diff --git a/src/config.h b/src/config.h index 7749a9c1a..43574a586 100644 --- a/src/config.h +++ b/src/config.h @@ -14,6 +14,7 @@ #define GIT_CONFIG_FILENAME ".gitconfig" #define GIT_CONFIG_FILENAME_INREPO "config" +#define GIT_CONFIG_FILE_MODE 0666 struct git_config { git_vector files; diff --git a/src/config_file.c b/src/config_file.c index a85ae1578..855574d7e 100644 --- a/src/config_file.c +++ b/src/config_file.c @@ -1034,7 +1034,7 @@ static int config_write(diskfile_backend *cfg, cvar_t *var) if (error < GIT_SUCCESS) git_filebuf_cleanup(&file); else - error = git_filebuf_commit(&file); + error = git_filebuf_commit(&file, GIT_CONFIG_FILE_MODE); git_futils_freebuffer(&cfg->reader.buffer); return error; diff --git a/src/fetch.c b/src/fetch.c index ac7282819..af7dbaffd 100644 --- a/src/fetch.c +++ b/src/fetch.c @@ -14,6 +14,7 @@ #include "transport.h" #include "remote.h" #include "refspec.h" +#include "pack.h" #include "fetch.h" #include "netops.h" @@ -181,7 +182,7 @@ int git_fetch__download_pack(char **out, const char *buffered, size_t buffered_s } /* A bit dodgy, but we need to keep the pack at the temporary path */ - error = git_filebuf_commit_at(&file, file.path_lock); + error = git_filebuf_commit_at(&file, file.path_lock, GIT_PACK_FILE_MODE); cleanup: if (error < GIT_SUCCESS) git_filebuf_cleanup(&file); diff --git a/src/filebuf.c b/src/filebuf.c index e6167d014..a86d25b5a 100644 --- a/src/filebuf.c +++ b/src/filebuf.c @@ -10,6 +10,8 @@ #include "filebuf.h" #include "fileops.h" +#define GIT_LOCK_FILE_MODE 0644 + static const size_t WRITE_BUFFER_SIZE = (4096 * 2); static int lock_file(git_filebuf *file, int flags) @@ -24,9 +26,9 @@ static int lock_file(git_filebuf *file, int flags) /* create path to the file buffer is required */ if (flags & GIT_FILEBUF_FORCE) { /* XXX: Should dirmode here be configurable? Or is 0777 always fine? */ - file->fd = git_futils_creat_locked_withpath(file->path_lock, 0777, 0644); + file->fd = git_futils_creat_locked_withpath(file->path_lock, 0777, GIT_LOCK_FILE_MODE); } else { - file->fd = git_futils_creat_locked(file->path_lock, 0644); + file->fd = git_futils_creat_locked(file->path_lock, GIT_LOCK_FILE_MODE); } if (file->fd < 0) @@ -247,17 +249,17 @@ int git_filebuf_hash(git_oid *oid, git_filebuf *file) return GIT_SUCCESS; } -int git_filebuf_commit_at(git_filebuf *file, const char *path) +int git_filebuf_commit_at(git_filebuf *file, const char *path, mode_t mode) { free(file->path_original); file->path_original = git__strdup(path); if (file->path_original == NULL) return GIT_ENOMEM; - return git_filebuf_commit(file); + return git_filebuf_commit(file, mode); } -int git_filebuf_commit(git_filebuf *file) +int git_filebuf_commit(git_filebuf *file, mode_t mode) { int error; @@ -271,6 +273,11 @@ int git_filebuf_commit(git_filebuf *file) p_close(file->fd); file->fd = -1; + if (p_chmod(file->path_lock, mode)) { + error = git__throw(GIT_EOSERR, "Failed to chmod locked file before committing"); + goto cleanup; + } + error = git_futils_mv_atomic(file->path_lock, file->path_original); cleanup: diff --git a/src/filebuf.h b/src/filebuf.h index 525ca3c81..d08505e8d 100644 --- a/src/filebuf.h +++ b/src/filebuf.h @@ -49,8 +49,8 @@ int git_filebuf_reserve(git_filebuf *file, void **buff, size_t len); int git_filebuf_printf(git_filebuf *file, const char *format, ...) GIT_FORMAT_PRINTF(2, 3); int git_filebuf_open(git_filebuf *lock, const char *path, int flags); -int git_filebuf_commit(git_filebuf *lock); -int git_filebuf_commit_at(git_filebuf *lock, const char *path); +int git_filebuf_commit(git_filebuf *lock, mode_t mode); +int git_filebuf_commit_at(git_filebuf *lock, const char *path, mode_t mode); void git_filebuf_cleanup(git_filebuf *lock); int git_filebuf_hash(git_oid *oid, git_filebuf *file); diff --git a/src/index.c b/src/index.c index 7bf5daf2c..2655aefa9 100644 --- a/src/index.c +++ b/src/index.c @@ -262,7 +262,7 @@ int git_index_write(git_index *index) return git__rethrow(error, "Failed to write index"); } - if ((error = git_filebuf_commit(&file)) < GIT_SUCCESS) + if ((error = git_filebuf_commit(&file, GIT_INDEX_FILE_MODE)) < GIT_SUCCESS) return git__rethrow(error, "Failed to write index"); if (p_stat(index->index_file_path, &indexst) == 0) { diff --git a/src/index.h b/src/index.h index e912770b7..a1cd3403e 100644 --- a/src/index.h +++ b/src/index.h @@ -14,6 +14,9 @@ #include "git2/odb.h" #include "git2/index.h" +#define GIT_INDEX_FILE "index" +#define GIT_INDEX_FILE_MODE 0666 + struct git_index { git_repository *repository; char *index_file_path; diff --git a/src/indexer.c b/src/indexer.c index d5f605fdb..6be4f4a7e 100644 --- a/src/indexer.c +++ b/src/indexer.c @@ -272,7 +272,7 @@ int git_indexer_write(git_indexer *idx) /* Figure out what the final name should be */ index_path(filename, idx); /* Commit file */ - error = git_filebuf_commit_at(&idx->file, filename); + error = git_filebuf_commit_at(&idx->file, filename, GIT_PACK_FILE_MODE); cleanup: git_mwindow_free_all(&idx->pack->mwf); diff --git a/src/odb.h b/src/odb.h index 7c8c9f9e2..833739e99 100644 --- a/src/odb.h +++ b/src/odb.h @@ -16,6 +16,7 @@ #define GIT_OBJECTS_DIR "objects/" #define GIT_OBJECT_DIR_MODE 0777 +#define GIT_OBJECT_FILE_MODE 0444 /* DO NOT EXPORT */ typedef struct { diff --git a/src/odb_loose.c b/src/odb_loose.c index a3013d3dd..dc9897288 100644 --- a/src/odb_loose.c +++ b/src/odb_loose.c @@ -670,7 +670,7 @@ static int loose_backend__stream_fwrite(git_oid *oid, git_odb_stream *_stream) return git__rethrow(error, "Failed to write loose backend"); stream->finished = 1; - return git_filebuf_commit_at(&stream->fbuf, final_path); + return git_filebuf_commit_at(&stream->fbuf, final_path, GIT_OBJECT_FILE_MODE); } static int loose_backend__stream_write(git_odb_stream *_stream, const char *data, size_t len) @@ -790,7 +790,7 @@ static int loose_backend__write(git_oid *oid, git_odb_backend *_backend, const v if ((error = git_futils_mkpath2file(final_path, GIT_OBJECT_DIR_MODE)) < GIT_SUCCESS) goto cleanup; - return git_filebuf_commit_at(&fbuf, final_path); + return git_filebuf_commit_at(&fbuf, final_path, GIT_OBJECT_FILE_MODE); cleanup: git_filebuf_cleanup(&fbuf); diff --git a/src/pack.h b/src/pack.h index 0fddd9dc8..aecf580e9 100644 --- a/src/pack.h +++ b/src/pack.h @@ -15,6 +15,8 @@ #include "mwindow.h" #include "odb.h" +#define GIT_PACK_FILE_MODE 0444 + #define PACK_SIGNATURE 0x5041434b /* "PACK" */ #define PACK_VERSION 2 #define pack_version_ok(v) ((v) == htonl(2) || (v) == htonl(3)) diff --git a/src/reflog.c b/src/reflog.c index 6cdb35304..303c2b494 100644 --- a/src/reflog.c +++ b/src/reflog.c @@ -71,7 +71,7 @@ static int reflog_write(const char *log_path, const char *oid_old, } git_filebuf_write(&fbuf, log.ptr, log.size); - error = git_filebuf_commit(&fbuf); + error = git_filebuf_commit(&fbuf, GIT_REFLOG_FILE_MODE); git_buf_free(&log); return error == GIT_SUCCESS ? GIT_SUCCESS : git__rethrow(error, "Failed to write reflog"); diff --git a/src/reflog.h b/src/reflog.h index 16e9a94ec..44b063700 100644 --- a/src/reflog.h +++ b/src/reflog.h @@ -13,6 +13,7 @@ #define GIT_REFLOG_DIR "logs/" #define GIT_REFLOG_DIR_MODE 0777 +#define GIT_REFLOG_FILE_MODE 0666 #define GIT_REFLOG_SIZE_MIN (2*GIT_OID_HEXSZ+2+17) diff --git a/src/refs.c b/src/refs.c index fcf771b5e..b34067f00 100644 --- a/src/refs.c +++ b/src/refs.c @@ -9,6 +9,7 @@ #include "hash.h" #include "repository.h" #include "fileops.h" +#include "pack.h" #include #include @@ -357,7 +358,7 @@ static int loose_write(git_reference *ref) goto unlock; } - error = git_filebuf_commit(&file); + error = git_filebuf_commit(&file, GIT_REFS_FILE_MODE); if (p_stat(ref_path, &st) == GIT_SUCCESS) ref->mtime = st.st_mtime; @@ -870,7 +871,7 @@ cleanup: /* if we've written all the references properly, we can commit * the packfile to make the changes effective */ if (error == GIT_SUCCESS) { - error = git_filebuf_commit(&pack_file); + error = git_filebuf_commit(&pack_file, GIT_PACK_FILE_MODE); /* when and only when the packfile has been properly written, * we can go ahead and remove the loose refs */ diff --git a/src/refs.h b/src/refs.h index f802cfe4a..33c1e6983 100644 --- a/src/refs.h +++ b/src/refs.h @@ -17,6 +17,7 @@ #define GIT_REFS_TAGS_DIR GIT_REFS_DIR "tags/" #define GIT_REFS_REMOTES_DIR GIT_REFS_DIR "remotes/" #define GIT_REFS_DIR_MODE 0777 +#define GIT_REFS_FILE_MODE 0666 #define GIT_RENAMED_REF_FILE GIT_REFS_DIR "RENAMED-REF" diff --git a/src/repository.h b/src/repository.h index a12dd9da0..0c17958fd 100644 --- a/src/repository.h +++ b/src/repository.h @@ -24,7 +24,6 @@ #define GIT_DIR DOT_GIT "/" #define GIT_DIR_MODE 0755 #define GIT_BARE_DIR_MODE 0777 -#define GIT_INDEX_FILE "index" struct git_object { git_cached_obj cached; diff --git a/src/transports/http.c b/src/transports/http.c index 680354bae..c324bb4ab 100644 --- a/src/transports/http.c +++ b/src/transports/http.c @@ -15,6 +15,7 @@ #include "buffer.h" #include "pkt.h" #include "refs.h" +#include "pack.h" #include "fetch.h" #include "filebuf.h" #include "repository.h" @@ -702,7 +703,7 @@ static int http_download_pack(char **out, git_transport *transport, git_reposito } /* A bit dodgy, but we need to keep the pack at the temporary path */ - error = git_filebuf_commit_at(&file, file.path_lock); + error = git_filebuf_commit_at(&file, file.path_lock, GIT_PACK_FILE_MODE); cleanup: if (error < GIT_SUCCESS) diff --git a/tests-clay/core/dirent.c b/tests-clay/core/dirent.c index 898b1227b..105e8d8f0 100644 --- a/tests-clay/core/dirent.c +++ b/tests-clay/core/dirent.c @@ -31,7 +31,7 @@ static void setup(walk_data *d) state_loc = d; for (n = d->names; n->name; n++) { - git_file fd = p_creat(n->name, 0600); + git_file fd = p_creat(n->name, 0666); cl_assert(fd >= 0); p_close(fd); n->count = 0; diff --git a/tests-clay/core/filebuf.c b/tests-clay/core/filebuf.c index e00e20497..e1ecb2798 100644 --- a/tests-clay/core/filebuf.c +++ b/tests-clay/core/filebuf.c @@ -27,14 +27,14 @@ void test_core_filebuf__1(void) int fd; char test[] = "test"; - fd = p_creat(test, 0644); + fd = p_creat(test, 0666); cl_must_pass(fd); cl_must_pass(p_write(fd, "libgit2 rocks\n", 14)); cl_must_pass(p_close(fd)); cl_git_pass(git_filebuf_open(&file, test, GIT_FILEBUF_APPEND)); cl_git_pass(git_filebuf_printf(&file, "%s\n", "libgit2 rocks")); - cl_git_pass(git_filebuf_commit(&file)); + cl_git_pass(git_filebuf_commit(&file, 0666)); cl_must_pass(p_unlink(test)); } @@ -51,7 +51,7 @@ void test_core_filebuf__2(void) cl_git_pass(git_filebuf_open(&file, test, 0)); cl_git_pass(git_filebuf_write(&file, buf, sizeof(buf))); - cl_git_pass(git_filebuf_commit(&file)); + cl_git_pass(git_filebuf_commit(&file, 0666)); cl_must_pass(p_unlink(test)); } diff --git a/tests-clay/core/rmdir.c b/tests-clay/core/rmdir.c index 03baecf23..20cc8f5f0 100644 --- a/tests-clay/core/rmdir.c +++ b/tests-clay/core/rmdir.c @@ -39,7 +39,7 @@ void test_core_rmdir__fail_to_delete_non_empty_dir(void) git_path_join(file, empty_tmp_dir, "/two/file.txt"); - fd = p_creat(file, 0755); + fd = p_creat(file, 0666); cl_assert(fd >= 0); cl_must_pass(p_close(fd)); diff --git a/tests-clay/status/single.c b/tests-clay/status/single.c index ea1c77fa0..4fd6e6ff4 100644 --- a/tests-clay/status/single.c +++ b/tests-clay/status/single.c @@ -10,7 +10,7 @@ cleanup__remove_file(void *_file) static void file_create(const char *filename, const char *content) { - int fd = p_creat(filename, 0644); + int fd = p_creat(filename, 0666); cl_assert(fd >= 0); cl_must_pass(p_write(fd, content, strlen(content))); cl_must_pass(p_close(fd)); diff --git a/tests/t00-core.c b/tests/t00-core.c index 185681562..dbc80670f 100644 --- a/tests/t00-core.c +++ b/tests/t00-core.c @@ -264,7 +264,7 @@ static int setup(walk_data *d) state_loc = d; for (n = d->names; n->name; n++) { - git_file fd = p_creat(n->name, 0600); + git_file fd = p_creat(n->name, 0666); if (fd < 0) return GIT_ERROR; p_close(fd); @@ -479,14 +479,14 @@ BEGIN_TEST(filebuf1, "make sure GIT_FILEBUF_APPEND works as expected") int fd; char test[] = "test"; - fd = p_creat(test, 0644); + fd = p_creat(test, 0666); must_pass(fd); must_pass(p_write(fd, "libgit2 rocks\n", 14)); must_pass(p_close(fd)); must_pass(git_filebuf_open(&file, test, GIT_FILEBUF_APPEND)); must_pass(git_filebuf_printf(&file, "%s\n", "libgit2 rocks")); - must_pass(git_filebuf_commit(&file)); + must_pass(git_filebuf_commit(&file, 0666)); must_pass(p_unlink(test)); END_TEST @@ -499,7 +499,7 @@ BEGIN_TEST(filebuf2, "make sure git_filebuf_write writes large buffer correctly" memset(buf, 0xfe, sizeof(buf)); must_pass(git_filebuf_open(&file, test, 0)); must_pass(git_filebuf_write(&file, buf, sizeof(buf))); - must_pass(git_filebuf_commit(&file)); + must_pass(git_filebuf_commit(&file, 0666)); must_pass(p_unlink(test)); END_TEST diff --git a/tests/t04-commit.c b/tests/t04-commit.c index 3fb4d370c..4abbf01c2 100644 --- a/tests/t04-commit.c +++ b/tests/t04-commit.c @@ -690,6 +690,10 @@ BEGIN_TEST(write0, "write a new commit object from memory to disk") must_be_true(strcmp(git_commit_message(commit), COMMIT_MESSAGE) == 0); +#ifndef GIT_WIN32 + must_be_true((loose_object_mode(REPOSITORY_FOLDER, (git_object *)commit) & 0777) == GIT_OBJECT_FILE_MODE); +#endif + must_pass(remove_loose_object(REPOSITORY_FOLDER, (git_object *)commit)); git_commit_close(commit); diff --git a/tests/t06-index.c b/tests/t06-index.c index dde98abaf..44562d004 100644 --- a/tests/t06-index.c +++ b/tests/t06-index.c @@ -179,7 +179,7 @@ BEGIN_TEST(add0, "add a new file to the index") must_pass(git_futils_mkpath2file(TEMP_REPO_FOLDER "myrepo/test.txt", 0777)); must_pass(git_filebuf_open(&file, TEMP_REPO_FOLDER "myrepo/test.txt", 0)); must_pass(git_filebuf_write(&file, "hey there\n", 10)); - must_pass(git_filebuf_commit(&file)); + must_pass(git_filebuf_commit(&file, 0666)); /* Store the expected hash of the file/blob * This has been generated by executing the following diff --git a/tests/t08-tag.c b/tests/t08-tag.c index 216fb9dfc..85ef9225e 100644 --- a/tests/t08-tag.c +++ b/tests/t08-tag.c @@ -189,6 +189,9 @@ BEGIN_TEST(write0, "write a tag to the repository and read it again") must_pass(git_reference_lookup(&ref_tag, repo, "refs/tags/the-tag")); must_be_true(git_oid_cmp(git_reference_oid(ref_tag), &tag_id) == 0); must_pass(git_reference_delete(ref_tag)); +#ifndef GIT_WIN32 + must_be_true((loose_object_mode(REPOSITORY_FOLDER, (git_object *)tag) & 0777) == GIT_OBJECT_FILE_MODE); +#endif must_pass(remove_loose_object(REPOSITORY_FOLDER, (git_object *)tag)); diff --git a/tests/t09-tree.c b/tests/t09-tree.c index 1f2fe3f02..2341a1ca4 100644 --- a/tests/t09-tree.c +++ b/tests/t09-tree.c @@ -202,6 +202,7 @@ BEGIN_TEST(write3, "write a hierarchical tree from a memory") must_be_true(2 == git_tree_entrycount(tree)); #ifndef GIT_WIN32 must_be_true((loose_object_dir_mode(TEMP_REPO_FOLDER, (git_object *)tree) & 0777) == GIT_OBJECT_DIR_MODE); + must_be_true((loose_object_mode(TEMP_REPO_FOLDER, (git_object *)tree) & 0777) == GIT_OBJECT_FILE_MODE); #endif git_tree_close(tree); diff --git a/tests/t12-repo.c b/tests/t12-repo.c index c07150c9c..6197cdd00 100644 --- a/tests/t12-repo.c +++ b/tests/t12-repo.c @@ -351,7 +351,7 @@ static int write_file(const char *path, const char *content) return error; } - file = git_futils_creat_withpath(path, 0777, 0644); + file = git_futils_creat_withpath(path, 0777, 0666); if (file < GIT_SUCCESS) return file; diff --git a/tests/t15-config.c b/tests/t15-config.c index c4cb590f5..a97f82067 100644 --- a/tests/t15-config.c +++ b/tests/t15-config.c @@ -319,7 +319,7 @@ BEGIN_TEST(config16, "add a variable in a new section") /* As the section wasn't removed, owerwrite the file */ must_pass(git_filebuf_open(&buf, CONFIG_BASE "/config10", 0)); must_pass(git_filebuf_write(&buf, "[empty]\n", strlen("[empty]\n"))); - must_pass(git_filebuf_commit(&buf)); + must_pass(git_filebuf_commit(&buf, 0666)); END_TEST BEGIN_TEST(config17, "prefixes aren't broken") diff --git a/tests/t18-status.c b/tests/t18-status.c index bd205a438..d836fb9a9 100644 --- a/tests/t18-status.c +++ b/tests/t18-status.c @@ -37,7 +37,7 @@ static int file_create(const char *filename, const char *content) { int fd; - fd = p_creat(filename, 0644); + fd = p_creat(filename, 0666); if (fd == 0) return GIT_ERROR; if (p_write(fd, content, strlen(content)) != 0) @@ -400,7 +400,7 @@ BEGIN_TEST(singlestatus3, "test retrieving status for a new file in an empty rep must_pass(remove_placeholders(TEST_STD_REPO_FOLDER, "dummy-marker.txt")); git_path_join(file_path, TEMP_REPO_FOLDER, filename); - fd = p_creat(file_path, 0644); + fd = p_creat(file_path, 0666); must_pass(fd); must_pass(p_write(fd, "new_file\n", 9)); must_pass(p_close(fd)); diff --git a/tests/test_helpers.c b/tests/test_helpers.c index 7074e4822..7bba2e1d2 100644 --- a/tests/test_helpers.c +++ b/tests/test_helpers.c @@ -110,6 +110,18 @@ void locate_loose_object(const char *repository_folder, git_object *object, char *out_folder = top_folder; } +int loose_object_mode(const char *repository_folder, git_object *object) +{ + char *object_path; + struct stat st; + + locate_loose_object(repository_folder, object, &object_path, NULL); + assert(p_stat(object_path, &st) == 0); + free(object_path); + + return st.st_mode; +} + int loose_object_dir_mode(const char *repository_folder, git_object *object) { char *object_path; @@ -175,7 +187,7 @@ int copy_file(const char *src, const char *dst) if (git_futils_readbuffer(&source_buf, src) < GIT_SUCCESS) return GIT_ENOTFOUND; - dst_fd = git_futils_creat_withpath(dst, 0777, 0644); + dst_fd = git_futils_creat_withpath(dst, 0777, 0666); if (dst_fd < 0) goto cleanup; diff --git a/tests/test_helpers.h b/tests/test_helpers.h index 2e5194d7c..16a3a2ced 100644 --- a/tests/test_helpers.h +++ b/tests/test_helpers.h @@ -65,6 +65,7 @@ extern int cmp_objects(git_rawobj *o, object_data *d); extern void locate_loose_object(const char *odb_dir, git_object *object, char **out, char **out_folder); +extern int loose_object_mode(const char *odb_dir, git_object *object); extern int loose_object_dir_mode(const char *odb_dir, git_object *object); extern int remove_loose_object(const char *odb_dir, git_object *object);