[PATCH v2] connect: also update offset for features without values

["Andrzej Hunt via GitGitGadget" <gitgitgadget@gmail.com>]

From: Andrzej Hunt <andrzej@ahunt.org>

parse_feature_value() takes an offset, and uses it to seek past the
point in features_list that we've already seen. However if the feature
being searched for does not specify a value, the offset is not
updated. Therefore if we call parse_feature_value() in a loop on a
value-less feature, we'll keep on parsing the same feature over and over
again. This usually isn't an issue: there's no point in using
next_server_feature_value() to search for repeated instances of the same
capability unless that capability typically specifies a value - but a
broken server could send a response that omits the value for a feature
even when we are expecting a value.

Therefore we add an offset update calculation for the no-value case,
which helps ensure that loops using next_server_feature_value() will
always terminate.

next_server_feature_value(), and the offset calculation, were first
added in 2.28 in 2c6a403d96 (connect: add function to parse multiple
v1 capability values, 2020-05-25).

Thanks to Peff for authoring the test.

Co-authored-by: Jeff King <peff@peff.net>
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Andrzej Hunt <andrzej@ahunt.org>
---
    connect: also update offset for features without values
    
    V2 incorporates Peff's test and test stability improvements, and
    attempts to improve the commit message.
    
    ATB,
    
    Andrzej

Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-git-1091%2Fahunt%2Fconnectloop-v2
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-git-1091/ahunt/connectloop-v2
Pull-Request: https://github.com/git/git/pull/1091

Range-diff vs v1:

 1:  dcbb05ddc4b ! 1:  908e4e6c4ed connect: also update offset for features without values
     @@ Metadata
       ## Commit message ##
          connect: also update offset for features without values
      
     -    parse_feature_value() does not update offset if the feature being
     -    searched for does not specify a value. A loop that uses
     -    parse_feature_value() to find a feature which was specified without a
     -    value therefore might never exit (such loops will typically use
     -    next_server_feature_value() as opposed to parse_feature_value() itself).
     -    This usually isn't an issue: there's no point in using
     +    parse_feature_value() takes an offset, and uses it to seek past the
     +    point in features_list that we've already seen. However if the feature
     +    being searched for does not specify a value, the offset is not
     +    updated. Therefore if we call parse_feature_value() in a loop on a
     +    value-less feature, we'll keep on parsing the same feature over and over
     +    again. This usually isn't an issue: there's no point in using
          next_server_feature_value() to search for repeated instances of the same
          capability unless that capability typically specifies a value - but a
          broken server could send a response that omits the value for a feature
     @@ Commit message
          always terminate.
      
          next_server_feature_value(), and the offset calculation, were first
     -    added in 2.28 in:
     -      2c6a403d96 (connect: add function to parse multiple v1 capability values, 2020-05-25)
     +    added in 2.28 in 2c6a403d96 (connect: add function to parse multiple
     +    v1 capability values, 2020-05-25).
      
          Thanks to Peff for authoring the test.
      
     @@ t/t5704-protocol-violations.sh: test_expect_success 'extra delim packet in v2 fe
      +test_expect_success 'bogus symref in v0 capabilities' '
      +	test_commit foo &&
      +	oid=$(git rev-parse HEAD) &&
     ++	dst=refs/heads/foo &&
      +	{
     -+		printf "%s HEAD\0symref object-format=%s\n" "$oid" "$GIT_DEFAULT_HASH" |
     ++		printf "%s HEAD\0symref object-format=%s symref=HEAD:%s\n" \
     ++			"$oid" "$GIT_DEFAULT_HASH" "$dst" |
      +			test-tool pkt-line pack-raw-stdin &&
      +		printf "0000"
      +	} >input &&
     -+	git ls-remote --upload-pack="cat input ;:" . >actual &&
     -+	printf "%s\tHEAD\n" "$oid" >expect &&
     ++	git ls-remote --symref --upload-pack="cat input; read junk;:" . >actual &&
     ++	printf "ref: %s\tHEAD\n%s\tHEAD\n" "$dst" "$oid" >expect &&
      +	test_cmp expect actual
      +'
      +


 connect.c                      |  2 ++
 t/t5704-protocol-violations.sh | 15 +++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/connect.c b/connect.c
index aff13a270e6..eaf7d6d2618 100644
--- a/connect.c
+++ b/connect.c
@@ -557,6 +557,8 @@ const char *parse_feature_value(const char *feature_list, const char *feature, i
 			if (!*value || isspace(*value)) {
 				if (lenp)
 					*lenp = 0;
+				if (offset)
+					*offset = found + len - feature_list;
 				return value;
 			}
 			/* feature with a value (e.g., "agent=git/1.2.3") */
diff --git a/t/t5704-protocol-violations.sh b/t/t5704-protocol-violations.sh
index 5c941949b98..bc393d7c319 100755
--- a/t/t5704-protocol-violations.sh
+++ b/t/t5704-protocol-violations.sh
@@ -32,4 +32,19 @@ test_expect_success 'extra delim packet in v2 fetch args' '
 	test_i18ngrep "expected flush after fetch arguments" err
 '
 
+test_expect_success 'bogus symref in v0 capabilities' '
+	test_commit foo &&
+	oid=$(git rev-parse HEAD) &&
+	dst=refs/heads/foo &&
+	{
+		printf "%s HEAD\0symref object-format=%s symref=HEAD:%s\n" \
+			"$oid" "$GIT_DEFAULT_HASH" "$dst" |
+			test-tool pkt-line pack-raw-stdin &&
+		printf "0000"
+	} >input &&
+	git ls-remote --symref --upload-pack="cat input; read junk;:" . >actual &&
+	printf "ref: %s\tHEAD\n%s\tHEAD\n" "$dst" "$oid" >expect &&
+	test_cmp expect actual
+'
+
 test_done

base-commit: 4c38ced6901a8523cea197b31b2616240ec9fb6e
-- 
gitgitgadget