On Tue, Jul 10, 2018 at 06:20:22PM +0000, Ben Peart wrote:
> log_ref_write_fd() was written long before strbuf was fleshed out. Remove
> the old manual buffer management code and replace it with strbuf(). Also
> update copy_reflog_msg() which is called only by log_ref_write_fd() to use
> strbuf as it keeps things consistent.
Yay! In all of my buffer size auditing over the years, I've repeatedly
come across this "+ 100" but it never quite made the cut for fixing,
since it wasn't (yet) actually broken. Thanks for tackling it.
> -int copy_reflog_msg(char *buf, const char *msg)
> +void copy_reflog_msg(struct strbuf *sb, const char *msg)
Glad to see this "int" go; it should have been size_t anyway.
> {
> - char *cp = buf;
> char c;
> int wasspace = 1;
>
> - *cp++ = '\t';
> + strbuf_addch(sb, '\t');
> while ((c = *msg++)) {
> if (wasspace && isspace(c))
> continue;
> wasspace = isspace(c);
> if (wasspace)
> c = ' ';
> - *cp++ = c;
> + strbuf_addch(sb, c);
> }
This is all fairly straight-forward.
> - while (buf < cp && isspace(cp[-1]))
> - cp--;
> - *cp++ = '\n';
> - return cp - buf;
> + strbuf_rtrim(sb);
Using rtrim is a nice reduction in complexity. A pure translation would
include a final strbuf_addch(sb, '\n'). It looks like you moved that to
the caller. There's only one, so that's OK now, but it may affect topics
in flight (and I do in fact have an old topic that calls it).
But I think it's OK, as the change in function signature means that any
callers will need updated anyway. So there's little risk of a silent
mis-merge.
> diff --git a/refs/files-backend.c b/refs/files-backend.c
> index a9a066dcfb..c0e892d0c8 100644
> --- a/refs/files-backend.c
> +++ b/refs/files-backend.c
> @@ -1582,22 +1582,15 @@ static int log_ref_write_fd(int fd, const struct object_id *old_oid,
> const struct object_id *new_oid,
> const char *committer, const char *msg)
> {
> - int msglen, written;
> - unsigned maxlen, len;
> - char *logrec;
> -
> - msglen = msg ? strlen(msg) : 0;
> - maxlen = strlen(committer) + msglen + 100;
> - logrec = xmalloc(maxlen);
> - len = xsnprintf(logrec, maxlen, "%s %s %s\n",
> - oid_to_hex(old_oid),
> - oid_to_hex(new_oid),
> - committer);
> - if (msglen)
> - len += copy_reflog_msg(logrec + len - 1, msg) - 1;
> -
> - written = len <= maxlen ? write_in_full(fd, logrec, len) : -1;
> - free(logrec);
> + int written;
> + struct strbuf sb = STRBUF_INIT;
> +
> + strbuf_addf(&sb, "%s %s %s", oid_to_hex(old_oid), oid_to_hex(new_oid), committer);
> + if (msg && *msg)
> + copy_reflog_msg(&sb, msg);
> + strbuf_addch(&sb, '\n');
> + written = write_in_full(fd, sb.buf, sb.len);
> + strbuf_release(&sb);
> if (written < 0)
> return -1;
This looks like another straight-forward translation.
While we're here, is it worth turning "written" into an ssize_t, which
is the correct return from write_in_full()? Alternatively, I wonder if
the logic would be simpler to follow with:
int ret;
...strbuf bits...
if (write_in_full(fd, sb.buf, sb.len) < 0)
ret = -1;
else
ret = 0;
strbuf_release(&sb);
return ret;
We don't actually care about the number of bytes at all.
That's minor, though. With or without such a change, I'd be happy to see
it applied.
-Peff
