From 1a90dfe8a7e3fae31aa0b13b799bd3345e91e985 Mon Sep 17 00:00:00 2001 From: Patrick Steinhardt Date: Mon, 22 Feb 2016 12:23:26 +0100 Subject: submodule: die on config error when linking modules When trying to connect a submodule with its corresponding repository in '.git/modules' we try to set the core.worktree setting in the submodule, which may fail due to an error encountered in `git_config_set_in_file`. The function is used in the git-mv command when trying to move a submodule to another location. We already die when renaming a file fails but do not pay attention to the case where updating the connection between submodule and its repository fails. As this leaves the repository in an inconsistent state, as well, abort the program by dying early and presenting the failure to the user. Signed-off-by: Patrick Steinhardt Signed-off-by: Junio C Hamano --- submodule.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'submodule.c') diff --git a/submodule.c b/submodule.c index 14e76247bf..278b08795f 100644 --- a/submodule.c +++ b/submodule.c @@ -1034,11 +1034,9 @@ void connect_work_tree_and_git_dir(const char *work_tree, const char *git_dir) /* Update core.worktree setting */ strbuf_reset(&file_name); strbuf_addf(&file_name, "%s/config", git_dir); - if (git_config_set_in_file(file_name.buf, "core.worktree", - relative_path(real_work_tree, git_dir, - &rel_path))) - die(_("Could not set core.worktree in %s"), - file_name.buf); + git_config_set_in_file_or_die(file_name.buf, "core.worktree", + relative_path(real_work_tree, git_dir, + &rel_path)); strbuf_release(&file_name); strbuf_release(&rel_path); -- cgit 1.2.3-korg From 30598ad06f2adfef1f74d6348677358865cbf373 Mon Sep 17 00:00:00 2001 From: Patrick Steinhardt Date: Mon, 22 Feb 2016 12:23:35 +0100 Subject: config: rename git_config_set to git_config_set_gently The desired default behavior for `git_config_set` is to die whenever an error occurs. Dying is the default for a lot of internal functions when failures occur and is in this case the right thing to do for most callers as otherwise we might run into inconsistent repositories without noticing. As some code may rely on the actual return values for `git_config_set` we still require the ability to invoke these functions without aborting. Rename the existing `git_config_set` functions to `git_config_set_gently` to keep them available for those callers. Signed-off-by: Patrick Steinhardt Signed-off-by: Junio C Hamano --- branch.c | 6 +++--- builtin/clone.c | 2 +- builtin/config.c | 28 ++++++++++++++-------------- builtin/remote.c | 2 +- cache.h | 10 +++++----- config.c | 29 +++++++++++++++-------------- submodule.c | 2 +- 7 files changed, 40 insertions(+), 39 deletions(-) (limited to 'submodule.c') diff --git a/branch.c b/branch.c index 713ceda36a..c50ea42172 100644 --- a/branch.c +++ b/branch.c @@ -70,18 +70,18 @@ int install_branch_config(int flag, const char *local, const char *origin, const } strbuf_addf(&key, "branch.%s.remote", local); - if (git_config_set(key.buf, origin ? origin : ".") < 0) + if (git_config_set_gently(key.buf, origin ? origin : ".") < 0) goto out_err; strbuf_reset(&key); strbuf_addf(&key, "branch.%s.merge", local); - if (git_config_set(key.buf, remote) < 0) + if (git_config_set_gently(key.buf, remote) < 0) goto out_err; if (rebasing) { strbuf_reset(&key); strbuf_addf(&key, "branch.%s.rebase", local); - if (git_config_set(key.buf, "true") < 0) + if (git_config_set_gently(key.buf, "true") < 0) goto out_err; } strbuf_release(&key); diff --git a/builtin/clone.c b/builtin/clone.c index 2dabce9816..a46d3d0f81 100644 --- a/builtin/clone.c +++ b/builtin/clone.c @@ -732,7 +732,7 @@ static int checkout(void) static int write_one_config(const char *key, const char *value, void *data) { - return git_config_set_multivar(key, value ? value : "true", "^$", 0); + return git_config_set_multivar_gently(key, value ? value : "true", "^$", 0); } static void write_config(struct string_list *config) diff --git a/builtin/config.c b/builtin/config.c index adc772786a..c26d6e7fdd 100644 --- a/builtin/config.c +++ b/builtin/config.c @@ -582,7 +582,7 @@ int cmd_config(int argc, const char **argv, const char *prefix) check_write(); check_argc(argc, 2, 2); value = normalize_value(argv[0], argv[1]); - ret = git_config_set_in_file(given_config_source.file, argv[0], value); + ret = git_config_set_in_file_gently(given_config_source.file, argv[0], value); if (ret == CONFIG_NOTHING_SET) error("cannot overwrite multiple values with a single value\n" " Use a regexp, --add or --replace-all to change %s.", argv[0]); @@ -592,23 +592,23 @@ int cmd_config(int argc, const char **argv, const char *prefix) check_write(); check_argc(argc, 2, 3); value = normalize_value(argv[0], argv[1]); - return git_config_set_multivar_in_file(given_config_source.file, - argv[0], value, argv[2], 0); + return git_config_set_multivar_in_file_gently(given_config_source.file, + argv[0], value, argv[2], 0); } else if (actions == ACTION_ADD) { check_write(); check_argc(argc, 2, 2); value = normalize_value(argv[0], argv[1]); - return git_config_set_multivar_in_file(given_config_source.file, - argv[0], value, - CONFIG_REGEX_NONE, 0); + return git_config_set_multivar_in_file_gently(given_config_source.file, + argv[0], value, + CONFIG_REGEX_NONE, 0); } else if (actions == ACTION_REPLACE_ALL) { check_write(); check_argc(argc, 2, 3); value = normalize_value(argv[0], argv[1]); - return git_config_set_multivar_in_file(given_config_source.file, - argv[0], value, argv[2], 1); + return git_config_set_multivar_in_file_gently(given_config_source.file, + argv[0], value, argv[2], 1); } else if (actions == ACTION_GET) { check_argc(argc, 1, 2); @@ -634,17 +634,17 @@ int cmd_config(int argc, const char **argv, const char *prefix) check_write(); check_argc(argc, 1, 2); if (argc == 2) - return git_config_set_multivar_in_file(given_config_source.file, - argv[0], NULL, argv[1], 0); + return git_config_set_multivar_in_file_gently(given_config_source.file, + argv[0], NULL, argv[1], 0); else - return git_config_set_in_file(given_config_source.file, - argv[0], NULL); + return git_config_set_in_file_gently(given_config_source.file, + argv[0], NULL); } else if (actions == ACTION_UNSET_ALL) { check_write(); check_argc(argc, 1, 2); - return git_config_set_multivar_in_file(given_config_source.file, - argv[0], NULL, argv[1], 1); + return git_config_set_multivar_in_file_gently(given_config_source.file, + argv[0], NULL, argv[1], 1); } else if (actions == ACTION_RENAME_SECTION) { int ret; diff --git a/builtin/remote.c b/builtin/remote.c index dee6551e35..6cacbca027 100644 --- a/builtin/remote.c +++ b/builtin/remote.c @@ -1393,7 +1393,7 @@ static int update(int argc, const char **argv) static int remove_all_fetch_refspecs(const char *remote, const char *key) { - return git_config_set_multivar(key, NULL, NULL, 1); + return git_config_set_multivar_gently(key, NULL, NULL, 1); } static void add_branches(struct remote *remote, const char **branches, diff --git a/cache.h b/cache.h index 59948b60a1..08046ba25f 100644 --- a/cache.h +++ b/cache.h @@ -1484,7 +1484,7 @@ extern int update_server_info(int); /* git_config_parse_key() returns these negated: */ #define CONFIG_INVALID_KEY 1 #define CONFIG_NO_SECTION_OR_NAME 2 -/* git_config_set(), git_config_set_multivar() return the above or these: */ +/* git_config_set_gently(), git_config_set_multivar_gently() return the above or these: */ #define CONFIG_NO_LOCK -1 #define CONFIG_INVALID_FILE 3 #define CONFIG_NO_WRITE 4 @@ -1522,15 +1522,15 @@ extern int git_config_bool(const char *, const char *); extern int git_config_maybe_bool(const char *, const char *); extern int git_config_string(const char **, const char *, const char *); extern int git_config_pathname(const char **, const char *, const char *); -extern int git_config_set_in_file(const char *, const char *, const char *); +extern int git_config_set_in_file_gently(const char *, const char *, const char *); extern void git_config_set_in_file_or_die(const char *, const char *, const char *); -extern int git_config_set(const char *, const char *); +extern int git_config_set_gently(const char *, const char *); extern void git_config_set_or_die(const char *, const char *); extern int git_config_parse_key(const char *, char **, int *); extern int git_config_key_is_valid(const char *key); -extern int git_config_set_multivar(const char *, const char *, const char *, int); +extern int git_config_set_multivar_gently(const char *, const char *, const char *, int); extern void git_config_set_multivar_or_die(const char *, const char *, const char *, int); -extern int git_config_set_multivar_in_file(const char *, const char *, const char *, const char *, int); +extern int git_config_set_multivar_in_file_gently(const char *, const char *, const char *, const char *, int); extern void git_config_set_multivar_in_file_or_die(const char *, const char *, const char *, const char *, int); extern int git_config_rename_section(const char *, const char *); extern int git_config_rename_section_in_file(const char *, const char *, const char *); diff --git a/config.c b/config.c index 856f7d34c7..e7f42da18b 100644 --- a/config.c +++ b/config.c @@ -1825,10 +1825,10 @@ static ssize_t find_beginning_of_line(const char *contents, size_t size, return offset; } -int git_config_set_in_file(const char *config_filename, - const char *key, const char *value) +int git_config_set_in_file_gently(const char *config_filename, + const char *key, const char *value) { - return git_config_set_multivar_in_file(config_filename, key, value, NULL, 0); + return git_config_set_multivar_in_file_gently(config_filename, key, value, NULL, 0); } void git_config_set_in_file_or_die(const char *config_filename, @@ -1837,9 +1837,9 @@ void git_config_set_in_file_or_die(const char *config_filename, git_config_set_multivar_in_file_or_die(config_filename, key, value, NULL, 0); } -int git_config_set(const char *key, const char *value) +int git_config_set_gently(const char *key, const char *value) { - return git_config_set_multivar(key, value, NULL, 0); + return git_config_set_multivar_gently(key, value, NULL, 0); } void git_config_set_or_die(const char *key, const char *value) @@ -1961,9 +1961,10 @@ int git_config_key_is_valid(const char *key) * - the config file is removed and the lock file rename()d to it. * */ -int git_config_set_multivar_in_file(const char *config_filename, - const char *key, const char *value, - const char *value_regex, int multi_replace) +int git_config_set_multivar_in_file_gently(const char *config_filename, + const char *key, const char *value, + const char *value_regex, + int multi_replace) { int fd = -1, in_fd = -1; int ret; @@ -2194,16 +2195,16 @@ void git_config_set_multivar_in_file_or_die(const char *config_filename, const char *key, const char *value, const char *value_regex, int multi_replace) { - if (git_config_set_multivar_in_file(config_filename, key, value, - value_regex, multi_replace) < 0) + if (git_config_set_multivar_in_file_gently(config_filename, key, value, + value_regex, multi_replace) < 0) die(_("Could not set '%s' to '%s'"), key, value); } -int git_config_set_multivar(const char *key, const char *value, - const char *value_regex, int multi_replace) +int git_config_set_multivar_gently(const char *key, const char *value, + const char *value_regex, int multi_replace) { - return git_config_set_multivar_in_file(NULL, key, value, value_regex, - multi_replace); + return git_config_set_multivar_in_file_gently(NULL, key, value, value_regex, + multi_replace); } void git_config_set_multivar_or_die(const char *key, const char *value, diff --git a/submodule.c b/submodule.c index 278b08795f..e76311d7ea 100644 --- a/submodule.c +++ b/submodule.c @@ -68,7 +68,7 @@ int update_path_in_gitmodules(const char *oldpath, const char *newpath) strbuf_addstr(&entry, "submodule."); strbuf_addstr(&entry, submodule->name); strbuf_addstr(&entry, ".path"); - if (git_config_set_in_file(".gitmodules", entry.buf, newpath) < 0) { + if (git_config_set_in_file_gently(".gitmodules", entry.buf, newpath) < 0) { /* Maybe the user already did that, don't error out here */ warning(_("Could not update .gitmodules entry %s"), entry.buf); strbuf_release(&entry); -- cgit 1.2.3-korg From 3d1806487af395fb33d1de92633e96571b296305 Mon Sep 17 00:00:00 2001 From: Patrick Steinhardt Date: Mon, 22 Feb 2016 12:23:36 +0100 Subject: config: rename git_config_set_or_die to git_config_set Rename git_config_set_or_die functions to git_config_set, leading to the new default behavior of dying whenever a configuration error occurs. By now all callers that shall die on error have been transitioned to the _or_die variants, thus making this patch a simple rename of the functions. Signed-off-by: Patrick Steinhardt Signed-off-by: Junio C Hamano --- builtin/branch.c | 6 +++--- builtin/clone.c | 8 ++++---- builtin/init-db.c | 20 ++++++++++---------- builtin/remote.c | 32 ++++++++++++++++---------------- builtin/submodule--helper.c | 4 ++-- cache.h | 8 ++++---- compat/precompose_utf8.c | 4 ++-- config.c | 24 ++++++++++++------------ sequencer.c | 22 +++++++++++----------- submodule.c | 6 +++--- 10 files changed, 67 insertions(+), 67 deletions(-) (limited to 'submodule.c') diff --git a/builtin/branch.c b/builtin/branch.c index c043cfc729..7b45b6bd6b 100644 --- a/builtin/branch.c +++ b/builtin/branch.c @@ -594,7 +594,7 @@ static int edit_branch_description(const char *branch_name) strbuf_stripspace(&buf, 1); strbuf_addf(&name, "branch.%s.description", branch_name); - git_config_set_or_die(name.buf, buf.len ? buf.buf : NULL); + git_config_set(name.buf, buf.len ? buf.buf : NULL); strbuf_release(&name); strbuf_release(&buf); @@ -790,10 +790,10 @@ int cmd_branch(int argc, const char **argv, const char *prefix) die(_("Branch '%s' has no upstream information"), branch->name); strbuf_addf(&buf, "branch.%s.remote", branch->name); - git_config_set_multivar_or_die(buf.buf, NULL, NULL, 1); + git_config_set_multivar(buf.buf, NULL, NULL, 1); strbuf_reset(&buf); strbuf_addf(&buf, "branch.%s.merge", branch->name); - git_config_set_multivar_or_die(buf.buf, NULL, NULL, 1); + git_config_set_multivar(buf.buf, NULL, NULL, 1); strbuf_release(&buf); } else if (argc > 0 && argc <= 2) { struct branch *branch = branch_get(argv[0]); diff --git a/builtin/clone.c b/builtin/clone.c index a46d3d0f81..8a90cad5b5 100644 --- a/builtin/clone.c +++ b/builtin/clone.c @@ -783,12 +783,12 @@ static void write_refspec_config(const char *src_ref_prefix, /* Configure the remote */ if (value.len) { strbuf_addf(&key, "remote.%s.fetch", option_origin); - git_config_set_multivar_or_die(key.buf, value.buf, "^$", 0); + git_config_set_multivar(key.buf, value.buf, "^$", 0); strbuf_reset(&key); if (option_mirror) { strbuf_addf(&key, "remote.%s.mirror", option_origin); - git_config_set_or_die(key.buf, "true"); + git_config_set(key.buf, "true"); strbuf_reset(&key); } } @@ -946,14 +946,14 @@ int cmd_clone(int argc, const char **argv, const char *prefix) src_ref_prefix = "refs/"; strbuf_addstr(&branch_top, src_ref_prefix); - git_config_set_or_die("core.bare", "true"); + git_config_set("core.bare", "true"); } else { strbuf_addf(&branch_top, "refs/remotes/%s/", option_origin); } strbuf_addf(&value, "+%s*:%s*", src_ref_prefix, branch_top.buf); strbuf_addf(&key, "remote.%s.url", option_origin); - git_config_set_or_die(key.buf, repo); + git_config_set(key.buf, repo); strbuf_reset(&key); if (option_reference.nr) diff --git a/builtin/init-db.c b/builtin/init-db.c index ef19048233..6223b7d46a 100644 --- a/builtin/init-db.c +++ b/builtin/init-db.c @@ -227,7 +227,7 @@ static int create_default_files(const char *template_path) /* This forces creation of new config file */ xsnprintf(repo_version_string, sizeof(repo_version_string), "%d", GIT_REPO_VERSION); - git_config_set_or_die("core.repositoryformatversion", repo_version_string); + git_config_set("core.repositoryformatversion", repo_version_string); /* Check filemode trustability */ path = git_path_buf(&buf, "config"); @@ -241,18 +241,18 @@ static int create_default_files(const char *template_path) if (filemode && !reinit && (st1.st_mode & S_IXUSR)) filemode = 0; } - git_config_set_or_die("core.filemode", filemode ? "true" : "false"); + git_config_set("core.filemode", filemode ? "true" : "false"); if (is_bare_repository()) - git_config_set_or_die("core.bare", "true"); + git_config_set("core.bare", "true"); else { const char *work_tree = get_git_work_tree(); - git_config_set_or_die("core.bare", "false"); + git_config_set("core.bare", "false"); /* allow template config file to override the default */ if (log_all_ref_updates == -1) - git_config_set_or_die("core.logallrefupdates", "true"); + git_config_set("core.logallrefupdates", "true"); if (needs_work_tree_config(get_git_dir(), work_tree)) - git_config_set_or_die("core.worktree", work_tree); + git_config_set("core.worktree", work_tree); } if (!reinit) { @@ -265,12 +265,12 @@ static int create_default_files(const char *template_path) S_ISLNK(st1.st_mode)) unlink(path); /* good */ else - git_config_set_or_die("core.symlinks", "false"); + git_config_set("core.symlinks", "false"); /* Check if the filesystem is case-insensitive */ path = git_path_buf(&buf, "CoNfIg"); if (!access(path, F_OK)) - git_config_set_or_die("core.ignorecase", "true"); + git_config_set("core.ignorecase", "true"); probe_utf8_pathname_composition(); } @@ -386,8 +386,8 @@ int init_db(const char *template_dir, unsigned int flags) xsnprintf(buf, sizeof(buf), "%d", OLD_PERM_EVERYBODY); else die("BUG: invalid value for shared_repository"); - git_config_set_or_die("core.sharedrepository", buf); - git_config_set_or_die("receive.denyNonFastforwards", "true"); + git_config_set("core.sharedrepository", buf); + git_config_set("receive.denyNonFastforwards", "true"); } if (!(flags & INIT_DB_QUIET)) { diff --git a/builtin/remote.c b/builtin/remote.c index 6cacbca027..43136951b5 100644 --- a/builtin/remote.c +++ b/builtin/remote.c @@ -119,7 +119,7 @@ static void add_branch(const char *key, const char *branchname, else strbuf_addf(tmp, "refs/heads/%s:refs/remotes/%s/%s", branchname, remotename, branchname); - git_config_set_multivar_or_die(key, tmp->buf, "^$", 0); + git_config_set_multivar(key, tmp->buf, "^$", 0); } static const char mirror_advice[] = @@ -197,7 +197,7 @@ static int add(int argc, const char **argv) die(_("'%s' is not a valid remote name"), name); strbuf_addf(&buf, "remote.%s.url", name); - git_config_set_or_die(buf.buf, url); + git_config_set(buf.buf, url); if (!mirror || mirror & MIRROR_FETCH) { strbuf_reset(&buf); @@ -213,14 +213,14 @@ static int add(int argc, const char **argv) if (mirror & MIRROR_PUSH) { strbuf_reset(&buf); strbuf_addf(&buf, "remote.%s.mirror", name); - git_config_set_or_die(buf.buf, "true"); + git_config_set(buf.buf, "true"); } if (fetch_tags != TAGS_DEFAULT) { strbuf_reset(&buf); strbuf_addf(&buf, "remote.%s.tagopt", name); - git_config_set_or_die(buf.buf, - fetch_tags == TAGS_SET ? "--tags" : "--no-tags"); + git_config_set(buf.buf, + fetch_tags == TAGS_SET ? "--tags" : "--no-tags"); } if (fetch && fetch_remote(name)) @@ -586,15 +586,15 @@ static int migrate_file(struct remote *remote) strbuf_addf(&buf, "remote.%s.url", remote->name); for (i = 0; i < remote->url_nr; i++) - git_config_set_multivar_or_die(buf.buf, remote->url[i], "^$", 0); + git_config_set_multivar(buf.buf, remote->url[i], "^$", 0); strbuf_reset(&buf); strbuf_addf(&buf, "remote.%s.push", remote->name); for (i = 0; i < remote->push_refspec_nr; i++) - git_config_set_multivar_or_die(buf.buf, remote->push_refspec[i], "^$", 0); + git_config_set_multivar(buf.buf, remote->push_refspec[i], "^$", 0); strbuf_reset(&buf); strbuf_addf(&buf, "remote.%s.fetch", remote->name); for (i = 0; i < remote->fetch_refspec_nr; i++) - git_config_set_multivar_or_die(buf.buf, remote->fetch_refspec[i], "^$", 0); + git_config_set_multivar(buf.buf, remote->fetch_refspec[i], "^$", 0); if (remote->origin == REMOTE_REMOTES) unlink_or_warn(git_path("remotes/%s", remote->name)); else if (remote->origin == REMOTE_BRANCHES) @@ -646,7 +646,7 @@ static int mv(int argc, const char **argv) strbuf_reset(&buf); strbuf_addf(&buf, "remote.%s.fetch", rename.new); - git_config_set_multivar_or_die(buf.buf, NULL, NULL, 1); + git_config_set_multivar(buf.buf, NULL, NULL, 1); strbuf_addf(&old_remote_context, ":refs/remotes/%s/", rename.old); for (i = 0; i < oldremote->fetch_refspec_nr; i++) { char *ptr; @@ -666,7 +666,7 @@ static int mv(int argc, const char **argv) "\tPlease update the configuration manually if necessary."), buf2.buf); - git_config_set_multivar_or_die(buf.buf, buf2.buf, "^$", 0); + git_config_set_multivar(buf.buf, buf2.buf, "^$", 0); } read_branches(); @@ -676,7 +676,7 @@ static int mv(int argc, const char **argv) if (info->remote_name && !strcmp(info->remote_name, rename.old)) { strbuf_reset(&buf); strbuf_addf(&buf, "branch.%s.remote", item->string); - git_config_set_or_die(buf.buf, rename.new); + git_config_set(buf.buf, rename.new); } } @@ -774,7 +774,7 @@ static int rm(int argc, const char **argv) strbuf_reset(&buf); strbuf_addf(&buf, "branch.%s.%s", item->string, *k); - git_config_set_or_die(buf.buf, NULL); + git_config_set(buf.buf, NULL); } } } @@ -1556,10 +1556,10 @@ static int set_url(int argc, const char **argv) /* Special cases that add new entry. */ if ((!oldurl && !delete_mode) || add_mode) { if (add_mode) - git_config_set_multivar_or_die(name_buf.buf, newurl, + git_config_set_multivar(name_buf.buf, newurl, "^$", 0); else - git_config_set_or_die(name_buf.buf, newurl); + git_config_set(name_buf.buf, newurl); strbuf_release(&name_buf); return 0; @@ -1582,9 +1582,9 @@ static int set_url(int argc, const char **argv) regfree(&old_regex); if (!delete_mode) - git_config_set_multivar_or_die(name_buf.buf, newurl, oldurl, 0); + git_config_set_multivar(name_buf.buf, newurl, oldurl, 0); else - git_config_set_multivar_or_die(name_buf.buf, NULL, oldurl, 1); + git_config_set_multivar(name_buf.buf, NULL, oldurl, 1); return 0; } diff --git a/builtin/submodule--helper.c b/builtin/submodule--helper.c index c7e1ea2799..f4c3eff179 100644 --- a/builtin/submodule--helper.c +++ b/builtin/submodule--helper.c @@ -245,8 +245,8 @@ static int module_clone(int argc, const char **argv, const char *prefix) p = git_pathdup_submodule(path, "config"); if (!p) die(_("could not get submodule directory for '%s'"), path); - git_config_set_in_file_or_die(p, "core.worktree", - relative_path(sb.buf, sm_gitdir, &rel_path)); + git_config_set_in_file(p, "core.worktree", + relative_path(sb.buf, sm_gitdir, &rel_path)); strbuf_release(&sb); strbuf_release(&rel_path); free(sm_gitdir); diff --git a/cache.h b/cache.h index 08046ba25f..dd39270f93 100644 --- a/cache.h +++ b/cache.h @@ -1523,15 +1523,15 @@ extern int git_config_maybe_bool(const char *, const char *); extern int git_config_string(const char **, const char *, const char *); extern int git_config_pathname(const char **, const char *, const char *); extern int git_config_set_in_file_gently(const char *, const char *, const char *); -extern void git_config_set_in_file_or_die(const char *, const char *, const char *); +extern void git_config_set_in_file(const char *, const char *, const char *); extern int git_config_set_gently(const char *, const char *); -extern void git_config_set_or_die(const char *, const char *); +extern void git_config_set(const char *, const char *); extern int git_config_parse_key(const char *, char **, int *); extern int git_config_key_is_valid(const char *key); extern int git_config_set_multivar_gently(const char *, const char *, const char *, int); -extern void git_config_set_multivar_or_die(const char *, const char *, const char *, int); +extern void git_config_set_multivar(const char *, const char *, const char *, int); extern int git_config_set_multivar_in_file_gently(const char *, const char *, const char *, const char *, int); -extern void git_config_set_multivar_in_file_or_die(const char *, const char *, const char *, const char *, int); +extern void git_config_set_multivar_in_file(const char *, const char *, const char *, const char *, int); extern int git_config_rename_section(const char *, const char *); extern int git_config_rename_section_in_file(const char *, const char *, const char *); extern const char *git_etc_gitconfig(void); diff --git a/compat/precompose_utf8.c b/compat/precompose_utf8.c index 9ff1ebe02b..dfbe6d8408 100644 --- a/compat/precompose_utf8.c +++ b/compat/precompose_utf8.c @@ -50,8 +50,8 @@ void probe_utf8_pathname_composition(void) close(output_fd); git_path_buf(&path, "%s", auml_nfd); precomposed_unicode = access(path.buf, R_OK) ? 0 : 1; - git_config_set_or_die("core.precomposeunicode", - precomposed_unicode ? "true" : "false"); + git_config_set("core.precomposeunicode", + precomposed_unicode ? "true" : "false"); git_path_buf(&path, "%s", auml_nfc); if (unlink(path.buf)) die_errno(_("failed to unlink '%s'"), path.buf); diff --git a/config.c b/config.c index e7f42da18b..325c3eaf9d 100644 --- a/config.c +++ b/config.c @@ -1831,10 +1831,10 @@ int git_config_set_in_file_gently(const char *config_filename, return git_config_set_multivar_in_file_gently(config_filename, key, value, NULL, 0); } -void git_config_set_in_file_or_die(const char *config_filename, - const char *key, const char *value) +void git_config_set_in_file(const char *config_filename, + const char *key, const char *value) { - git_config_set_multivar_in_file_or_die(config_filename, key, value, NULL, 0); + git_config_set_multivar_in_file(config_filename, key, value, NULL, 0); } int git_config_set_gently(const char *key, const char *value) @@ -1842,9 +1842,9 @@ int git_config_set_gently(const char *key, const char *value) return git_config_set_multivar_gently(key, value, NULL, 0); } -void git_config_set_or_die(const char *key, const char *value) +void git_config_set(const char *key, const char *value) { - git_config_set_multivar_or_die(key, value, NULL, 0); + git_config_set_multivar(key, value, NULL, 0); } /* @@ -2191,9 +2191,9 @@ int git_config_set_multivar_in_file_gently(const char *config_filename, } -void git_config_set_multivar_in_file_or_die(const char *config_filename, - const char *key, const char *value, - const char *value_regex, int multi_replace) +void git_config_set_multivar_in_file(const char *config_filename, + const char *key, const char *value, + const char *value_regex, int multi_replace) { if (git_config_set_multivar_in_file_gently(config_filename, key, value, value_regex, multi_replace) < 0) @@ -2207,11 +2207,11 @@ int git_config_set_multivar_gently(const char *key, const char *value, multi_replace); } -void git_config_set_multivar_or_die(const char *key, const char *value, - const char *value_regex, int multi_replace) +void git_config_set_multivar(const char *key, const char *value, + const char *value_regex, int multi_replace) { - git_config_set_multivar_in_file_or_die(NULL, key, value, value_regex, - multi_replace); + git_config_set_multivar_in_file(NULL, key, value, value_regex, + multi_replace); } static int section_name_match (const char *buf, const char *name) diff --git a/sequencer.c b/sequencer.c index 3c109b6863..8c58fa2f4d 100644 --- a/sequencer.c +++ b/sequencer.c @@ -933,31 +933,31 @@ static void save_opts(struct replay_opts *opts) const char *opts_file = git_path_opts_file(); if (opts->no_commit) - git_config_set_in_file_or_die(opts_file, "options.no-commit", "true"); + git_config_set_in_file(opts_file, "options.no-commit", "true"); if (opts->edit) - git_config_set_in_file_or_die(opts_file, "options.edit", "true"); + git_config_set_in_file(opts_file, "options.edit", "true"); if (opts->signoff) - git_config_set_in_file_or_die(opts_file, "options.signoff", "true"); + git_config_set_in_file(opts_file, "options.signoff", "true"); if (opts->record_origin) - git_config_set_in_file_or_die(opts_file, "options.record-origin", "true"); + git_config_set_in_file(opts_file, "options.record-origin", "true"); if (opts->allow_ff) - git_config_set_in_file_or_die(opts_file, "options.allow-ff", "true"); + git_config_set_in_file(opts_file, "options.allow-ff", "true"); if (opts->mainline) { struct strbuf buf = STRBUF_INIT; strbuf_addf(&buf, "%d", opts->mainline); - git_config_set_in_file_or_die(opts_file, "options.mainline", buf.buf); + git_config_set_in_file(opts_file, "options.mainline", buf.buf); strbuf_release(&buf); } if (opts->strategy) - git_config_set_in_file_or_die(opts_file, "options.strategy", opts->strategy); + git_config_set_in_file(opts_file, "options.strategy", opts->strategy); if (opts->gpg_sign) - git_config_set_in_file_or_die(opts_file, "options.gpg-sign", opts->gpg_sign); + git_config_set_in_file(opts_file, "options.gpg-sign", opts->gpg_sign); if (opts->xopts) { int i; for (i = 0; i < opts->xopts_nr; i++) - git_config_set_multivar_in_file_or_die(opts_file, - "options.strategy-option", - opts->xopts[i], "^$", 0); + git_config_set_multivar_in_file(opts_file, + "options.strategy-option", + opts->xopts[i], "^$", 0); } } diff --git a/submodule.c b/submodule.c index e76311d7ea..b58d4ee945 100644 --- a/submodule.c +++ b/submodule.c @@ -1034,9 +1034,9 @@ void connect_work_tree_and_git_dir(const char *work_tree, const char *git_dir) /* Update core.worktree setting */ strbuf_reset(&file_name); strbuf_addf(&file_name, "%s/config", git_dir); - git_config_set_in_file_or_die(file_name.buf, "core.worktree", - relative_path(real_work_tree, git_dir, - &rel_path)); + git_config_set_in_file(file_name.buf, "core.worktree", + relative_path(real_work_tree, git_dir, + &rel_path)); strbuf_release(&file_name); strbuf_release(&rel_path); -- cgit 1.2.3-korg From 50a6c8efa2bbeddf46ca34c7765024108202e04b Mon Sep 17 00:00:00 2001 From: Jeff King Date: Mon, 22 Feb 2016 17:44:35 -0500 Subject: use st_add and st_mult for allocation size computation If our size computation overflows size_t, we may allocate a much smaller buffer than we expected and overflow it. It's probably impossible to trigger an overflow in most of these sites in practice, but it is easy enough convert their additions and multiplications into overflow-checking variants. This may be fixing real bugs, and it makes auditing the code easier. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- archive.c | 4 ++-- builtin/apply.c | 2 +- builtin/clean.c | 2 +- builtin/fetch.c | 2 +- builtin/index-pack.c | 4 ++-- builtin/merge.c | 2 +- builtin/mv.c | 4 ++-- builtin/receive-pack.c | 2 +- combine-diff.c | 14 +++++++------- commit.c | 2 +- compat/mingw.c | 4 ++-- compat/qsort.c | 2 +- compat/setenv.c | 2 +- compat/win32/syslog.c | 4 ++-- diffcore-delta.c | 6 ++++-- diffcore-rename.c | 2 +- dir.c | 4 ++-- fast-import.c | 2 +- refs.c | 2 +- remote.c | 8 ++++---- revision.c | 2 +- sha1_file.c | 20 +++++++++++--------- sha1_name.c | 5 ++--- shallow.c | 2 +- submodule.c | 6 +++--- 25 files changed, 56 insertions(+), 53 deletions(-) (limited to 'submodule.c') diff --git a/archive.c b/archive.c index 0687afae43..5d735ae603 100644 --- a/archive.c +++ b/archive.c @@ -171,8 +171,8 @@ static void queue_directory(const unsigned char *sha1, unsigned mode, int stage, struct archiver_context *c) { struct directory *d; - size_t len = base->len + 1 + strlen(filename) + 1; - d = xmalloc(sizeof(*d) + len); + size_t len = st_add4(base->len, 1, strlen(filename), 1); + d = xmalloc(st_add(sizeof(*d), len)); d->up = c->bottom; d->baselen = base->len; d->mode = mode; diff --git a/builtin/apply.c b/builtin/apply.c index deb1364fa8..0db6d14cc2 100644 --- a/builtin/apply.c +++ b/builtin/apply.c @@ -2632,7 +2632,7 @@ static void update_image(struct image *img, insert_count = postimage->len; /* Adjust the contents */ - result = xmalloc(img->len + insert_count - remove_count + 1); + result = xmalloc(st_add3(st_sub(img->len, remove_count), insert_count, 1)); memcpy(result, img->buf, applied_at); memcpy(result + applied_at, postimage->buf, postimage->len); memcpy(result + applied_at + postimage->len, diff --git a/builtin/clean.c b/builtin/clean.c index 1f02c8294c..fb1824ce95 100644 --- a/builtin/clean.c +++ b/builtin/clean.c @@ -615,7 +615,7 @@ static int *list_and_choose(struct menu_opts *opts, struct menu_stuff *stuff) nr += chosen[i]; } - result = xcalloc(nr + 1, sizeof(int)); + result = xcalloc(st_add(nr, 1), sizeof(int)); for (i = 0; i < stuff->nr && j < nr; i++) { if (chosen[i]) result[j++] = i; diff --git a/builtin/fetch.c b/builtin/fetch.c index 17f40e10f6..683f08ec91 100644 --- a/builtin/fetch.c +++ b/builtin/fetch.c @@ -1107,7 +1107,7 @@ static int fetch_one(struct remote *remote, int argc, const char **argv) if (argc > 0) { int j = 0; int i; - refs = xcalloc(argc + 1, sizeof(const char *)); + refs = xcalloc(st_add(argc, 1), sizeof(const char *)); for (i = 0; i < argc; i++) { if (!strcmp(argv[i], "tag")) { i++; diff --git a/builtin/index-pack.c b/builtin/index-pack.c index a60bcfac06..193908a619 100644 --- a/builtin/index-pack.c +++ b/builtin/index-pack.c @@ -1744,9 +1744,9 @@ int cmd_index_pack(int argc, const char **argv, const char *prefix) curr_pack = open_pack_file(pack_name); parse_pack_header(); - objects = xcalloc(nr_objects + 1, sizeof(struct object_entry)); + objects = xcalloc(st_add(nr_objects, 1), sizeof(struct object_entry)); if (show_stat) - obj_stat = xcalloc(nr_objects + 1, sizeof(struct object_stat)); + obj_stat = xcalloc(st_add(nr_objects, 1), sizeof(struct object_stat)); ofs_deltas = xcalloc(nr_objects, sizeof(struct ofs_delta_entry)); parse_pack_objects(pack_sha1); resolve_deltas(); diff --git a/builtin/merge.c b/builtin/merge.c index b98a3489bf..101ffeff4c 100644 --- a/builtin/merge.c +++ b/builtin/merge.c @@ -939,7 +939,7 @@ static int setup_with_upstream(const char ***argv) if (!branch->merge_nr) die(_("No default upstream defined for the current branch.")); - args = xcalloc(branch->merge_nr + 1, sizeof(char *)); + args = xcalloc(st_add(branch->merge_nr, 1), sizeof(char *)); for (i = 0; i < branch->merge_nr; i++) { if (!branch->merge[i]->dst) die(_("No remote-tracking branch for %s from %s"), diff --git a/builtin/mv.c b/builtin/mv.c index 9a9813a0ec..aeae855e2b 100644 --- a/builtin/mv.c +++ b/builtin/mv.c @@ -48,9 +48,9 @@ static const char **internal_copy_pathspec(const char *prefix, static const char *add_slash(const char *path) { - int len = strlen(path); + size_t len = strlen(path); if (path[len - 1] != '/') { - char *with_slash = xmalloc(len + 2); + char *with_slash = xmalloc(st_add(len, 2)); memcpy(with_slash, path, len); with_slash[len++] = '/'; with_slash[len] = 0; diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c index 3dc3868c86..c8e32b297c 100644 --- a/builtin/receive-pack.c +++ b/builtin/receive-pack.c @@ -1372,7 +1372,7 @@ static struct command **queue_command(struct command **tail, refname = line + 82; reflen = linelen - 82; - cmd = xcalloc(1, sizeof(struct command) + reflen + 1); + cmd = xcalloc(1, st_add3(sizeof(struct command), reflen, 1)); hashcpy(cmd->old_sha1, old_sha1); hashcpy(cmd->new_sha1, new_sha1); memcpy(cmd->ref_name, refname, reflen); diff --git a/combine-diff.c b/combine-diff.c index be09a2b25c..0e1d4b0893 100644 --- a/combine-diff.c +++ b/combine-diff.c @@ -189,11 +189,11 @@ static struct lline *coalesce_lines(struct lline *base, int *lenbase, * - Else if we have NEW, insert newend lline into base and * consume newend */ - lcs = xcalloc(origbaselen + 1, sizeof(int*)); - directions = xcalloc(origbaselen + 1, sizeof(enum coalesce_direction*)); + lcs = xcalloc(st_add(origbaselen, 1), sizeof(int*)); + directions = xcalloc(st_add(origbaselen, 1), sizeof(enum coalesce_direction*)); for (i = 0; i < origbaselen + 1; i++) { - lcs[i] = xcalloc(lennew + 1, sizeof(int)); - directions[i] = xcalloc(lennew + 1, sizeof(enum coalesce_direction)); + lcs[i] = xcalloc(st_add(lennew, 1), sizeof(int)); + directions[i] = xcalloc(st_add(lennew, 1), sizeof(enum coalesce_direction)); directions[i][0] = BASE; } for (j = 1; j < lennew + 1; j++) @@ -1111,7 +1111,7 @@ static void show_patch_diff(struct combine_diff_path *elem, int num_parent, if (result_size && result[result_size-1] != '\n') cnt++; /* incomplete line */ - sline = xcalloc(cnt+2, sizeof(*sline)); + sline = xcalloc(st_add(cnt, 2), sizeof(*sline)); sline[0].bol = result; for (lno = 0, cp = result; cp < result + result_size; cp++) { if (*cp == '\n') { @@ -1130,7 +1130,7 @@ static void show_patch_diff(struct combine_diff_path *elem, int num_parent, /* Even p_lno[cnt+1] is valid -- that is for the end line number * for deletion hunk at the end. */ - sline[0].p_lno = xcalloc((cnt+2) * num_parent, sizeof(unsigned long)); + sline[0].p_lno = xcalloc(st_mult(st_add(cnt, 2), num_parent), sizeof(unsigned long)); for (lno = 0; lno <= cnt; lno++) sline[lno+1].p_lno = sline[lno].p_lno + num_parent; @@ -1262,7 +1262,7 @@ static struct diff_filepair *combined_pair(struct combine_diff_path *p, struct diff_filespec *pool; pair = xmalloc(sizeof(*pair)); - pool = xcalloc(num_parent + 1, sizeof(struct diff_filespec)); + pool = xcalloc(st_add(num_parent, 1), sizeof(struct diff_filespec)); pair->one = pool + 1; pair->two = pool; diff --git a/commit.c b/commit.c index 31cd91f81e..3f4f371e5e 100644 --- a/commit.c +++ b/commit.c @@ -147,7 +147,7 @@ struct commit_graft *read_graft_line(char *buf, int len) if ((len + 1) % entry_size) goto bad_graft_data; i = (len + 1) / entry_size - 1; - graft = xmalloc(sizeof(*graft) + GIT_SHA1_RAWSZ * i); + graft = xmalloc(st_add(sizeof(*graft), st_mult(GIT_SHA1_RAWSZ, i))); graft->nr_parent = i; if (get_oid_hex(buf, &graft->oid)) goto bad_graft_data; diff --git a/compat/mingw.c b/compat/mingw.c index d8a5345a30..ae16d089ad 100644 --- a/compat/mingw.c +++ b/compat/mingw.c @@ -769,7 +769,7 @@ static const char *quote_arg(const char *arg) return arg; /* insert \ where necessary */ - d = q = xmalloc(len+n+3); + d = q = xmalloc(st_add3(len, n, 3)); *d++ = '"'; while (*arg) { if (*arg == '"') @@ -1028,7 +1028,7 @@ static pid_t mingw_spawnve_fd(const char *cmd, const char **argv, char **deltaen free(quoted); } - wargs = xmalloc((2 * args.len + 1) * sizeof(wchar_t)); + wargs = xmalloc_array(st_add(st_mult(2, args.len), 1), sizeof(wchar_t)); xutftowcs(wargs, args.buf, 2 * args.len + 1); strbuf_release(&args); diff --git a/compat/qsort.c b/compat/qsort.c index 9574d537bd..7d071afb70 100644 --- a/compat/qsort.c +++ b/compat/qsort.c @@ -47,7 +47,7 @@ static void msort_with_tmp(void *b, size_t n, size_t s, void git_qsort(void *b, size_t n, size_t s, int (*cmp)(const void *, const void *)) { - const size_t size = n * s; + const size_t size = st_mult(n, s); char buf[1024]; if (size < sizeof(buf)) { diff --git a/compat/setenv.c b/compat/setenv.c index fc1439a643..7849f258d2 100644 --- a/compat/setenv.c +++ b/compat/setenv.c @@ -18,7 +18,7 @@ int gitsetenv(const char *name, const char *value, int replace) namelen = strlen(name); valuelen = strlen(value); - envstr = malloc((namelen + valuelen + 2)); + envstr = malloc(st_add3(namelen, valuelen, 2)); if (!envstr) { errno = ENOMEM; return -1; diff --git a/compat/win32/syslog.c b/compat/win32/syslog.c index d015e436d5..b905aea31b 100644 --- a/compat/win32/syslog.c +++ b/compat/win32/syslog.c @@ -32,7 +32,7 @@ void syslog(int priority, const char *fmt, ...) return; } - str = malloc(str_len + 1); + str = malloc(st_add(str_len, 1)); if (!str) { warning("malloc failed: '%s'", strerror(errno)); return; @@ -43,7 +43,7 @@ void syslog(int priority, const char *fmt, ...) va_end(ap); while ((pos = strstr(str, "%1")) != NULL) { - str = realloc(str, ++str_len + 1); + str = realloc(str, st_add(++str_len, 1)); if (!str) { warning("realloc failed: '%s'", strerror(errno)); return; diff --git a/diffcore-delta.c b/diffcore-delta.c index 7cf431d261..4159748a70 100644 --- a/diffcore-delta.c +++ b/diffcore-delta.c @@ -53,7 +53,8 @@ static struct spanhash_top *spanhash_rehash(struct spanhash_top *orig) int osz = 1 << orig->alloc_log2; int sz = osz << 1; - new = xmalloc(sizeof(*orig) + sizeof(struct spanhash) * sz); + new = xmalloc(st_add(sizeof(*orig), + st_mult(sizeof(struct spanhash), sz))); new->alloc_log2 = orig->alloc_log2 + 1; new->free = INITIAL_FREE(new->alloc_log2); memset(new->data, 0, sizeof(struct spanhash) * sz); @@ -130,7 +131,8 @@ static struct spanhash_top *hash_chars(struct diff_filespec *one) int is_text = !diff_filespec_is_binary(one); i = INITIAL_HASH_SIZE; - hash = xmalloc(sizeof(*hash) + sizeof(struct spanhash) * (1<alloc_log2 = i; hash->free = INITIAL_FREE(i); memset(hash->data, 0, sizeof(struct spanhash) * (1< rd->end) return -1; - *untracked_ = untracked = xmalloc(sizeof(*untracked) + len); + *untracked_ = untracked = xmalloc(st_add(sizeof(*untracked), len)); memcpy(untracked, &ud, sizeof(ud)); memcpy(untracked->name, data, len + 1); data = next; diff --git a/fast-import.c b/fast-import.c index 36dbaa5b16..9622b89df7 100644 --- a/fast-import.c +++ b/fast-import.c @@ -622,7 +622,7 @@ static void *pool_alloc(size_t len) return xmalloc(len); } total_allocd += sizeof(struct mem_pool) + mem_pool_alloc; - p = xmalloc(sizeof(struct mem_pool) + mem_pool_alloc); + p = xmalloc(st_add(sizeof(struct mem_pool), mem_pool_alloc)); p->next_pool = mem_pool; p->next_free = (char *) p->space; p->end = p->next_free + mem_pool_alloc; diff --git a/refs.c b/refs.c index 2d86445231..b0e6ece6f4 100644 --- a/refs.c +++ b/refs.c @@ -906,7 +906,7 @@ char *shorten_unambiguous_ref(const char *refname, int strict) /* -2 for strlen("%.*s") - strlen("%s"); +1 for NUL */ total_len += strlen(ref_rev_parse_rules[nr_rules]) - 2 + 1; - scanf_fmts = xmalloc(nr_rules * sizeof(char *) + total_len); + scanf_fmts = xmalloc(st_add(st_mult(nr_rules, sizeof(char *)), total_len)); offset = 0; for (i = 0; i < nr_rules; i++) { diff --git a/remote.c b/remote.c index 7a8a8a1b4a..f182382c83 100644 --- a/remote.c +++ b/remote.c @@ -928,7 +928,7 @@ static struct ref *alloc_ref_with_prefix(const char *prefix, size_t prefixlen, const char *name) { size_t len = strlen(name); - struct ref *ref = xcalloc(1, sizeof(struct ref) + prefixlen + len + 1); + struct ref *ref = xcalloc(1, st_add4(sizeof(*ref), prefixlen, len, 1)); memcpy(ref->name, prefix, prefixlen); memcpy(ref->name + prefixlen, name, len); return ref; @@ -945,9 +945,9 @@ struct ref *copy_ref(const struct ref *ref) size_t len; if (!ref) return NULL; - len = strlen(ref->name); - cpy = xmalloc(sizeof(struct ref) + len + 1); - memcpy(cpy, ref, sizeof(struct ref) + len + 1); + len = st_add3(sizeof(struct ref), strlen(ref->name), 1); + cpy = xmalloc(len); + memcpy(cpy, ref, len); cpy->next = NULL; cpy->symref = xstrdup_or_null(ref->symref); cpy->remote_status = xstrdup_or_null(ref->remote_status); diff --git a/revision.c b/revision.c index 14daefb174..df56fcea0e 100644 --- a/revision.c +++ b/revision.c @@ -540,7 +540,7 @@ struct treesame_state { static struct treesame_state *initialise_treesame(struct rev_info *revs, struct commit *commit) { unsigned n = commit_list_count(commit->parents); - struct treesame_state *st = xcalloc(1, sizeof(*st) + n); + struct treesame_state *st = xcalloc(1, st_add(sizeof(*st), n)); st->nparents = n; add_decoration(&revs->treesame, &commit->object, st); return st; diff --git a/sha1_file.c b/sha1_file.c index d14abfed9b..ab16c7b98c 100644 --- a/sha1_file.c +++ b/sha1_file.c @@ -253,7 +253,7 @@ static int link_alt_odb_entry(const char *entry, const char *relative_base, { struct alternate_object_database *ent; struct alternate_object_database *alt; - int pfxlen, entlen; + size_t pfxlen, entlen; struct strbuf pathbuf = STRBUF_INIT; if (!is_absolute_path(entry) && relative_base) { @@ -273,8 +273,8 @@ static int link_alt_odb_entry(const char *entry, const char *relative_base, while (pfxlen && pathbuf.buf[pfxlen-1] == '/') pfxlen -= 1; - entlen = pfxlen + 43; /* '/' + 2 hex + '/' + 38 hex + NUL */ - ent = xmalloc(sizeof(*ent) + entlen); + entlen = st_add(pfxlen, 43); /* '/' + 2 hex + '/' + 38 hex + NUL */ + ent = xmalloc(st_add(sizeof(*ent), entlen)); memcpy(ent->base, pathbuf.buf, pfxlen); strbuf_release(&pathbuf); @@ -1134,7 +1134,7 @@ unsigned char *use_pack(struct packed_git *p, static struct packed_git *alloc_packed_git(int extra) { - struct packed_git *p = xmalloc(sizeof(*p) + extra); + struct packed_git *p = xmalloc(st_add(sizeof(*p), extra)); memset(p, 0, sizeof(*p)); p->pack_fd = -1; return p; @@ -1168,7 +1168,7 @@ struct packed_git *add_packed_git(const char *path, size_t path_len, int local) * ".pack" is long enough to hold any suffix we're adding (and * the use xsnprintf double-checks that) */ - alloc = path_len + strlen(".pack") + 1; + alloc = st_add3(path_len, strlen(".pack"), 1); p = alloc_packed_git(alloc); memcpy(p->pack_name, path, path_len); @@ -1196,7 +1196,7 @@ struct packed_git *add_packed_git(const char *path, size_t path_len, int local) struct packed_git *parse_pack_index(unsigned char *sha1, const char *idx_path) { const char *path = sha1_pack_name(sha1); - int alloc = strlen(path) + 1; + size_t alloc = st_add(strlen(path), 1); struct packed_git *p = alloc_packed_git(alloc); memcpy(p->pack_name, path, alloc); /* includes NUL */ @@ -1413,10 +1413,12 @@ static void mark_bad_packed_object(struct packed_git *p, { unsigned i; for (i = 0; i < p->num_bad_objects; i++) - if (!hashcmp(sha1, p->bad_object_sha1 + 20 * i)) + if (!hashcmp(sha1, p->bad_object_sha1 + GIT_SHA1_RAWSZ * i)) return; - p->bad_object_sha1 = xrealloc(p->bad_object_sha1, 20 * (p->num_bad_objects + 1)); - hashcpy(p->bad_object_sha1 + 20 * p->num_bad_objects, sha1); + p->bad_object_sha1 = xrealloc(p->bad_object_sha1, + st_mult(GIT_SHA1_RAWSZ, + st_add(p->num_bad_objects, 1))); + hashcpy(p->bad_object_sha1 + GIT_SHA1_RAWSZ * p->num_bad_objects, sha1); p->num_bad_objects++; } diff --git a/sha1_name.c b/sha1_name.c index 892db21813..532db4fdc6 100644 --- a/sha1_name.c +++ b/sha1_name.c @@ -87,9 +87,8 @@ static void find_short_object_filename(int len, const char *hex_pfx, struct disa * object databases including our own. */ const char *objdir = get_object_directory(); - int objdir_len = strlen(objdir); - int entlen = objdir_len + 43; - fakeent = xmalloc(sizeof(*fakeent) + entlen); + size_t objdir_len = strlen(objdir); + fakeent = xmalloc(st_add3(sizeof(*fakeent), objdir_len, 43)); memcpy(fakeent->base, objdir, objdir_len); fakeent->name = fakeent->base + objdir_len + 1; fakeent->name[-1] = '/'; diff --git a/shallow.c b/shallow.c index 71163bf3d7..4d554caf8d 100644 --- a/shallow.c +++ b/shallow.c @@ -389,7 +389,7 @@ static void paint_down(struct paint_info *info, const unsigned char *sha1, unsigned int i, nr; struct commit_list *head = NULL; int bitmap_nr = (info->nr_bits + 31) / 32; - int bitmap_size = bitmap_nr * sizeof(uint32_t); + size_t bitmap_size = st_mult(bitmap_nr, sizeof(uint32_t)); uint32_t *tmp = xmalloc(bitmap_size); /* to be freed before return */ uint32_t *bitmap = paint_alloc(info); struct commit *c = lookup_commit_reference_gently(sha1, 1); diff --git a/submodule.c b/submodule.c index 14e76247bf..bd97b15a92 100644 --- a/submodule.c +++ b/submodule.c @@ -122,7 +122,7 @@ static int add_submodule_odb(const char *path) struct strbuf objects_directory = STRBUF_INIT; struct alternate_object_database *alt_odb; int ret = 0; - int alloc; + size_t alloc; strbuf_git_path_submodule(&objects_directory, path, "objects/"); if (!is_directory(objects_directory.buf)) { @@ -137,8 +137,8 @@ static int add_submodule_odb(const char *path) objects_directory.len)) goto done; - alloc = objects_directory.len + 42; /* for "12/345..." sha1 */ - alt_odb = xmalloc(sizeof(*alt_odb) + alloc); + alloc = st_add(objects_directory.len, 42); /* for "12/345..." sha1 */ + alt_odb = xmalloc(st_add(sizeof(*alt_odb), alloc)); alt_odb->next = alt_odb_list; xsnprintf(alt_odb->base, alloc, "%s", objects_directory.buf); alt_odb->name = alt_odb->base + objects_directory.len; -- cgit 1.2.3-korg