mirror of
https://github.com/git/git.git
synced 2024-11-25 10:54:00 +08:00
7c3d15fe31
Avoid unchecked snprintf() to make future code auditing easier. * jk/snprintf-truncation: fmt_with_err: add a comment that truncation is OK shorten_unambiguous_ref: use xsnprintf fsmonitor: use internal argv_array of struct child_process log_write_email_headers: use strbufs http: use strbufs instead of fixed buffers
265 lines
5.4 KiB
C
265 lines
5.4 KiB
C
/*
|
|
* GIT - The information manager from hell
|
|
*
|
|
* Copyright (C) Linus Torvalds, 2005
|
|
*/
|
|
#include "git-compat-util.h"
|
|
#include "cache.h"
|
|
|
|
void vreportf(const char *prefix, const char *err, va_list params)
|
|
{
|
|
char msg[4096];
|
|
char *p;
|
|
|
|
vsnprintf(msg, sizeof(msg), err, params);
|
|
for (p = msg; *p; p++) {
|
|
if (iscntrl(*p) && *p != '\t' && *p != '\n')
|
|
*p = '?';
|
|
}
|
|
fprintf(stderr, "%s%s\n", prefix, msg);
|
|
}
|
|
|
|
static NORETURN void usage_builtin(const char *err, va_list params)
|
|
{
|
|
vreportf("usage: ", err, params);
|
|
exit(129);
|
|
}
|
|
|
|
static NORETURN void die_builtin(const char *err, va_list params)
|
|
{
|
|
vreportf("fatal: ", err, params);
|
|
exit(128);
|
|
}
|
|
|
|
static void error_builtin(const char *err, va_list params)
|
|
{
|
|
vreportf("error: ", err, params);
|
|
}
|
|
|
|
static void warn_builtin(const char *warn, va_list params)
|
|
{
|
|
vreportf("warning: ", warn, params);
|
|
}
|
|
|
|
static int die_is_recursing_builtin(void)
|
|
{
|
|
static int dying;
|
|
/*
|
|
* Just an arbitrary number X where "a < x < b" where "a" is
|
|
* "maximum number of pthreads we'll ever plausibly spawn" and
|
|
* "b" is "something less than Inf", since the point is to
|
|
* prevent infinite recursion.
|
|
*/
|
|
static const int recursion_limit = 1024;
|
|
|
|
dying++;
|
|
if (dying > recursion_limit) {
|
|
return 1;
|
|
} else if (dying == 2) {
|
|
warning("die() called many times. Recursion error or racy threaded death!");
|
|
return 0;
|
|
} else {
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
/* If we are in a dlopen()ed .so write to a global variable would segfault
|
|
* (ugh), so keep things static. */
|
|
static NORETURN_PTR void (*usage_routine)(const char *err, va_list params) = usage_builtin;
|
|
static NORETURN_PTR void (*die_routine)(const char *err, va_list params) = die_builtin;
|
|
static void (*error_routine)(const char *err, va_list params) = error_builtin;
|
|
static void (*warn_routine)(const char *err, va_list params) = warn_builtin;
|
|
static int (*die_is_recursing)(void) = die_is_recursing_builtin;
|
|
|
|
void set_die_routine(NORETURN_PTR void (*routine)(const char *err, va_list params))
|
|
{
|
|
die_routine = routine;
|
|
}
|
|
|
|
void set_error_routine(void (*routine)(const char *err, va_list params))
|
|
{
|
|
error_routine = routine;
|
|
}
|
|
|
|
void (*get_error_routine(void))(const char *err, va_list params)
|
|
{
|
|
return error_routine;
|
|
}
|
|
|
|
void set_warn_routine(void (*routine)(const char *warn, va_list params))
|
|
{
|
|
warn_routine = routine;
|
|
}
|
|
|
|
void (*get_warn_routine(void))(const char *warn, va_list params)
|
|
{
|
|
return warn_routine;
|
|
}
|
|
|
|
void set_die_is_recursing_routine(int (*routine)(void))
|
|
{
|
|
die_is_recursing = routine;
|
|
}
|
|
|
|
void NORETURN usagef(const char *err, ...)
|
|
{
|
|
va_list params;
|
|
|
|
va_start(params, err);
|
|
usage_routine(err, params);
|
|
va_end(params);
|
|
}
|
|
|
|
void NORETURN usage(const char *err)
|
|
{
|
|
usagef("%s", err);
|
|
}
|
|
|
|
void NORETURN die(const char *err, ...)
|
|
{
|
|
va_list params;
|
|
|
|
if (die_is_recursing()) {
|
|
fputs("fatal: recursion detected in die handler\n", stderr);
|
|
exit(128);
|
|
}
|
|
|
|
va_start(params, err);
|
|
die_routine(err, params);
|
|
va_end(params);
|
|
}
|
|
|
|
static const char *fmt_with_err(char *buf, int n, const char *fmt)
|
|
{
|
|
char str_error[256], *err;
|
|
int i, j;
|
|
|
|
err = strerror(errno);
|
|
for (i = j = 0; err[i] && j < sizeof(str_error) - 1; ) {
|
|
if ((str_error[j++] = err[i++]) != '%')
|
|
continue;
|
|
if (j < sizeof(str_error) - 1) {
|
|
str_error[j++] = '%';
|
|
} else {
|
|
/* No room to double the '%', so we overwrite it with
|
|
* '\0' below */
|
|
j--;
|
|
break;
|
|
}
|
|
}
|
|
str_error[j] = 0;
|
|
/* Truncation is acceptable here */
|
|
snprintf(buf, n, "%s: %s", fmt, str_error);
|
|
return buf;
|
|
}
|
|
|
|
void NORETURN die_errno(const char *fmt, ...)
|
|
{
|
|
char buf[1024];
|
|
va_list params;
|
|
|
|
if (die_is_recursing()) {
|
|
fputs("fatal: recursion detected in die_errno handler\n",
|
|
stderr);
|
|
exit(128);
|
|
}
|
|
|
|
va_start(params, fmt);
|
|
die_routine(fmt_with_err(buf, sizeof(buf), fmt), params);
|
|
va_end(params);
|
|
}
|
|
|
|
#undef error_errno
|
|
int error_errno(const char *fmt, ...)
|
|
{
|
|
char buf[1024];
|
|
va_list params;
|
|
|
|
va_start(params, fmt);
|
|
error_routine(fmt_with_err(buf, sizeof(buf), fmt), params);
|
|
va_end(params);
|
|
return -1;
|
|
}
|
|
|
|
#undef error
|
|
int error(const char *err, ...)
|
|
{
|
|
va_list params;
|
|
|
|
va_start(params, err);
|
|
error_routine(err, params);
|
|
va_end(params);
|
|
return -1;
|
|
}
|
|
|
|
void warning_errno(const char *warn, ...)
|
|
{
|
|
char buf[1024];
|
|
va_list params;
|
|
|
|
va_start(params, warn);
|
|
warn_routine(fmt_with_err(buf, sizeof(buf), warn), params);
|
|
va_end(params);
|
|
}
|
|
|
|
void warning(const char *warn, ...)
|
|
{
|
|
va_list params;
|
|
|
|
va_start(params, warn);
|
|
warn_routine(warn, params);
|
|
va_end(params);
|
|
}
|
|
|
|
/* Only set this, ever, from t/helper/, when verifying that bugs are caught. */
|
|
int BUG_exit_code;
|
|
|
|
static NORETURN void BUG_vfl(const char *file, int line, const char *fmt, va_list params)
|
|
{
|
|
char prefix[256];
|
|
|
|
/* truncation via snprintf is OK here */
|
|
if (file)
|
|
snprintf(prefix, sizeof(prefix), "BUG: %s:%d: ", file, line);
|
|
else
|
|
snprintf(prefix, sizeof(prefix), "BUG: ");
|
|
|
|
vreportf(prefix, fmt, params);
|
|
if (BUG_exit_code)
|
|
exit(BUG_exit_code);
|
|
abort();
|
|
}
|
|
|
|
#ifdef HAVE_VARIADIC_MACROS
|
|
NORETURN void BUG_fl(const char *file, int line, const char *fmt, ...)
|
|
{
|
|
va_list ap;
|
|
va_start(ap, fmt);
|
|
BUG_vfl(file, line, fmt, ap);
|
|
va_end(ap);
|
|
}
|
|
#else
|
|
NORETURN void BUG(const char *fmt, ...)
|
|
{
|
|
va_list ap;
|
|
va_start(ap, fmt);
|
|
BUG_vfl(NULL, 0, fmt, ap);
|
|
va_end(ap);
|
|
}
|
|
#endif
|
|
|
|
#ifdef SUPPRESS_ANNOTATED_LEAKS
|
|
void unleak_memory(const void *ptr, size_t len)
|
|
{
|
|
static struct suppressed_leak_root {
|
|
struct suppressed_leak_root *next;
|
|
char data[FLEX_ARRAY];
|
|
} *suppressed_leaks;
|
|
struct suppressed_leak_root *root;
|
|
|
|
FLEX_ALLOC_MEM(root, data, ptr, len);
|
|
root->next = suppressed_leaks;
|
|
suppressed_leaks = root;
|
|
}
|
|
#endif
|