Bug: Failure if stdin is closed.

[worley@alum.mit.edu (Dale R. Worley)]

(The original problem and the discussion that ensued is on the
git-users mailing list:
https://groups.google.com/forum/#!topic/git-users/lNQ7Cn35EqA)

"git commit" (and probably other operations) fail if standard input
(fd 0) is closed when git starts.  A simple test case follows.  (The
execution is version 1.7.7.6, but the code listed below is from a very
recent commit.)


$ git --version
git version 1.7.7.6
$ git status
# On branch master
nothing to commit (working directory clean)
$ echo This is a test >ffff
$ git status
# On branch master
# Untracked files:
#   (use "git add <file>..." to include in what will be committed)
#
#	ffff
nothing added to commit but untracked files present (use "git add" to track)
$ git add ffff
$ # The notation "0<&-" means "close standard input (fd 0) in the process that
$ # executes this command.  It may be specific to the bash shell.
$ git commit -m xxxx 0<&-
error: unable to create temporary sha1 filename : No such file or directory

error: Error building trees
$ git status
# On branch master
# Changes to be committed:
#   (use "git reset HEAD <file>..." to unstage)
#
#	new file:   ffff
#
$ git commit -m xxxx
[master 54c146c] xxxx
 1 files changed, 1 insertions(+), 0 deletions(-)
 create mode 100644 ffff
$ git status
# On branch master
# Your branch is ahead of 'origin/master' by 1 commit.
#
nothing to commit (working directory clean)
$ 


The fundamental error is that git_mkstemps_mode() in wrapper.c assumes
that if open() is successful, its return value must be >0.  That is
not true, because if fd 0 is closed, then open() can successfully
return 0.  I have not tested it, but it looks like the fix is:

 int git_mkstemps_mode(char *pattern, int suffix_len, int mode)
 {
	 static const char letters[] =
		 "abcdefghijklmnopqrstuvwxyz"
		 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
		 "0123456789";
	 static const int num_letters = 62;
	 uint64_t value;
	 struct timeval tv;
	 char *template;
	 size_t len;
	 int fd, count;

	 len = strlen(pattern);

	 if (len < 6 + suffix_len) {
		 errno = EINVAL;
		 return -1;
	 }

	 if (strncmp(&pattern[len - 6 - suffix_len], "XXXXXX", 6)) {
		 errno = EINVAL;
		 return -1;
	 }

	 /*
	  * Replace pattern's XXXXXX characters with randomness.
	  * Try TMP_MAX different filenames.
	  */
	 gettimeofday(&tv, NULL);
	 value = ((size_t)(tv.tv_usec << 16)) ^ tv.tv_sec ^ getpid();
	 template = &pattern[len - 6 - suffix_len];
	 for (count = 0; count < TMP_MAX; ++count) {
		 uint64_t v = value;
		 /* Fill in the random bits. */
		 template[0] = letters[v % num_letters]; v /= num_letters;
		 template[1] = letters[v % num_letters]; v /= num_letters;
		 template[2] = letters[v % num_letters]; v /= num_letters;
		 template[3] = letters[v % num_letters]; v /= num_letters;
		 template[4] = letters[v % num_letters]; v /= num_letters;
		 template[5] = letters[v % num_letters]; v /= num_letters;

		 fd = open(pattern, O_CREAT | O_EXCL | O_RDWR, mode);
-		 if (fd > 0)
+		 if (fd >= 0)
			 return fd;
		 /*
		  * Fatal error (EPERM, ENOSPC etc).
		  * It doesn't make sense to loop.
		  */
		 if (errno != EEXIST)
			 break;
		 /*
		  * This is a random value.  It is only necessary that
		  * the next TMP_MAX values generated by adding 7777 to
		  * VALUE are different with (module 2^32).
		  */
		 value += 7777;
	 }
	 /* We return the null string if we can't find a unique file name.  */
	 pattern[0] = '\0';
	 return -1;
 }


However, when looking at the code, I noticed that few of the functions
have comments describing what they do, and none describe their input
and output values.  In particular, there are no comments specifying
what the error return values are.  This is appalling for a supposedly
professional-quality project!

Dale