off-by: Carlos Martín Nieto <carlos@cmartin.tk>
|
| |\
| |
| | |
Create objects, indexes, and directories with the right file permissions
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The following files now have 0444 permissions:
- loose objects
- pack indexes
- pack files
- packs downloaded by fetch
- packs downloaded by the HTTP transport
And the following files now have 0666 permissions:
- config files
- repository indexes
- reflogs
- refs
This brings libgit2 more in line with Git.
Note that git_filebuf_commit() and git_filebuf_commit_at() have both
gained a new mode parameter.
The latter change fixes an important issue where filebufs created with
GIT_FILEBUF_TEMPORARY received 0600 permissions (due to mkstemp(3)
usage). Now we chmod() the file before renaming it into place.
Tests have been added to confirm that new commit, tag, and tree
objects are created with the right permissions. I don't have access to
Windows, so for now I've guarded the tests with "#ifndef GIT_WIN32".
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
To further match how Git behaves, this change makes most of the
directories libgit2 creates in a git repo have a file mode of
0777. Specifically:
- Intermediate directories created with git_futils_mkpath2file() have
0777 permissions. This affects odb_loose, reflog, and refs.
- The top level folder for bare repos is created with 0777
permissions.
- The top level folder for non-bare repos is created with 0755
permissions.
- /objects/info/, /objects/pack/, /refs/heads/, and /refs/tags/ are
created with 0777 permissions.
Additionally, the following changes have been made:
- fileops functions that create intermediate directories have grown a
new dirmode parameter. The only exception to this is filebuf's
lock_file(), which unconditionally creates intermediate directories
with 0777 permissions when GIT_FILEBUF_FORCE is set.
- The test runner now sets the umask to 0 before running any
tests. This ensurses all file mode checks are consistent across
systems.
- t09-tree.c now does a directory permissions check. I've avoided
adding this check to other tests that might reuse existing
directories from the prefabricated test repos. Because they're
checked into the repo, they have 0755 permissions.
- Other assorted directories created by tests have 0777 permissions.
|
| |/
|
|
|
| |
Ensure that all memory related functions (malloc, calloc, strdup, free,
etc) are using their respective `git__` wrappers.
|
| | |
|
| |\
| |
| | |
filebuf.c: fix unused-but-set warning
|
| | |
| |
| |
| |
| |
| |
| |
| | |
write_deflate() used to ignore errors by zlib's deflate function when
not compiling in DEBUG mode. Always read $result and throw an error
instead.
Signed-off-by: schu <schu-github@schulog.org>
|
| |/
|
|
|
|
|
|
|
|
| |
1. The license header is technically not valid if it doesn't have a
copyright signature.
2. The COPYING file has been updated with the different licenses used in
the project.
3. The full GPLv2 header in each file annoys me.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
z_stream.next_in is non-const. Although currently Zlib doesn't modify
buffer content on deflate(), it might be change in the future. gzwrite()
already modify it.
To avoid this let's change signature of git_filebuf.write and rework
git_filebuf_write() accordingly.
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
DIRECT WRITES ARE BACK AND FASTER THAN EVER. The streaming writer to the
ODB was an overkill for the smaller objects like Commit and Tags; most
of the streaming logic was taking too long.
This commit makes Commits, Tags and Trees to be built-up in memory, and
then written to disk in 2 pushes (header + data), instead of streaming
everything.
This is *always* faster, even for big files (since the git_filebuf class
still does streaming writes when the memory cache overflows). This is
also a gazillion lines of code smaller, because we don't have to
precompute the final size of the object before starting the stream (this
was kind of defeating the point of streaming, anyway).
Blobs are still written with full streaming instead of loading them in
memory, since this is still the fastest way.
A new `git_buf` class has been added. It's missing some features, but
it'll get there.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Our good, lovely folks at Microsoft decided that there was no good
reason to make `vsnprintf` compilant with the C standard, so that
function in Windows returns -1 on overflow, instead of returning the
actual byte count needed to write the full string.
We now handle this situation more gracefully with the POSIX
compatibility layer, by returning the needed byte size using an
auxiliary method instead of blindly resizing the target buffer until it
fits.
This means we can now support `printf`s of any size by allocating a
temporary buffer. That's good.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cleaned up the structure of the whole OS-abstraction layer.
fileops.c now contains a set of utility methods for file management used
by the library. These are abstractions on top of the original POSIX
calls.
There's a new file called `posix.c` that contains
emulations/reimplementations of all the POSIX calls the library uses.
These are prefixed with `p_`. There's a specific posix file for each
platform (win32 and unix).
All the path-related methods have been moved from `utils.c` to `path.c`
and have their own prefix.
|
| |
|
|
| |
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
|
| |
|
|
| |
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
|
| |
|
|
|
|
|
|
| |
Add a check for the file descriptor in git_filebuf_cleanup. Without
it, an existing lockfile would be deleted if we tried to acquire it
(but failed, as the lockfile already existed).
Signed-off-by: Carlos Martín Nieto <cmn@elego.de>
|
| |
|
|
|
|
|
| |
The filebuf was not being properly written after a flush. This should
cut it now.
Fixes #228
|
