aniani/vim
0
0
Fork 1
mirror of https://github.com/vim/vim.git synced 2025-09-29 04:34:16 -04:00
Code Activity

patch 8.0.0685: when conversion fails written file may be truncated

Browse Source 
Problem:    When making backups is disabled and conversion with iconv fails
            the written file is truncated. (Luo Chen)
Solution:   First try converting the file and write the file only when it did
            not fail. (partly by Christian Brabandt)
This commit is contained in:
Bram Moolenaar
2017-06-27 22:11:51 +02:00
parent 28b238225a
commit e6bf655bc4
3 changed files with 437 additions and 354 deletions
Download Patch File Download Diff File Expand all files Collapse all files

161
src/fileio.c
View File

@@ -3166,6 +3166,7 @@ buf_write(
int device = FALSE; /* writing to a device */
stat_T st_old;
int prev_got_int = got_int;
int checking_conversion;
int file_readonly = FALSE; /* overwritten file is read-only */
static char *err_readonly = "is read-only (cannot override: \"W\" in 'cpoptions')";
#if defined(UNIX) /*XXX fix me sometime? */
@@ -4343,13 +4344,41 @@ buf_write(
}
#endif
/*
* If conversion is taking place, we may first pretend to write and check
* for conversion errors. Then loop again to write for real.
* When not doing conversion this writes for real right away.
*/
for (checking_conversion = TRUE; ; checking_conversion = FALSE)
{
/*
* There is no need to check conversion when:
* - there is no conversion
* - we make a backup file, that can be restored in case of conversion
* failure.
*/
#ifdef FEAT_MBYTE
if (!converted || dobackup)
#endif
checking_conversion = FALSE;
if (checking_conversion)
{
/* Make sure we don't write anything. */
fd = -1;
write_info.bw_fd = fd;
}
else
{
/*
* Open the file "wfname" for writing.
* We may try to open the file twice: If we can't write to the
* file and forceit is TRUE we delete the existing file and try to create
* a new one. If this still fails we may have lost the original file!
* (this may happen when the user reached his quotum for number of files).
* Appending will fail if the file does not exist and forceit is FALSE.
* We may try to open the file twice: If we can't write to the file
* and forceit is TRUE we delete the existing file and try to
* create a new one. If this still fails we may have lost the
* original file! (this may happen when the user reached his
* quotum for number of files).
* Appending will fail if the file does not exist and forceit is
* FALSE.
*/
while ((fd = mch_open((char *)wfname, O_WRONLY | O_EXTRA | (append
? (forceit ? (O_APPEND | O_CREAT) : O_APPEND)
@@ -4357,16 +4386,17 @@ buf_write(
, perm < 0 ? 0666 : (perm & 0777))) < 0)
{
/*
* A forced write will try to create a new file if the old one is
* still readonly. This may also happen when the directory is
* read-only. In that case the mch_remove() will fail.
* A forced write will try to create a new file if the old one
* is still readonly. This may also happen when the directory
* is read-only. In that case the mch_remove() will fail.
*/
if (errmsg == NULL)
{
#ifdef UNIX
stat_T st;
/* Don't delete the file when it's a hard or symbolic link. */
/* Don't delete the file when it's a hard or symbolic link.
*/
if ((!newfile && st_old.st_nlink > 1)
|| (mch_lstat((char *)fname, &st) == 0
&& (st.st_dev != st_old.st_dev
@@ -4385,7 +4415,8 @@ buf_write(
if (!(perm & 0200))
made_writable = TRUE;
perm |= 0200;
if (st_old.st_uid != getuid() || st_old.st_gid != getgid())
if (st_old.st_uid != getuid()
|| st_old.st_gid != getgid())
perm &= 0777;
#endif
if (!append) /* don't remove when appending */
@@ -4400,24 +4431,26 @@ restore_backup:
stat_T st;
/*
* If we failed to open the file, we don't need a backup. Throw it
* away. If we moved or removed the original file try to put the
* backup in its place.
* If we failed to open the file, we don't need a backup.
* Throw it away. If we moved or removed the original file
* try to put the backup in its place.
*/
if (backup != NULL && wfname == fname)
{
if (backup_copy)
{
/*
* There is a small chance that we removed the original,
* try to move the copy in its place.
* There is a small chance that we removed the
* original, try to move the copy in its place.
* This may not work if the vim_rename() fails.
* In that case we leave the copy around.
*/
/* If file does not exist, put the copy in its place */
/* If file does not exist, put the copy in its
* place */
if (mch_stat((char *)fname, &st) < 0)
vim_rename(backup, fname);
/* if original file does exist throw away the copy */
/* if original file does exist throw away the copy
*/
if (mch_stat((char *)fname, &st) >= 0)
mch_remove(backup);
}
@@ -4428,7 +4461,8 @@ restore_backup:
}
}
/* if original file no longer exists give an extra warning */
/* if original file no longer exists give an extra warning
*/
if (!newfile && mch_stat((char *)fname, &st) < 0)
end = 0;
}
@@ -4439,7 +4473,7 @@ restore_backup:
#endif
goto fail;
}
errmsg = NULL;
write_info.bw_fd = fd;
#if defined(MACOS_CLASSIC) || defined(WIN3264)
/* TODO: Is it need for MACOS_X? (Dany) */
@@ -4464,15 +4498,14 @@ restore_backup:
}
#endif
write_info.bw_fd = fd;
#ifdef FEAT_CRYPT
if (*buf->b_p_key != NUL && !filtering)
{
char_u *header;
int header_len;
buf->b_cryptstate = crypt_create_for_writing(crypt_get_method_nr(buf),
buf->b_cryptstate = crypt_create_for_writing(
crypt_get_method_nr(buf),
buf->b_p_key, &header, &header_len);
if (buf->b_cryptstate == NULL || header == NULL)
end = 0;
@@ -4490,6 +4523,8 @@ restore_backup:
}
}
#endif
}
errmsg = NULL;
write_info.bw_buf = buffer;
nchars = 0;
@@ -4503,8 +4538,8 @@ restore_backup:
#ifdef FEAT_MBYTE
/*
* The BOM is written just after the encryption magic number.
* Skip it when appending and the file already existed, the BOM only makes
* sense at the start of the file.
* Skip it when appending and the file already existed, the BOM only
* makes sense at the start of the file.
*/
if (buf->b_p_bomb && !write_bin && (!append || perm < 0))
{
@@ -4523,8 +4558,12 @@ restore_backup:
#endif
#ifdef FEAT_PERSISTENT_UNDO
write_undo_file = (buf->b_p_udf && overwriting && !append
&& !filtering && reset_changed);
write_undo_file = (buf->b_p_udf
&& overwriting
&& !append
&& !filtering
&& reset_changed
&& !checking_conversion);
if (write_undo_file)
/* Prepare for computing the hash value of the text. */
sha256_start(&sha_ctx);
@@ -4546,7 +4585,8 @@ restore_backup:
ptr = ml_get_buf(buf, lnum, FALSE) - 1;
#ifdef FEAT_PERSISTENT_UNDO
if (write_undo_file)
sha256_update(&sha_ctx, ptr + 1, (UINT32_T)(STRLEN(ptr + 1) + 1));
sha256_update(&sha_ctx, ptr + 1,
(UINT32_T)(STRLEN(ptr + 1) + 1));
#endif
while ((c = *++ptr) != NUL)
{
@@ -4576,7 +4616,8 @@ restore_backup:
|| (lnum == end
&& (write_bin || !buf->b_p_fixeol)
&& (lnum == buf->b_no_eol_lnum
|| (lnum == buf->b_ml.ml_line_count && !buf->b_p_eol))))
|| (lnum == buf->b_ml.ml_line_count
&& !buf->b_p_eol))))
{
++lnum; /* written the line, count it */
no_eol = TRUE;
@@ -4623,12 +4664,12 @@ restore_backup:
}
#ifdef VMS
/*
* On VMS there is a problem: newlines get added when writing blocks
* at a time. Fix it by writing a line at a time.
* On VMS there is a problem: newlines get added when writing
* blocks at a time. Fix it by writing a line at a time.
* This is much slower!
* Explanation: VAX/DECC RTL insists that records in some RMS
* structures end with a newline (carriage return) character, and if
* they don't it adds one.
* structures end with a newline (carriage return) character, and
* if they don't it adds one.
* With other RMS structures it works perfect without this fix.
*/
if (buf->b_fab_rfm == FAB$C_VFC
@@ -4666,15 +4707,29 @@ restore_backup:
nchars += len;
}
/* Stop when writing done or an error was encountered. */
if (!checking_conversion || end == 0)
break;
/* If no error happened until now, writing should be ok, so loop to
* really write the buffer. */
}
/* If we started writing, finish writing. Also when an error was
* encountered. */
if (!checking_conversion)
{
#if defined(UNIX) && defined(HAVE_FSYNC)
/* On many journalling file systems there is a bug that causes both the
* original and the backup file to be lost when halting the system right
* after writing the file. That's because only the meta-data is
* journalled. Syncing the file slows down the system, but assures it has
* been written to disk and we don't lose it.
* For a device do try the fsync() but don't complain if it does not work
* (could be a pipe).
* If the 'fsync' option is FALSE, don't fsync(). Useful for laptops. */
/*
* On many journalling file systems there is a bug that causes both the
* original and the backup file to be lost when halting the system
* right after writing the file. That's because only the meta-data is
* journalled. Syncing the file slows down the system, but assures it
* has been written to disk and we don't lose it.
* For a device do try the fsync() but don't complain if it does not
* work (could be a pipe).
* If the 'fsync' option is FALSE, don't fsync(). Useful for laptops.
*/
if (p_fs && fsync(fd) != 0 && !device)
{
errmsg = (char_u *)_("E667: Fsync failed");
@@ -4689,8 +4744,8 @@ restore_backup:
#endif
#ifdef UNIX
/* When creating a new file, set its owner/group to that of the original
* file. Get the new device and inode number. */
/* When creating a new file, set its owner/group to that of the
* original file. Get the new device and inode number. */
if (backup != NULL && !backup_copy)
{
# ifdef HAVE_FCHOWN
@@ -4731,9 +4786,9 @@ restore_backup:
* Probably need to set the ACL before changing the user (can't set the
* ACL on a file the user doesn't own).
* On Solaris, with ZFS and the aclmode property set to "discard" (the
* default), chmod() discards all part of a file's ACL that don't represent
* the mode of the file. It's non-trivial for us to discover whether we're
* in that situation, so we simply always re-set the ACL.
* default), chmod() discards all part of a file's ACL that don't
* represent the mode of the file. It's non-trivial for us to discover
* whether we're in that situation, so we simply always re-set the ACL.
*/
# ifndef HAVE_SOLARIS_ZFS_ACL
if (!backup_copy)
@@ -4752,13 +4807,13 @@ restore_backup:
if (wfname != fname)
{
/*
* The file was written to a temp file, now it needs to be converted
* with 'charconvert' to (overwrite) the output file.
* The file was written to a temp file, now it needs to be
* converted with 'charconvert' to (overwrite) the output file.
*/
if (end != 0)
{
if (eval_charconvert(enc_utf8 ? (char_u *)"utf-8" : p_enc, fenc,
wfname, fname) == FAIL)
if (eval_charconvert(enc_utf8 ? (char_u *)"utf-8" : p_enc,
fenc, wfname, fname) == FAIL)
{
write_info.bw_conv_error = TRUE;
end = 0;
@@ -4768,9 +4823,13 @@ restore_backup:
vim_free(wfname);
}
#endif
}
if (end == 0)
{
/*
* Error encountered.
*/
if (errmsg == NULL)
{
#ifdef FEAT_MBYTE
@@ -5690,6 +5749,10 @@ buf_write_bytes(struct bw_info *ip)
}
#endif /* FEAT_MBYTE */
if (ip->bw_fd < 0)
/* Only checking conversion, which is OK if we get here. */
return OK;
#ifdef FEAT_CRYPT
if (flags & FIO_ENCRYPTED)
{

18
src/testdir/test_writefile.vim
View File

@@ -31,3 +31,21 @@ func Test_writefile_fails_gently()
call assert_fails('call writefile([], [])', 'E730:')
endfunc
func Test_writefile_fails_conversion()
if !has('multi_byte') || !has('iconv')
return
endif
set nobackup nowritebackup
new
let contents = ["line one", "line two"]
call writefile(contents, 'Xfile')
edit Xfile
call setline(1, ["first line", "cannot convert \u010b", "third line"])
call assert_fails('write ++enc=cp932')
call assert_equal(contents, readfile('Xfile'))
call delete('Xfile')
bwipe!
set backup& writebackup&
endfunc

2
src/version.c
View File

@@ -764,6 +764,8 @@ static char *(features[]) =
static int included_patches[] =
{ /* Add new patch number below this line */
/**/
685,
/**/
684,
/**/