Merge branch 'jk/read-in-full'

Code clean-up to prevent future mistakes by copying and pasting
code that checks the result of read_in_full() function.

* jk/read-in-full:
  worktree: check the result of read_in_full()
  worktree: use xsize_t to access file size
  distinguish error versus short read from read_in_full()
  avoid looking at errno for short read_in_full() returns
  prefer "!=" when checking read_in_full() result
  notes-merge: drop dead zero-write code
  files-backend: prefer "0" for write_in_full() error check
This commit is contained in:
Junio C Hamano 2017-10-03 15:42:49 +09:00
commit cb1083ca23
10 changed files with 55 additions and 17 deletions

View File

@ -26,8 +26,10 @@ int cmd_get_tar_commit_id(int argc, const char **argv, const char *prefix)
usage(builtin_get_tar_commit_id_usage); usage(builtin_get_tar_commit_id_usage);
n = read_in_full(0, buffer, HEADERSIZE); n = read_in_full(0, buffer, HEADERSIZE);
if (n < HEADERSIZE) if (n < 0)
die("git get-tar-commit-id: read error"); die_errno("git get-tar-commit-id: read error");
if (n != HEADERSIZE)
die_errno("git get-tar-commit-id: EOF before reading tar header");
if (header->typeflag[0] != 'g') if (header->typeflag[0] != 'g')
return 1; return 1;
if (!skip_prefix(content, "52 comment=", &comment)) if (!skip_prefix(content, "52 comment=", &comment))

View File

@ -38,7 +38,9 @@ static int prune_worktree(const char *id, struct strbuf *reason)
{ {
struct stat st; struct stat st;
char *path; char *path;
int fd, len; int fd;
size_t len;
ssize_t read_result;
if (!is_directory(git_path("worktrees/%s", id))) { if (!is_directory(git_path("worktrees/%s", id))) {
strbuf_addf(reason, _("Removing worktrees/%s: not a valid directory"), id); strbuf_addf(reason, _("Removing worktrees/%s: not a valid directory"), id);
@ -56,10 +58,26 @@ static int prune_worktree(const char *id, struct strbuf *reason)
id, strerror(errno)); id, strerror(errno));
return 1; return 1;
} }
len = st.st_size; len = xsize_t(st.st_size);
path = xmallocz(len); path = xmallocz(len);
read_in_full(fd, path, len);
read_result = read_in_full(fd, path, len);
if (read_result < 0) {
strbuf_addf(reason, _("Removing worktrees/%s: unable to read gitdir file (%s)"),
id, strerror(errno));
close(fd);
free(path);
return 1;
}
close(fd); close(fd);
if (read_result != len) {
strbuf_addf(reason,
_("Removing worktrees/%s: short read (expected %"PRIuMAX" bytes, read %"PRIuMAX")"),
id, (uintmax_t)len, (uintmax_t)read_result);
free(path);
return 1;
}
while (len && (path[len - 1] == '\n' || path[len - 1] == '\r')) while (len && (path[len - 1] == '\n' || path[len - 1] == '\r'))
len--; len--;
if (!len) { if (!len) {

View File

@ -115,7 +115,10 @@ static int stream_to_pack(struct bulk_checkin_state *state,
if (size && !s.avail_in) { if (size && !s.avail_in) {
ssize_t rsize = size < sizeof(ibuf) ? size : sizeof(ibuf); ssize_t rsize = size < sizeof(ibuf) ? size : sizeof(ibuf);
if (read_in_full(fd, ibuf, rsize) != rsize) ssize_t read_result = read_in_full(fd, ibuf, rsize);
if (read_result < 0)
die_errno("failed to read from '%s'", path);
if (read_result != rsize)
die("failed to read %d bytes from '%s'", die("failed to read %d bytes from '%s'",
(int)rsize, path); (int)rsize, path);
offset += rsize; offset += rsize;

View File

@ -19,7 +19,7 @@ static void flush(struct sha1file *f, const void *buf, unsigned int count)
if (ret < 0) if (ret < 0)
die_errno("%s: sha1 file read error", f->name); die_errno("%s: sha1 file read error", f->name);
if (ret < count) if (ret != count)
die("%s: sha1 file truncated", f->name); die("%s: sha1 file truncated", f->name);
if (memcmp(buf, check_buffer, count)) if (memcmp(buf, check_buffer, count))
die("sha1 file '%s' validation error", f->name); die("sha1 file '%s' validation error", f->name);

View File

@ -308,8 +308,6 @@ static void write_buf_to_worktree(const struct object_id *obj,
if (errno == EPIPE) if (errno == EPIPE)
break; break;
die_errno("notes-merge"); die_errno("notes-merge");
} else if (!ret) {
die("notes-merge: disk full?");
} }
size -= ret; size -= ret;
buf += ret; buf += ret;

View File

@ -213,14 +213,19 @@ void fixup_pack_header_footer(int pack_fd,
git_SHA_CTX old_sha1_ctx, new_sha1_ctx; git_SHA_CTX old_sha1_ctx, new_sha1_ctx;
struct pack_header hdr; struct pack_header hdr;
char *buf; char *buf;
ssize_t read_result;
git_SHA1_Init(&old_sha1_ctx); git_SHA1_Init(&old_sha1_ctx);
git_SHA1_Init(&new_sha1_ctx); git_SHA1_Init(&new_sha1_ctx);
if (lseek(pack_fd, 0, SEEK_SET) != 0) if (lseek(pack_fd, 0, SEEK_SET) != 0)
die_errno("Failed seeking to start of '%s'", pack_name); die_errno("Failed seeking to start of '%s'", pack_name);
if (read_in_full(pack_fd, &hdr, sizeof(hdr)) != sizeof(hdr)) read_result = read_in_full(pack_fd, &hdr, sizeof(hdr));
if (read_result < 0)
die_errno("Unable to reread header of '%s'", pack_name); die_errno("Unable to reread header of '%s'", pack_name);
else if (read_result != sizeof(hdr))
die_errno("Unexpected short read for header of '%s'",
pack_name);
if (lseek(pack_fd, 0, SEEK_SET) != 0) if (lseek(pack_fd, 0, SEEK_SET) != 0)
die_errno("Failed seeking to start of '%s'", pack_name); die_errno("Failed seeking to start of '%s'", pack_name);
git_SHA1_Update(&old_sha1_ctx, &hdr, sizeof(hdr)); git_SHA1_Update(&old_sha1_ctx, &hdr, sizeof(hdr));

View File

@ -442,6 +442,7 @@ static int open_packed_git_1(struct packed_git *p)
unsigned char sha1[20]; unsigned char sha1[20];
unsigned char *idx_sha1; unsigned char *idx_sha1;
long fd_flag; long fd_flag;
ssize_t read_result;
if (!p->index_data && open_pack_index(p)) if (!p->index_data && open_pack_index(p))
return error("packfile %s index unavailable", p->pack_name); return error("packfile %s index unavailable", p->pack_name);
@ -483,7 +484,10 @@ static int open_packed_git_1(struct packed_git *p)
return error("cannot set FD_CLOEXEC"); return error("cannot set FD_CLOEXEC");
/* Verify we recognize this pack file format. */ /* Verify we recognize this pack file format. */
if (read_in_full(p->pack_fd, &hdr, sizeof(hdr)) != sizeof(hdr)) read_result = read_in_full(p->pack_fd, &hdr, sizeof(hdr));
if (read_result < 0)
return error_errno("error reading from %s", p->pack_name);
if (read_result != sizeof(hdr))
return error("file %s is far too short to be a packfile", p->pack_name); return error("file %s is far too short to be a packfile", p->pack_name);
if (hdr.hdr_signature != htonl(PACK_SIGNATURE)) if (hdr.hdr_signature != htonl(PACK_SIGNATURE))
return error("file %s is not a GIT packfile", p->pack_name); return error("file %s is not a GIT packfile", p->pack_name);
@ -500,7 +504,10 @@ static int open_packed_git_1(struct packed_git *p)
p->num_objects); p->num_objects);
if (lseek(p->pack_fd, p->pack_size - sizeof(sha1), SEEK_SET) == -1) if (lseek(p->pack_fd, p->pack_size - sizeof(sha1), SEEK_SET) == -1)
return error("end of packfile %s is unavailable", p->pack_name); return error("end of packfile %s is unavailable", p->pack_name);
if (read_in_full(p->pack_fd, sha1, sizeof(sha1)) != sizeof(sha1)) read_result = read_in_full(p->pack_fd, sha1, sizeof(sha1));
if (read_result < 0)
return error_errno("error reading from %s", p->pack_name);
if (read_result != sizeof(sha1))
return error("packfile %s signature is unavailable", p->pack_name); return error("packfile %s signature is unavailable", p->pack_name);
idx_sha1 = ((unsigned char *)p->index_data) + p->index_size - 40; idx_sha1 = ((unsigned char *)p->index_data) + p->index_size - 40;
if (hashcmp(sha1, idx_sha1)) if (hashcmp(sha1, idx_sha1))

View File

@ -258,7 +258,7 @@ static int get_packet_data(int fd, char **src_buf, size_t *src_size,
} }
/* And complain if we didn't get enough bytes to satisfy the read. */ /* And complain if we didn't get enough bytes to satisfy the read. */
if (ret < size) { if (ret != size) {
if (options & PACKET_READ_GENTLE_ON_EOF) if (options & PACKET_READ_GENTLE_ON_EOF)
return -1; return -1;

View File

@ -3035,7 +3035,7 @@ static int files_reflog_expire(struct ref_store *ref_store,
} else if (update && } else if (update &&
(write_in_full(get_lock_file_fd(&lock->lk), (write_in_full(get_lock_file_fd(&lock->lk),
oid_to_hex(&cb.last_kept_oid), GIT_SHA1_HEXSZ) < 0 || oid_to_hex(&cb.last_kept_oid), GIT_SHA1_HEXSZ) < 0 ||
write_str_in_full(get_lock_file_fd(&lock->lk), "\n") < 1 || write_str_in_full(get_lock_file_fd(&lock->lk), "\n") < 0 ||
close_ref_gently(lock) < 0)) { close_ref_gently(lock) < 0)) {
status |= error("couldn't write %s", status |= error("couldn't write %s",
get_lock_file_path(&lock->lk)); get_lock_file_path(&lock->lk));

View File

@ -1748,10 +1748,15 @@ static int index_core(unsigned char *sha1, int fd, size_t size,
ret = index_mem(sha1, "", size, type, path, flags); ret = index_mem(sha1, "", size, type, path, flags);
} else if (size <= SMALL_FILE_SIZE) { } else if (size <= SMALL_FILE_SIZE) {
char *buf = xmalloc(size); char *buf = xmalloc(size);
if (size == read_in_full(fd, buf, size)) ssize_t read_result = read_in_full(fd, buf, size);
ret = index_mem(sha1, buf, size, type, path, flags); if (read_result < 0)
ret = error_errno("read error while indexing %s",
path ? path : "<unknown>");
else if (read_result != size)
ret = error("short read while indexing %s",
path ? path : "<unknown>");
else else
ret = error_errno("short read"); ret = index_mem(sha1, buf, size, type, path, flags);
free(buf); free(buf);
} else { } else {
void *buf = xmmap(NULL, size, PROT_READ, MAP_PRIVATE, fd, 0); void *buf = xmmap(NULL, size, PROT_READ, MAP_PRIVATE, fd, 0);