Jeff King wrote:
> We try to read "len" bytes into a buffer and just assume
> that it happened correctly. In practice this should usually
> be the case, since we just stat'd the file to get the
> length. But we could be fooled by transient errors or by
> other processes racily truncating the file.
>
> Let's be more careful. There's a slim chance this could
> catch a real error, but it also prevents people and tools
> from getting worried while reading the code.
>
> Signed-off-by: Jeff King <peff@xxxxxxxx>
> ---
> builtin/worktree.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/builtin/worktree.c b/builtin/worktree.c
> index 2f4a4ef9cd..87b3d70b0b 100644
> --- a/builtin/worktree.c
> +++ b/builtin/worktree.c
> @@ -59,7 +59,11 @@ static int prune_worktree(const char *id, struct strbuf *reason)
> }
> len = xsize_t(st.st_size);
> path = xmallocz(len);
> - read_in_full(fd, path, len);
> + if (read_in_full(fd, path, len) != len) {
> + strbuf_addf(reason, _("Removing worktrees/%s: gitdir read did not match stat (%s)"),
> + id, strerror(errno));
I'm a little confused. The 'if' condition checks for a read error but
the message says something about 'stat'.
If we're trying to double-check the 'stat' result, shouldn't we read
all the way to EOF in case the file got longer?
Puzzled,
Jonathan
