diff options
Diffstat (limited to 'git-compat-util.h')
-rw-r--r-- | git-compat-util.h | 657 |
1 files changed, 424 insertions, 233 deletions
diff --git a/git-compat-util.h b/git-compat-util.h index 7c99eef..ca7678a 100644 --- a/git-compat-util.h +++ b/git-compat-util.h @@ -1,6 +1,19 @@ #ifndef GIT_COMPAT_UTIL_H #define GIT_COMPAT_UTIL_H +#if __STDC_VERSION__ - 0 < 199901L +/* + * Git is in a testing period for mandatory C99 support in the compiler. If + * your compiler is reasonably recent, you can try to enable C99 support (or, + * for MSVC, C11 support). If you encounter a problem and can't enable C99 + * support with your compiler (such as with "-std=gnu99") and don't have access + * to one with this support, such as GCC or Clang, you can remove this #if + * directive, but please report the details of your system to + * git@vger.kernel.org. + */ +#error "Required C99 support is in a test phase. Please see git-compat-util.h for more details." +#endif + #ifdef USE_MSVC_CRTDBG /* * For these to work they must appear very early in each @@ -10,6 +23,9 @@ #include <crtdbg.h> #endif +struct strbuf; + + #define _FILE_OFFSET_BITS 64 @@ -33,14 +49,23 @@ /* * See if our compiler is known to support flexible array members. */ -#if defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) && (!defined(__SUNPRO_C) || (__SUNPRO_C > 0x580)) -# define FLEX_ARRAY /* empty */ + +/* + * Check vendor specific quirks first, before checking the + * __STDC_VERSION__, as vendor compilers can lie and we need to be + * able to work them around. Note that by not defining FLEX_ARRAY + * here, we can fall back to use the "safer but a bit wasteful" one + * later. + */ +#if defined(__SUNPRO_C) && (__SUNPRO_C <= 0x580) #elif defined(__GNUC__) # if (__GNUC__ >= 3) # define FLEX_ARRAY /* empty */ # else # define FLEX_ARRAY 0 /* older GNU extension */ # endif +#elif defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) +# define FLEX_ARRAY /* empty */ #endif /* @@ -72,8 +97,14 @@ # define BARF_UNLESS_AN_ARRAY(arr) \ BUILD_ASSERT_OR_ZERO(!__builtin_types_compatible_p(__typeof__(arr), \ __typeof__(&(arr)[0]))) +# define BARF_UNLESS_COPYABLE(dst, src) \ + BUILD_ASSERT_OR_ZERO(__builtin_types_compatible_p(__typeof__(*(dst)), \ + __typeof__(*(src)))) #else # define BARF_UNLESS_AN_ARRAY(arr) 0 +# define BARF_UNLESS_COPYABLE(dst, src) \ + BUILD_ASSERT_OR_ZERO(0 ? ((*(dst) = *(src)), 0) : \ + sizeof(*(dst)) == sizeof(*(src))) #endif /* * ARRAY_SIZE - get the number of elements in a visible array @@ -113,6 +144,14 @@ #define unsigned_mult_overflows(a, b) \ ((a) && (b) > maximum_unsigned_value_of_type(a) / (a)) +/* + * Returns true if the left shift of "a" by "shift" bits will + * overflow. The type of "a" must be unsigned. + */ +#define unsigned_left_shift_overflows(a, shift) \ + ((shift) < bitsizeof(a) && \ + (a) > maximum_unsigned_value_of_type(a) >> (shift)) + #ifdef __GNUC__ #define TYPEOF(x) (__typeof__(x)) #else @@ -127,7 +166,9 @@ /* Approximation of the length of the decimal representation of this type. */ #define decimal_length(x) ((int)(sizeof(x) * 2.56 + 0.5) + 1) -#if defined(__sun__) +#ifdef __MINGW64__ +#define _POSIX_C_SOURCE 1 +#elif defined(__sun__) /* * On Solaris, when _XOPEN_EXTENDED is set, its header file * forces the programs to be XPG4v2, defeating any _XOPEN_SOURCE @@ -154,6 +195,16 @@ #define _NETBSD_SOURCE 1 #define _SGI_SOURCE 1 +#if GIT_GNUC_PREREQ(4, 5) +#define UNUSED __attribute__((unused)) \ + __attribute__((deprecated ("parameter declared as UNUSED"))) +#elif defined(__GNUC__) +#define UNUSED __attribute__((unused)) \ + __attribute__((deprecated)) +#else +#define UNUSED +#endif + #if defined(WIN32) && !defined(__CYGWIN__) /* Both MinGW and MSVC */ # if !defined(_WIN32_WINNT) # define _WIN32_WINNT 0x0600 @@ -167,6 +218,18 @@ #define GIT_WINDOWS_NATIVE #endif +#if defined(NO_UNIX_SOCKETS) || !defined(GIT_WINDOWS_NATIVE) +static inline int _have_unix_sockets(void) +{ +#if defined(NO_UNIX_SOCKETS) + return 0; +#else + return 1; +#endif +} +#define have_unix_sockets _have_unix_sockets +#endif + #include <unistd.h> #include <stdio.h> #include <sys/stat.h> @@ -174,12 +237,14 @@ #include <stddef.h> #include <stdlib.h> #include <stdarg.h> +#include <stdbool.h> #include <string.h> #ifdef HAVE_STRINGS_H #include <strings.h> /* for strcasecmp() */ #endif #include <errno.h> #include <limits.h> +#include <locale.h> #ifdef NEEDS_SYS_PARAM_H #include <sys/param.h> #endif @@ -204,6 +269,12 @@ #include <sys/sysctl.h> #endif +/* Used by compat/win32/path-utils.h, and more */ +static inline int is_xplatform_dir_sep(int c) +{ + return c == '/' || c == '\\'; +} + #if defined(__CYGWIN__) #include "compat/win32/path-utils.h" #endif @@ -220,6 +291,7 @@ #include <sys/resource.h> #include <sys/socket.h> #include <sys/ioctl.h> +#include <sys/statvfs.h> #include <termios.h> #ifndef NO_SYS_SELECT_H #include <sys/select.h> @@ -235,6 +307,12 @@ #else #include <stdint.h> #endif +#ifdef HAVE_ARC4RANDOM_LIBBSD +#include <bsd/stdlib.h> +#endif +#ifdef HAVE_GETRANDOM +#include <sys/random.h> +#endif #ifdef NO_INTPTR_T /* * On I16LP32, ILP32 and LP64 "long" is the safe bet, however @@ -255,7 +333,9 @@ typedef unsigned long uintptr_t; #ifdef PRECOMPOSE_UNICODE #include "compat/precompose_utf8.h" #else -static inline const char *precompose_argv_prefix(int argc, const char **argv, const char *prefix) +static inline const char *precompose_argv_prefix(int argc UNUSED, + const char **argv UNUSED, + const char *prefix) { return prefix; } @@ -272,6 +352,25 @@ static inline const char *precompose_string_if_needed(const char *in) int compat_mkdir_wo_trailing_slash(const char*, mode_t); #endif +#ifdef time +#undef time +#endif +static inline time_t git_time(time_t *tloc) +{ + struct timeval tv; + + /* + * Avoid time(NULL), which can disagree with gettimeofday(2) + * and filesystem timestamps. + */ + gettimeofday(&tv, NULL); + + if (tloc) + *tloc = tv.tv_sec; + return tv.tv_sec; +} +#define time git_time + #ifdef NO_STRUCT_ITIMERVAL struct itimerval { struct timeval it_interval; @@ -280,9 +379,13 @@ struct itimerval { #endif #ifdef NO_SETITIMER -static inline int setitimer(int which, const struct itimerval *value, struct itimerval *newvalue) { +static inline int git_setitimer(int which UNUSED, + const struct itimerval *value UNUSED, + struct itimerval *newvalue UNUSED) { return 0; /* pretend success */ } +#undef setitimer +#define setitimer(which,value,ovalue) git_setitimer(which,value,ovalue) #endif #ifndef NO_LIBGEN_H @@ -300,6 +403,7 @@ char *gitdirname(char *); #ifndef NO_OPENSSL #ifdef __APPLE__ +#undef __AVAILABILITY_MACROS_USES_AVAILABILITY #define __AVAILABILITY_MACROS_USES_AVAILABILITY 0 #include <AvailabilityMacros.h> #undef DEPRECATED_ATTRIBUTE @@ -332,6 +436,10 @@ char *gitdirname(char *); #define PATH_MAX 4096 #endif +#ifndef NAME_MAX +#define NAME_MAX 255 +#endif + typedef uintmax_t timestamp_t; #define PRItime PRIuMAX #define parse_timestamp strtoumax @@ -350,7 +458,11 @@ typedef uintmax_t timestamp_t; #endif #ifndef platform_core_config -static inline int noop_core_config(const char *var, const char *value, void *cb) +struct config_context; +static inline int noop_core_config(const char *var UNUSED, + const char *value UNUSED, + const struct config_context *ctx UNUSED, + void *cb UNUSED) { return 0; } @@ -363,7 +475,7 @@ int lstat_cache_aware_rmdir(const char *path); #endif #ifndef has_dos_drive_prefix -static inline int git_has_dos_drive_prefix(const char *path) +static inline int git_has_dos_drive_prefix(const char *path UNUSED) { return 0; } @@ -371,18 +483,18 @@ static inline int git_has_dos_drive_prefix(const char *path) #endif #ifndef skip_dos_drive_prefix -static inline int git_skip_dos_drive_prefix(char **path) +static inline int git_skip_dos_drive_prefix(char **path UNUSED) { return 0; } #define skip_dos_drive_prefix git_skip_dos_drive_prefix #endif -#ifndef is_dir_sep static inline int git_is_dir_sep(int c) { return c == '/'; } +#ifndef is_dir_sep #define is_dir_sep git_is_dir_sep #endif @@ -398,6 +510,75 @@ static inline int git_offset_1st_component(const char *path) #define is_valid_path(path) 1 #endif +#ifndef is_path_owned_by_current_user + +#ifdef __TANDEM +#define ROOT_UID 65535 +#else +#define ROOT_UID 0 +#endif + +/* + * Do not use this function when + * (1) geteuid() did not say we are running as 'root', or + * (2) using this function will compromise the system. + * + * PORTABILITY WARNING: + * This code assumes uid_t is unsigned because that is what sudo does. + * If your uid_t type is signed and all your ids are positive then it + * should all work fine. + * If your version of sudo uses negative values for uid_t or it is + * buggy and return an overflowed value in SUDO_UID, then git might + * fail to grant access to your repository properly or even mistakenly + * grant access to someone else. + * In the unlikely scenario this happened to you, and that is how you + * got to this message, we would like to know about it; so sent us an + * email to git@vger.kernel.org indicating which platform you are + * using and which version of sudo, so we can improve this logic and + * maybe provide you with a patch that would prevent this issue again + * in the future. + */ +static inline void extract_id_from_env(const char *env, uid_t *id) +{ + const char *real_uid = getenv(env); + + /* discard anything empty to avoid a more complex check below */ + if (real_uid && *real_uid) { + char *endptr = NULL; + unsigned long env_id; + + errno = 0; + /* silent overflow errors could trigger a bug here */ + env_id = strtoul(real_uid, &endptr, 10); + if (!*endptr && !errno) + *id = env_id; + } +} + +static inline int is_path_owned_by_current_uid(const char *path, + struct strbuf *report UNUSED) +{ + struct stat st; + uid_t euid; + + if (lstat(path, &st)) + return 0; + + euid = geteuid(); + if (euid == ROOT_UID) + { + if (st.st_uid == ROOT_UID) + return 1; + else + extract_id_from_env("SUDO_UID", &euid); + } + + return st.st_uid == euid; +} + +#define is_path_owned_by_current_user is_path_owned_by_current_uid +#endif + #ifndef find_last_dir_sep static inline char *git_find_last_dir_sep(const char *path) { @@ -453,24 +634,26 @@ static inline int git_has_dir_sep(const char *path) /* The sentinel attribute is valid from gcc version 4.0 */ #if defined(__GNUC__) && (__GNUC__ >= 4) #define LAST_ARG_MUST_BE_NULL __attribute__((sentinel)) +/* warn_unused_result exists as of gcc 3.4.0, but be lazy and check 4.0 */ +#define RESULT_MUST_BE_USED __attribute__ ((warn_unused_result)) #else #define LAST_ARG_MUST_BE_NULL +#define RESULT_MUST_BE_USED #endif #define MAYBE_UNUSED __attribute__((__unused__)) #include "compat/bswap.h" -#include "wildmatch.h" - -struct strbuf; +#include "wrapper.h" /* General helper functions */ -void vreportf(const char *prefix, const char *err, va_list params); NORETURN void usage(const char *err); NORETURN void usagef(const char *err, ...) __attribute__((format (printf, 1, 2))); NORETURN void die(const char *err, ...) __attribute__((format (printf, 1, 2))); NORETURN void die_errno(const char *err, ...) __attribute__((format (printf, 1, 2))); +int die_message(const char *err, ...) __attribute__((format (printf, 1, 2))); +int die_message_errno(const char *err, ...) __attribute__((format (printf, 1, 2))); int error(const char *err, ...) __attribute__((format (printf, 1, 2))); int error_errno(const char *err, ...) __attribute__((format (printf, 1, 2))); void warning(const char *err, ...) __attribute__((format (printf, 1, 2))); @@ -486,12 +669,14 @@ void warning_errno(const char *err, ...) __attribute__((format (printf, 1, 2))); #include <openssl/x509v3.h> #endif /* NO_OPENSSL */ +#ifdef HAVE_OPENSSL_CSPRNG +#include <openssl/rand.h> +#endif + /* * Let callers be aware of the constant return value; this can help * gcc with -Wuninitialized analysis. We restrict this trick to gcc, though, - * because some compilers may not support variadic macros. Since we're only - * trying to help gcc, anyway, it's OK; other compilers will fall back to - * using the function as usual. + * because other compilers may be confused by this. */ #if defined(__GNUC__) static inline int const_error(void) @@ -505,21 +690,19 @@ static inline int const_error(void) typedef void (*report_fn)(const char *, va_list params); void set_die_routine(NORETURN_PTR report_fn routine); +report_fn get_die_message_routine(void); void set_error_routine(report_fn routine); report_fn get_error_routine(void); void set_warn_routine(report_fn routine); report_fn get_warn_routine(void); void set_die_is_recursing_routine(int (*routine)(void)); -int starts_with(const char *str, const char *prefix); -int istarts_with(const char *str, const char *prefix); - /* - * If the string "str" begins with the string found in "prefix", return 1. + * If the string "str" begins with the string found in "prefix", return true. * The "out" parameter is set to "str + strlen(prefix)" (i.e., to the point in * the string right after the prefix). * - * Otherwise, return 0 and leave "out" untouched. + * Otherwise, return false and leave "out" untouched. * * Examples: * @@ -530,91 +713,63 @@ int istarts_with(const char *str, const char *prefix); * [skip prefix if present, otherwise use whole string] * skip_prefix(name, "refs/heads/", &name); */ -static inline int skip_prefix(const char *str, const char *prefix, - const char **out) +static inline bool skip_prefix(const char *str, const char *prefix, + const char **out) { do { if (!*prefix) { *out = str; - return 1; + return true; } } while (*str++ == *prefix++); - return 0; -} - -/* - * If the string "str" is the same as the string in "prefix", then the "arg" - * parameter is set to the "def" parameter and 1 is returned. - * If the string "str" begins with the string found in "prefix" and then a - * "=" sign, then the "arg" parameter is set to "str + strlen(prefix) + 1" - * (i.e., to the point in the string right after the prefix and the "=" sign), - * and 1 is returned. - * - * Otherwise, return 0 and leave "arg" untouched. - * - * When we accept both a "--key" and a "--key=<val>" option, this function - * can be used instead of !strcmp(arg, "--key") and then - * skip_prefix(arg, "--key=", &arg) to parse such an option. - */ -int skip_to_optional_arg_default(const char *str, const char *prefix, - const char **arg, const char *def); - -static inline int skip_to_optional_arg(const char *str, const char *prefix, - const char **arg) -{ - return skip_to_optional_arg_default(str, prefix, arg, ""); + return false; } /* * Like skip_prefix, but promises never to read past "len" bytes of the input * buffer, and returns the remaining number of bytes in "out" via "outlen". */ -static inline int skip_prefix_mem(const char *buf, size_t len, - const char *prefix, - const char **out, size_t *outlen) +static inline bool skip_prefix_mem(const char *buf, size_t len, + const char *prefix, + const char **out, size_t *outlen) { size_t prefix_len = strlen(prefix); if (prefix_len <= len && !memcmp(buf, prefix, prefix_len)) { *out = buf + prefix_len; *outlen = len - prefix_len; - return 1; + return true; } - return 0; + return false; } /* - * If buf ends with suffix, return 1 and subtract the length of the suffix - * from *len. Otherwise, return 0 and leave *len untouched. + * If buf ends with suffix, return true and subtract the length of the suffix + * from *len. Otherwise, return false and leave *len untouched. */ -static inline int strip_suffix_mem(const char *buf, size_t *len, - const char *suffix) +static inline bool strip_suffix_mem(const char *buf, size_t *len, + const char *suffix) { size_t suflen = strlen(suffix); if (*len < suflen || memcmp(buf + (*len - suflen), suffix, suflen)) - return 0; + return false; *len -= suflen; - return 1; + return true; } /* - * If str ends with suffix, return 1 and set *len to the size of the string - * without the suffix. Otherwise, return 0 and set *len to the size of the + * If str ends with suffix, return true and set *len to the size of the string + * without the suffix. Otherwise, return false and set *len to the size of the * string. * * Note that we do _not_ NUL-terminate str to the new length. */ -static inline int strip_suffix(const char *str, const char *suffix, size_t *len) +static inline bool strip_suffix(const char *str, const char *suffix, + size_t *len) { *len = strlen(str); return strip_suffix_mem(str, len, suffix); } -static inline int ends_with(const char *str, const char *suffix) -{ - size_t len; - return strip_suffix(str, suffix, &len); -} - #define SWAP(a, b) do { \ void *_swap_a_ptr = &(a); \ void *_swap_b_ptr = &(b); \ @@ -710,12 +865,6 @@ int git_lstat(const char *, struct stat *); #define pread git_pread ssize_t git_pread(int fd, void *buf, size_t count, off_t offset); #endif -/* - * Forward decl that will remind us if its twin in cache.h changes. - * This function is used in compat/pread.c. But we can't include - * cache.h there. - */ -ssize_t read_in_full(int fd, void *buf, size_t count); #ifdef NO_SETENV #define setenv gitsetenv @@ -729,7 +878,7 @@ char *gitmkdtemp(char *); #ifdef NO_UNSETENV #define unsetenv gitunsetenv -void gitunsetenv(const char *); +int gitunsetenv(const char *); #endif #ifdef NO_STRCASESTR @@ -862,6 +1011,62 @@ static inline size_t st_sub(size_t a, size_t b) return a - b; } +static inline size_t st_left_shift(size_t a, unsigned shift) +{ + if (unsigned_left_shift_overflows(a, shift)) + die("size_t overflow: %"PRIuMAX" << %u", + (uintmax_t)a, shift); + return a << shift; +} + +static inline unsigned long cast_size_t_to_ulong(size_t a) +{ + if (a != (unsigned long)a) + die("object too large to read on this platform: %" + PRIuMAX" is cut off to %lu", + (uintmax_t)a, (unsigned long)a); + return (unsigned long)a; +} + +static inline uint32_t cast_size_t_to_uint32_t(size_t a) +{ + if (a != (uint32_t)a) + die("object too large to read on this platform: %" + PRIuMAX" is cut off to %u", + (uintmax_t)a, (uint32_t)a); + return (uint32_t)a; +} + +static inline int cast_size_t_to_int(size_t a) +{ + if (a > INT_MAX) + die("number too large to represent as int on this platform: %"PRIuMAX, + (uintmax_t)a); + return (int)a; +} + +/* + * Limit size of IO chunks, because huge chunks only cause pain. OS X + * 64-bit is buggy, returning EINVAL if len >= INT_MAX; and even in + * the absence of bugs, large chunks can result in bad latencies when + * you decide to kill the process. + * + * We pick 8 MiB as our default, but if the platform defines SSIZE_MAX + * that is smaller than that, clip it to SSIZE_MAX, as a call to + * read(2) or write(2) larger than that is allowed to fail. As the last + * resort, we allow a port to pass via CFLAGS e.g. "-DMAX_IO_SIZE=value" + * to override this, if the definition of SSIZE_MAX given by the platform + * is broken. + */ +#ifndef MAX_IO_SIZE +# define MAX_IO_SIZE_DEFAULT (8*1024*1024) +# if defined(SSIZE_MAX) && (SSIZE_MAX < MAX_IO_SIZE_DEFAULT) +# define MAX_IO_SIZE SSIZE_MAX +# else +# define MAX_IO_SIZE MAX_IO_SIZE_DEFAULT +# endif +#endif + #ifdef HAVE_ALLOCA_H # include <alloca.h> # define xalloca(size) (alloca(size)) @@ -870,35 +1075,6 @@ static inline size_t st_sub(size_t a, size_t b) # define xalloca(size) (xmalloc(size)) # define xalloca_free(p) (free(p)) #endif -char *xstrdup(const char *str); -void *xmalloc(size_t size); -void *xmallocz(size_t size); -void *xmallocz_gently(size_t size); -void *xmemdupz(const void *data, size_t len); -char *xstrndup(const char *str, size_t len); -void *xrealloc(void *ptr, size_t size); -void *xcalloc(size_t nmemb, size_t size); -void *xmmap(void *start, size_t length, int prot, int flags, int fd, off_t offset); -const char *mmap_os_err(void); -void *xmmap_gently(void *start, size_t length, int prot, int flags, int fd, off_t offset); -int xopen(const char *path, int flags, ...); -ssize_t xread(int fd, void *buf, size_t len); -ssize_t xwrite(int fd, const void *buf, size_t len); -ssize_t xpread(int fd, void *buf, size_t len, off_t offset); -int xdup(int fd); -FILE *xfopen(const char *path, const char *mode); -FILE *xfdopen(int fd, const char *mode); -int xmkstemp(char *temp_filename); -int xmkstemp_mode(char *temp_filename, int mode); -char *xgetcwd(void); -FILE *fopen_for_writing(const char *path); -FILE *fopen_or_warn(const char *path, const char *mode); - -/* - * Like strncmp, but only return zero if s is NUL-terminated and exactly len - * characters long. If it is not, consider it greater than t. - */ -int xstrncmpz(const char *s, const char *t, size_t len); /* * FREE_AND_NULL(ptr) is like free(ptr) followed by ptr = NULL. Note @@ -911,7 +1087,7 @@ int xstrncmpz(const char *s, const char *t, size_t len); #define REALLOC_ARRAY(x, alloc) (x) = xrealloc((x), st_mult(sizeof(*(x)), (alloc))) #define COPY_ARRAY(dst, src, n) copy_array((dst), (src), (n), sizeof(*(dst)) + \ - BUILD_ASSERT_OR_ZERO(sizeof(*(dst)) == sizeof(*(src)))) + BARF_UNLESS_COPYABLE((dst), (src))) static inline void copy_array(void *dst, const void *src, size_t n, size_t size) { if (n) @@ -919,13 +1095,18 @@ static inline void copy_array(void *dst, const void *src, size_t n, size_t size) } #define MOVE_ARRAY(dst, src, n) move_array((dst), (src), (n), sizeof(*(dst)) + \ - BUILD_ASSERT_OR_ZERO(sizeof(*(dst)) == sizeof(*(src)))) + BARF_UNLESS_COPYABLE((dst), (src))) static inline void move_array(void *dst, const void *src, size_t n, size_t size) { if (n) memmove(dst, src, st_mult(size, n)); } +#define DUP_ARRAY(dst, src, n) do { \ + size_t dup_array_n_ = (n); \ + COPY_ARRAY(ALLOC_ARRAY((dst), dup_array_n_), (src), dup_array_n_); \ +} while (0) + /* * These functions help you allocate structs with flex arrays, and copy * the data directly into the array. For example, if you had: @@ -983,6 +1164,81 @@ static inline void move_array(void *dst, const void *src, size_t n, size_t size) #define FLEXPTR_ALLOC_STR(x, ptrname, str) \ FLEXPTR_ALLOC_MEM((x), ptrname, (str), strlen(str)) +#define alloc_nr(x) (((x)+16)*3/2) + +/** + * Dynamically growing an array using realloc() is error prone and boring. + * + * Define your array with: + * + * - a pointer (`item`) that points at the array, initialized to `NULL` + * (although please name the variable based on its contents, not on its + * type); + * + * - an integer variable (`alloc`) that keeps track of how big the current + * allocation is, initialized to `0`; + * + * - another integer variable (`nr`) to keep track of how many elements the + * array currently has, initialized to `0`. + * + * Then before adding `n`th element to the item, call `ALLOC_GROW(item, n, + * alloc)`. This ensures that the array can hold at least `n` elements by + * calling `realloc(3)` and adjusting `alloc` variable. + * + * ------------ + * sometype *item; + * size_t nr; + * size_t alloc + * + * for (i = 0; i < nr; i++) + * if (we like item[i] already) + * return; + * + * // we did not like any existing one, so add one + * ALLOC_GROW(item, nr + 1, alloc); + * item[nr++] = value you like; + * ------------ + * + * You are responsible for updating the `nr` variable. + * + * If you need to specify the number of elements to allocate explicitly + * then use the macro `REALLOC_ARRAY(item, alloc)` instead of `ALLOC_GROW`. + * + * Consider using ALLOC_GROW_BY instead of ALLOC_GROW as it has some + * added niceties. + * + * DO NOT USE any expression with side-effect for 'x', 'nr', or 'alloc'. + */ +#define ALLOC_GROW(x, nr, alloc) \ + do { \ + if ((nr) > alloc) { \ + if (alloc_nr(alloc) < (nr)) \ + alloc = (nr); \ + else \ + alloc = alloc_nr(alloc); \ + REALLOC_ARRAY(x, alloc); \ + } \ + } while (0) + +/* + * Similar to ALLOC_GROW but handles updating of the nr value and + * zeroing the bytes of the newly-grown array elements. + * + * DO NOT USE any expression with side-effect for any of the + * arguments. + */ +#define ALLOC_GROW_BY(x, nr, increase, alloc) \ + do { \ + if (increase) { \ + size_t new_nr = nr + (increase); \ + if (new_nr < nr) \ + BUG("negative growth in ALLOC_GROW_BY"); \ + ALLOC_GROW(x, new_nr, alloc); \ + memset((x) + nr, 0, sizeof(*(x)) * (increase)); \ + nr = new_nr; \ + } \ + } while (0) + static inline char *xstrdup_or_null(const char *str) { return str ? xstrdup(str) : NULL; @@ -995,78 +1251,11 @@ static inline size_t xsize_t(off_t len) return (size_t) len; } -__attribute__((format (printf, 3, 4))) -int xsnprintf(char *dst, size_t max, const char *fmt, ...); - #ifndef HOST_NAME_MAX #define HOST_NAME_MAX 256 #endif -int xgethostname(char *buf, size_t len); - -/* in ctype.c, for kwset users */ -extern const unsigned char tolower_trans_tbl[256]; - -/* Sane ctype - no locale, and works with signed chars */ -#undef isascii -#undef isspace -#undef isdigit -#undef isalpha -#undef isalnum -#undef isprint -#undef islower -#undef isupper -#undef tolower -#undef toupper -#undef iscntrl -#undef ispunct -#undef isxdigit - -extern const unsigned char sane_ctype[256]; -#define GIT_SPACE 0x01 -#define GIT_DIGIT 0x02 -#define GIT_ALPHA 0x04 -#define GIT_GLOB_SPECIAL 0x08 -#define GIT_REGEX_SPECIAL 0x10 -#define GIT_PATHSPEC_MAGIC 0x20 -#define GIT_CNTRL 0x40 -#define GIT_PUNCT 0x80 -#define sane_istest(x,mask) ((sane_ctype[(unsigned char)(x)] & (mask)) != 0) -#define isascii(x) (((x) & ~0x7f) == 0) -#define isspace(x) sane_istest(x,GIT_SPACE) -#define isdigit(x) sane_istest(x,GIT_DIGIT) -#define isalpha(x) sane_istest(x,GIT_ALPHA) -#define isalnum(x) sane_istest(x,GIT_ALPHA | GIT_DIGIT) -#define isprint(x) ((x) >= 0x20 && (x) <= 0x7e) -#define islower(x) sane_iscase(x, 1) -#define isupper(x) sane_iscase(x, 0) -#define is_glob_special(x) sane_istest(x,GIT_GLOB_SPECIAL) -#define is_regex_special(x) sane_istest(x,GIT_GLOB_SPECIAL | GIT_REGEX_SPECIAL) -#define iscntrl(x) (sane_istest(x,GIT_CNTRL)) -#define ispunct(x) sane_istest(x, GIT_PUNCT | GIT_REGEX_SPECIAL | \ - GIT_GLOB_SPECIAL | GIT_PATHSPEC_MAGIC) -#define isxdigit(x) (hexval_table[(unsigned char)(x)] != -1) -#define tolower(x) sane_case((unsigned char)(x), 0x20) -#define toupper(x) sane_case((unsigned char)(x), 0) -#define is_pathspec_magic(x) sane_istest(x,GIT_PATHSPEC_MAGIC) - -static inline int sane_case(int x, int high) -{ - if (sane_istest(x, GIT_ALPHA)) - x = (x & ~0x20) | high; - return x; -} - -static inline int sane_iscase(int x, int is_lower) -{ - if (!sane_istest(x, GIT_ALPHA)) - return 0; - - if (is_lower) - return (x & 0x20) != 0; - else - return (x & 0x20) == 0; -} +#include "sane-ctype.h" /* * Like skip_prefix, but compare case-insensitively. Note that the comparison @@ -1085,6 +1274,25 @@ static inline int skip_iprefix(const char *str, const char *prefix, return 0; } +/* + * Like skip_prefix_mem, but compare case-insensitively. Note that the + * comparison is done via tolower(), so it is strictly ASCII (no multi-byte + * characters or locale-specific conversions). + */ +static inline int skip_iprefix_mem(const char *buf, size_t len, + const char *prefix, + const char **out, size_t *outlen) +{ + do { + if (!*prefix) { + *out = buf; + *outlen = len; + return 1; + } + } while (len-- > 0 && tolower(*buf++) == tolower(*prefix++)); + return 0; +} + static inline int strtoul_ui(char const *s, int base, unsigned int *result) { unsigned long ul; @@ -1155,6 +1363,11 @@ static inline int regexec_buf(const regex_t *preg, const char *buf, size_t size, return regexec(preg, buf, nmatch, pmatch, eflags | REG_STARTEND); } +#ifdef USE_ENHANCED_BASIC_REGULAR_EXPRESSIONS +int git_regcomp(regex_t *preg, const char *pattern, int cflags); +#define regcomp git_regcomp +#endif + #ifndef DIR_HAS_BSD_GROUP_SEMANTICS # define FORCE_DIR_SET_GID S_ISGID #else @@ -1194,81 +1407,49 @@ static inline int regexec_buf(const regex_t *preg, const char *buf, size_t size, #endif #endif -/* - * This is always defined as a first step towards making the use of variadic - * macros unconditional. If it causes compilation problems on your platform, - * please report it to the Git mailing list at git@vger.kernel.org. - */ -#define HAVE_VARIADIC_MACROS 1 - /* usage.c: only to be used for testing BUG() implementation (see test-tool) */ extern int BUG_exit_code; -#ifdef HAVE_VARIADIC_MACROS +/* usage.c: if bug() is called we should have a BUG_if_bug() afterwards */ +extern int bug_called_must_BUG; + __attribute__((format (printf, 3, 4))) NORETURN void BUG_fl(const char *file, int line, const char *fmt, ...); #define BUG(...) BUG_fl(__FILE__, __LINE__, __VA_ARGS__) +__attribute__((format (printf, 3, 4))) +void bug_fl(const char *file, int line, const char *fmt, ...); +#define bug(...) bug_fl(__FILE__, __LINE__, __VA_ARGS__) +#define BUG_if_bug(...) do { \ + if (bug_called_must_BUG) \ + BUG_fl(__FILE__, __LINE__, __VA_ARGS__); \ +} while (0) + +#ifndef FSYNC_METHOD_DEFAULT +#ifdef __APPLE__ +#define FSYNC_METHOD_DEFAULT FSYNC_METHOD_WRITEOUT_ONLY #else -__attribute__((format (printf, 1, 2))) NORETURN -void BUG(const char *fmt, ...); +#define FSYNC_METHOD_DEFAULT FSYNC_METHOD_FSYNC +#endif #endif - -/* - * Preserves errno, prints a message, but gives no warning for ENOENT. - * Returns 0 on success, which includes trying to unlink an object that does - * not exist. - */ -int unlink_or_warn(const char *path); - /* - * Tries to unlink file. Returns 0 if unlink succeeded - * or the file already didn't exist. Returns -1 and - * appends a message to err suitable for - * 'error("%s", err->buf)' on error. - */ -int unlink_or_msg(const char *file, struct strbuf *err); -/* - * Preserves errno, prints a message, but gives no warning for ENOENT. - * Returns 0 on success, which includes trying to remove a directory that does - * not exist. - */ -int rmdir_or_warn(const char *path); -/* - * Calls the correct function out of {unlink,rmdir}_or_warn based on - * the supplied file mode. - */ -int remove_or_warn(unsigned int mode, const char *path); - -/* - * Call access(2), but warn for any error except "missing file" - * (ENOENT or ENOTDIR). - */ -#define ACCESS_EACCES_OK (1U << 0) -int access_or_warn(const char *path, int mode, unsigned flag); -int access_or_die(const char *path, int mode, unsigned flag); - -/* Warn on an inaccessible file if errno indicates this is an error */ -int warn_on_fopen_errors(const char *path); - -/* - * Open with O_NOFOLLOW, or equivalent. Note that the fallback equivalent - * may be racy. Do not use this as protection against an attacker who can - * simultaneously create paths. - */ -int open_nofollow(const char *path, int flags); #ifndef SHELL_PATH # define SHELL_PATH "/bin/sh" #endif #ifndef _POSIX_THREAD_SAFE_FUNCTIONS -static inline void flockfile(FILE *fh) +static inline void git_flockfile(FILE *fh UNUSED) { ; /* nothing */ } -static inline void funlockfile(FILE *fh) +static inline void git_funlockfile(FILE *fh UNUSED) { ; /* nothing */ } +#undef flockfile +#undef funlockfile +#undef getc_unlocked +#define flockfile(fh) git_flockfile(fh) +#define funlockfile(fh) git_funlockfile(fh) #define getc_unlocked(fh) getc(fh) #endif @@ -1311,8 +1492,8 @@ int cmd_main(int, const char **); * Intercept all calls to exit() and route them to trace2 to * optionally emit a message before calling the real exit(). */ -int trace2_cmd_exit_fl(const char *file, int line, int code); -#define exit(code) exit(trace2_cmd_exit_fl(__FILE__, __LINE__, (code))) +int common_exit(const char *file, int line, int code); +#define exit(code) exit(common_exit(__FILE__, __LINE__, (code))) /* * You can mark a stack variable with UNLEAK(var) to avoid it being @@ -1334,6 +1515,18 @@ void unleak_memory(const void *ptr, size_t len); #define UNLEAK(var) do {} while (0) #endif +#define z_const +#include <zlib.h> + +#if ZLIB_VERNUM < 0x1290 +/* + * This is uncompress2, which is only available in zlib >= 1.2.9 + * (released as of early 2017). See compat/zlib-uncompress2.c. + */ +int uncompress2(Bytef *dest, uLongf *destLen, const Bytef *source, + uLong *sourceLen); +#endif + /* * This include must come after system headers, since it introduces macros that * replace system names. @@ -1378,6 +1571,4 @@ static inline void *container_of_or_null_offset(void *ptr, size_t offset) ((uintptr_t)&(ptr)->member - (uintptr_t)(ptr)) #endif /* !__GNUC__ */ -void sleep_millisec(int millisec); - #endif |