summaryrefslogtreecommitdiff
path: root/pack-write.c
diff options
context:
space:
mode:
authorLibravatar Junio C Hamano <gitster@pobox.com>2008-09-10 02:12:47 -0700
committerLibravatar Junio C Hamano <gitster@pobox.com>2008-09-10 02:12:47 -0700
commit9f35e5fd544ab87488b12d9b97be983303e58bd2 (patch)
treef6ca65df4786bcb9bf615684455139feeb5e8c7f /pack-write.c
parentUpdate draft release notes for 1.6.0.2 (diff)
parentfixup_pack_header_footer(): use nicely aligned buffer sizes (diff)
downloadtgif-9f35e5fd544ab87488b12d9b97be983303e58bd2.tar.xz
Merge branch 'np/maint-safer-pack' into maint
* np/maint-safer-pack: fixup_pack_header_footer(): use nicely aligned buffer sizes index-pack: use fixup_pack_header_footer()'s validation mode pack-objects: use fixup_pack_header_footer()'s validation mode improve reliability of fixup_pack_header_footer() pack-objects: improve returned information from write_one()
Diffstat (limited to 'pack-write.c')
-rw-r--r--pack-write.c78
1 files changed, 65 insertions, 13 deletions
diff --git a/pack-write.c b/pack-write.c
index ddcfd37af2..939ed56362 100644
--- a/pack-write.c
+++ b/pack-write.c
@@ -144,41 +144,93 @@ char *write_idx_file(char *index_name, struct pack_idx_entry **objects,
return index_name;
}
+/*
+ * Update pack header with object_count and compute new SHA1 for pack data
+ * associated to pack_fd, and write that SHA1 at the end. That new SHA1
+ * is also returned in new_pack_sha1.
+ *
+ * If partial_pack_sha1 is non null, then the SHA1 of the existing pack
+ * (without the header update) is computed and validated against the
+ * one provided in partial_pack_sha1. The validation is performed at
+ * partial_pack_offset bytes in the pack file. The SHA1 of the remaining
+ * data (i.e. from partial_pack_offset to the end) is then computed and
+ * returned in partial_pack_sha1.
+ *
+ * Note that new_pack_sha1 is updated last, so both new_pack_sha1 and
+ * partial_pack_sha1 can refer to the same buffer if the caller is not
+ * interested in the resulting SHA1 of pack data above partial_pack_offset.
+ */
void fixup_pack_header_footer(int pack_fd,
- unsigned char *pack_file_sha1,
+ unsigned char *new_pack_sha1,
const char *pack_name,
- uint32_t object_count)
+ uint32_t object_count,
+ unsigned char *partial_pack_sha1,
+ off_t partial_pack_offset)
{
- static const int buf_sz = 128 * 1024;
- SHA_CTX c;
+ int aligned_sz, buf_sz = 8 * 1024;
+ SHA_CTX old_sha1_ctx, new_sha1_ctx;
struct pack_header hdr;
char *buf;
+ SHA1_Init(&old_sha1_ctx);
+ SHA1_Init(&new_sha1_ctx);
+
if (lseek(pack_fd, 0, SEEK_SET) != 0)
- die("Failed seeking to start: %s", strerror(errno));
+ die("Failed seeking to start of %s: %s", pack_name, strerror(errno));
if (read_in_full(pack_fd, &hdr, sizeof(hdr)) != sizeof(hdr))
die("Unable to reread header of %s: %s", pack_name, strerror(errno));
if (lseek(pack_fd, 0, SEEK_SET) != 0)
- die("Failed seeking to start: %s", strerror(errno));
+ die("Failed seeking to start of %s: %s", pack_name, strerror(errno));
+ SHA1_Update(&old_sha1_ctx, &hdr, sizeof(hdr));
hdr.hdr_entries = htonl(object_count);
+ SHA1_Update(&new_sha1_ctx, &hdr, sizeof(hdr));
write_or_die(pack_fd, &hdr, sizeof(hdr));
-
- SHA1_Init(&c);
- SHA1_Update(&c, &hdr, sizeof(hdr));
+ partial_pack_offset -= sizeof(hdr);
buf = xmalloc(buf_sz);
+ aligned_sz = buf_sz - sizeof(hdr);
for (;;) {
- ssize_t n = xread(pack_fd, buf, buf_sz);
+ ssize_t m, n;
+ m = (partial_pack_sha1 && partial_pack_offset < aligned_sz) ?
+ partial_pack_offset : aligned_sz;
+ n = xread(pack_fd, buf, m);
if (!n)
break;
if (n < 0)
die("Failed to checksum %s: %s", pack_name, strerror(errno));
- SHA1_Update(&c, buf, n);
+ SHA1_Update(&new_sha1_ctx, buf, n);
+
+ aligned_sz -= n;
+ if (!aligned_sz)
+ aligned_sz = buf_sz;
+
+ if (!partial_pack_sha1)
+ continue;
+
+ SHA1_Update(&old_sha1_ctx, buf, n);
+ partial_pack_offset -= n;
+ if (partial_pack_offset == 0) {
+ unsigned char sha1[20];
+ SHA1_Final(sha1, &old_sha1_ctx);
+ if (hashcmp(sha1, partial_pack_sha1) != 0)
+ die("Unexpected checksum for %s "
+ "(disk corruption?)", pack_name);
+ /*
+ * Now let's compute the SHA1 of the remainder of the
+ * pack, which also means making partial_pack_offset
+ * big enough not to matter anymore.
+ */
+ SHA1_Init(&old_sha1_ctx);
+ partial_pack_offset = ~partial_pack_offset;
+ partial_pack_offset -= MSB(partial_pack_offset, 1);
+ }
}
free(buf);
- SHA1_Final(pack_file_sha1, &c);
- write_or_die(pack_fd, pack_file_sha1, 20);
+ if (partial_pack_sha1)
+ SHA1_Final(partial_pack_sha1, &old_sha1_ctx);
+ SHA1_Final(new_pack_sha1, &new_sha1_ctx);
+ write_or_die(pack_fd, new_pack_sha1, 20);
fsync_or_die(pack_fd, pack_name);
}