Browse Source

Make object creation in http fetch a bit safer.

Unlike write_sha1_file() that tries to create the object file in a
temporary location and then move it to the final location, fetch_object
could have been interrupted in the middle, leaving a corrupt file.

Signed-off-by: Junio C Hamano <junkio@cox.net>
maint
Junio C Hamano 19 years ago
parent
commit
09d920831e
  1. 29
      http-fetch.c

29
http-fetch.c

@ -350,13 +350,18 @@ int fetch_object(struct alt_base *repo, unsigned char *sha1)
char *hex = sha1_to_hex(sha1); char *hex = sha1_to_hex(sha1);
char *filename = sha1_file_name(sha1); char *filename = sha1_file_name(sha1);
unsigned char real_sha1[20]; unsigned char real_sha1[20];
char tmpfile[PATH_MAX];
int ret;
char *url; char *url;
char *posn; char *posn;


local = open(filename, O_WRONLY | O_CREAT | O_EXCL, 0666); snprintf(tmpfile, sizeof(tmpfile), "%s/obj_XXXXXX",
get_object_directory());


local = mkstemp(tmpfile);
if (local < 0) if (local < 0)
return error("Couldn't open local object %s\n", filename); return error("Couldn't create temporary file %s for %s: %s\n",
tmpfile, filename, strerror(errno));


memset(&stream, 0, sizeof(stream)); memset(&stream, 0, sizeof(stream));


@ -386,18 +391,32 @@ int fetch_object(struct alt_base *repo, unsigned char *sha1)
return -1; return -1;
} }


fchmod(local, 0444);
close(local); close(local);
inflateEnd(&stream); inflateEnd(&stream);
SHA1_Final(real_sha1, &c); SHA1_Final(real_sha1, &c);
if (zret != Z_STREAM_END) { if (zret != Z_STREAM_END) {
unlink(filename); unlink(tmpfile);
return error("File %s (%s) corrupt\n", hex, url); return error("File %s (%s) corrupt\n", hex, url);
} }
if (memcmp(sha1, real_sha1, 20)) { if (memcmp(sha1, real_sha1, 20)) {
unlink(filename); unlink(tmpfile);
return error("File %s has bad hash\n", hex); return error("File %s has bad hash\n", hex);
} }
ret = link(tmpfile, filename);
if (ret < 0) {
/* Same Coda hack as in write_sha1_file(sha1_file.c) */
ret = errno;
if (ret == EXDEV && !rename(tmpfile, filename))
goto out;
}
unlink(tmpfile);
if (ret) {
if (ret != EEXIST)
return error("unable to write sha1 filename %s: %s",
filename, strerror(ret));
}
out:
pull_say("got %s\n", hex); pull_say("got %s\n", hex);
return 0; return 0;
} }

Loading…
Cancel
Save