summaryrefslogtreecommitdiffstats
path: root/tempfile.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--tempfile.c368
1 files changed, 368 insertions, 0 deletions
diff --git a/tempfile.c b/tempfile.c
new file mode 100644
index 0000000..ecdebf1
--- /dev/null
+++ b/tempfile.c
@@ -0,0 +1,368 @@
+/*
+ * State diagram and cleanup
+ * -------------------------
+ *
+ * If the program exits while a temporary file is active, we want to
+ * make sure that we remove it. This is done by remembering the active
+ * temporary files in a linked list, `tempfile_list`. An `atexit(3)`
+ * handler and a signal handler are registered, to clean up any active
+ * temporary files.
+ *
+ * Because the signal handler can run at any time, `tempfile_list` and
+ * the `tempfile` objects that comprise it must be kept in
+ * self-consistent states at all times.
+ *
+ * The possible states of a `tempfile` object are as follows:
+ *
+ * - Inactive/unallocated. The only way to get a tempfile is via a creation
+ * function like create_tempfile(). Once allocated, the tempfile is on the
+ * global tempfile_list and considered active.
+ *
+ * - Active, file open (after `create_tempfile()` or
+ * `reopen_tempfile()`). In this state:
+ *
+ * - the temporary file exists
+ * - `filename` holds the filename of the temporary file
+ * - `fd` holds a file descriptor open for writing to it
+ * - `fp` holds a pointer to an open `FILE` object if and only if
+ * `fdopen_tempfile()` has been called on the object
+ * - `owner` holds the PID of the process that created the file
+ *
+ * - Active, file closed (after `close_tempfile_gently()`). Same
+ * as the previous state, except that the temporary file is closed,
+ * `fd` is -1, and `fp` is `NULL`.
+ *
+ * - Inactive (after `delete_tempfile()`, `rename_tempfile()`, or a
+ * failed attempt to create a temporary file). The struct is removed from
+ * the global tempfile_list and deallocated.
+ *
+ * A temporary file is owned by the process that created it. The
+ * `tempfile` has an `owner` field that records the owner's PID. This
+ * field is used to prevent a forked process from deleting a temporary
+ * file created by its parent.
+ */
+
+#include "git-compat-util.h"
+#include "abspath.h"
+#include "path.h"
+#include "tempfile.h"
+#include "sigchain.h"
+
+static VOLATILE_LIST_HEAD(tempfile_list);
+
+static void remove_template_directory(struct tempfile *tempfile,
+ int in_signal_handler)
+{
+ if (tempfile->directory) {
+ if (in_signal_handler)
+ rmdir(tempfile->directory);
+ else
+ rmdir_or_warn(tempfile->directory);
+ }
+}
+
+static void remove_tempfiles(int in_signal_handler)
+{
+ pid_t me = getpid();
+ volatile struct volatile_list_head *pos;
+
+ list_for_each(pos, &tempfile_list) {
+ struct tempfile *p = list_entry(pos, struct tempfile, list);
+
+ if (!is_tempfile_active(p) || p->owner != me)
+ continue;
+
+ if (p->fd >= 0)
+ close(p->fd);
+
+ if (in_signal_handler)
+ unlink(p->filename.buf);
+ else
+ unlink_or_warn(p->filename.buf);
+ remove_template_directory(p, in_signal_handler);
+ }
+}
+
+static void remove_tempfiles_on_exit(void)
+{
+ remove_tempfiles(0);
+}
+
+static void remove_tempfiles_on_signal(int signo)
+{
+ remove_tempfiles(1);
+ sigchain_pop(signo);
+ raise(signo);
+}
+
+static struct tempfile *new_tempfile(void)
+{
+ struct tempfile *tempfile = xmalloc(sizeof(*tempfile));
+ tempfile->fd = -1;
+ tempfile->fp = NULL;
+ tempfile->owner = 0;
+ INIT_LIST_HEAD(&tempfile->list);
+ strbuf_init(&tempfile->filename, 0);
+ tempfile->directory = NULL;
+ return tempfile;
+}
+
+static void activate_tempfile(struct tempfile *tempfile)
+{
+ static int initialized;
+
+ if (!initialized) {
+ sigchain_push_common(remove_tempfiles_on_signal);
+ atexit(remove_tempfiles_on_exit);
+ initialized = 1;
+ }
+
+ volatile_list_add(&tempfile->list, &tempfile_list);
+ tempfile->owner = getpid();
+}
+
+static void deactivate_tempfile(struct tempfile *tempfile)
+{
+ volatile_list_del(&tempfile->list);
+ strbuf_release(&tempfile->filename);
+ free(tempfile->directory);
+ free(tempfile);
+}
+
+/* Make sure errno contains a meaningful value on error */
+struct tempfile *create_tempfile_mode(const char *path, int mode)
+{
+ struct tempfile *tempfile = new_tempfile();
+
+ strbuf_add_absolute_path(&tempfile->filename, path);
+ tempfile->fd = open(tempfile->filename.buf,
+ O_RDWR | O_CREAT | O_EXCL | O_CLOEXEC, mode);
+ if (O_CLOEXEC && tempfile->fd < 0 && errno == EINVAL)
+ /* Try again w/o O_CLOEXEC: the kernel might not support it */
+ tempfile->fd = open(tempfile->filename.buf,
+ O_RDWR | O_CREAT | O_EXCL, mode);
+ if (tempfile->fd < 0) {
+ deactivate_tempfile(tempfile);
+ return NULL;
+ }
+ activate_tempfile(tempfile);
+ if (adjust_shared_perm(tempfile->filename.buf)) {
+ int save_errno = errno;
+ error("cannot fix permission bits on %s", tempfile->filename.buf);
+ delete_tempfile(&tempfile);
+ errno = save_errno;
+ return NULL;
+ }
+
+ return tempfile;
+}
+
+struct tempfile *register_tempfile(const char *path)
+{
+ struct tempfile *tempfile = new_tempfile();
+ strbuf_add_absolute_path(&tempfile->filename, path);
+ activate_tempfile(tempfile);
+ return tempfile;
+}
+
+struct tempfile *mks_tempfile_sm(const char *filename_template, int suffixlen, int mode)
+{
+ struct tempfile *tempfile = new_tempfile();
+
+ strbuf_add_absolute_path(&tempfile->filename, filename_template);
+ tempfile->fd = git_mkstemps_mode(tempfile->filename.buf, suffixlen, mode);
+ if (tempfile->fd < 0) {
+ deactivate_tempfile(tempfile);
+ return NULL;
+ }
+ activate_tempfile(tempfile);
+ return tempfile;
+}
+
+struct tempfile *mks_tempfile_tsm(const char *filename_template, int suffixlen, int mode)
+{
+ struct tempfile *tempfile = new_tempfile();
+ const char *tmpdir;
+
+ tmpdir = getenv("TMPDIR");
+ if (!tmpdir)
+ tmpdir = "/tmp";
+
+ strbuf_addf(&tempfile->filename, "%s/%s", tmpdir, filename_template);
+ tempfile->fd = git_mkstemps_mode(tempfile->filename.buf, suffixlen, mode);
+ if (tempfile->fd < 0) {
+ deactivate_tempfile(tempfile);
+ return NULL;
+ }
+ activate_tempfile(tempfile);
+ return tempfile;
+}
+
+struct tempfile *mks_tempfile_dt(const char *directory_template,
+ const char *filename)
+{
+ struct tempfile *tempfile;
+ const char *tmpdir;
+ struct strbuf sb = STRBUF_INIT;
+ int fd;
+ size_t directorylen;
+
+ if (!ends_with(directory_template, "XXXXXX")) {
+ errno = EINVAL;
+ return NULL;
+ }
+
+ tmpdir = getenv("TMPDIR");
+ if (!tmpdir)
+ tmpdir = "/tmp";
+
+ strbuf_addf(&sb, "%s/%s", tmpdir, directory_template);
+ directorylen = sb.len;
+ if (!mkdtemp(sb.buf)) {
+ int orig_errno = errno;
+ strbuf_release(&sb);
+ errno = orig_errno;
+ return NULL;
+ }
+
+ strbuf_addf(&sb, "/%s", filename);
+ fd = open(sb.buf, O_CREAT | O_EXCL | O_RDWR, 0600);
+ if (fd < 0) {
+ int orig_errno = errno;
+ strbuf_setlen(&sb, directorylen);
+ rmdir(sb.buf);
+ strbuf_release(&sb);
+ errno = orig_errno;
+ return NULL;
+ }
+
+ tempfile = new_tempfile();
+ strbuf_swap(&tempfile->filename, &sb);
+ tempfile->directory = xmemdupz(tempfile->filename.buf, directorylen);
+ tempfile->fd = fd;
+ activate_tempfile(tempfile);
+ return tempfile;
+}
+
+struct tempfile *xmks_tempfile_m(const char *filename_template, int mode)
+{
+ struct tempfile *tempfile;
+ struct strbuf full_template = STRBUF_INIT;
+
+ strbuf_add_absolute_path(&full_template, filename_template);
+ tempfile = mks_tempfile_m(full_template.buf, mode);
+ if (!tempfile)
+ die_errno("Unable to create temporary file '%s'",
+ full_template.buf);
+
+ strbuf_release(&full_template);
+ return tempfile;
+}
+
+FILE *fdopen_tempfile(struct tempfile *tempfile, const char *mode)
+{
+ if (!is_tempfile_active(tempfile))
+ BUG("fdopen_tempfile() called for inactive object");
+ if (tempfile->fp)
+ BUG("fdopen_tempfile() called for open object");
+
+ tempfile->fp = fdopen(tempfile->fd, mode);
+ return tempfile->fp;
+}
+
+const char *get_tempfile_path(struct tempfile *tempfile)
+{
+ if (!is_tempfile_active(tempfile))
+ BUG("get_tempfile_path() called for inactive object");
+ return tempfile->filename.buf;
+}
+
+int get_tempfile_fd(struct tempfile *tempfile)
+{
+ if (!is_tempfile_active(tempfile))
+ BUG("get_tempfile_fd() called for inactive object");
+ return tempfile->fd;
+}
+
+FILE *get_tempfile_fp(struct tempfile *tempfile)
+{
+ if (!is_tempfile_active(tempfile))
+ BUG("get_tempfile_fp() called for inactive object");
+ return tempfile->fp;
+}
+
+int close_tempfile_gently(struct tempfile *tempfile)
+{
+ int fd;
+ FILE *fp;
+ int err;
+
+ if (!is_tempfile_active(tempfile) || tempfile->fd < 0)
+ return 0;
+
+ fd = tempfile->fd;
+ fp = tempfile->fp;
+ tempfile->fd = -1;
+ if (fp) {
+ tempfile->fp = NULL;
+ if (ferror(fp)) {
+ err = -1;
+ if (!fclose(fp))
+ errno = EIO;
+ } else {
+ err = fclose(fp);
+ }
+ } else {
+ err = close(fd);
+ }
+
+ return err ? -1 : 0;
+}
+
+int reopen_tempfile(struct tempfile *tempfile)
+{
+ if (!is_tempfile_active(tempfile))
+ BUG("reopen_tempfile called for an inactive object");
+ if (0 <= tempfile->fd)
+ BUG("reopen_tempfile called for an open object");
+ tempfile->fd = open(tempfile->filename.buf, O_WRONLY|O_TRUNC);
+ return tempfile->fd;
+}
+
+int rename_tempfile(struct tempfile **tempfile_p, const char *path)
+{
+ struct tempfile *tempfile = *tempfile_p;
+
+ if (!is_tempfile_active(tempfile))
+ BUG("rename_tempfile called for inactive object");
+
+ if (close_tempfile_gently(tempfile)) {
+ delete_tempfile(tempfile_p);
+ return -1;
+ }
+
+ if (rename(tempfile->filename.buf, path)) {
+ int save_errno = errno;
+ delete_tempfile(tempfile_p);
+ errno = save_errno;
+ return -1;
+ }
+
+ deactivate_tempfile(tempfile);
+ *tempfile_p = NULL;
+ return 0;
+}
+
+void delete_tempfile(struct tempfile **tempfile_p)
+{
+ struct tempfile *tempfile = *tempfile_p;
+
+ if (!is_tempfile_active(tempfile))
+ return;
+
+ close_tempfile_gently(tempfile);
+ unlink_or_warn(tempfile->filename.buf);
+ remove_template_directory(tempfile, 0);
+ deactivate_tempfile(tempfile);
+ *tempfile_p = NULL;
+}