From: Damien Robert <damien.olivier.robert@gmail.com>
To: Jeff King <peff@peff.net>,
git@vger.kernel.org, Junio C Hamano <gitster@pobox.com>,
Derrick Stolee <dstolee@microsoft.com>,
William Baker <William.Baker@microsoft.com>
Cc: Damien Robert <damien.olivier.robert+git@gmail.com>
Subject: [PATCH v3 1/1] midx.c: fix an integer overflow
Date: Mon, 23 Mar 2020 23:25:15 +0100 [thread overview]
Message-ID: <20200323222515.779477-1-damien.olivier.robert+git@gmail.com> (raw)
In-Reply-To: <20200312173520.2401776-1-damien.olivier.robert+git@gmail.com>
When verifying a midx index with 0 objects, the
m->num_objects - 1
overflows to 4294967295.
Fix this both by checking that the midx contains at least one oid,
and also that we don't write any midx when there is no packfiles.
Update the tests so that we check that `git multi-pack-index write` does
not write an midx when there is no object.
Signed-off-by: Damien Robert <damien.olivier.robert+git@gmail.com>
---
Since I did not receive any guidelines, I did not upload an midx with no
object to check in the tests. I just modified the current tests to check
that we don't produce an midx if there is no objects.
midx.c | 13 +++++++++++++
t/t5319-multi-pack-index.sh | 7 +++----
2 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/midx.c b/midx.c
index 1527e464a7..018acc7e76 100644
--- a/midx.c
+++ b/midx.c
@@ -923,6 +923,12 @@ static int write_midx_internal(const char *object_dir, struct multi_pack_index *
cur_chunk = 0;
num_chunks = large_offsets_needed ? 5 : 4;
+ if (packs.nr - dropped_packs == 0) {
+ error(_("no pack files to index."));
+ result = 1;
+ goto cleanup;
+ }
+
written = write_midx_header(f, num_chunks, packs.nr - dropped_packs);
chunk_ids[cur_chunk] = MIDX_CHUNKID_PACKNAMES;
@@ -1124,6 +1130,13 @@ int verify_midx_file(struct repository *r, const char *object_dir, unsigned flag
i, oid_fanout1, oid_fanout2, i + 1);
}
+ if (m->num_objects == 0) {
+ midx_report(_("the midx contains no oid"));
+ // remaining tests assume that we have objects, so we can
+ // return here
+ return verify_midx_error;
+ }
+
if (flags & MIDX_PROGRESS)
progress = start_sparse_progress(_("Verifying OID order in multi-pack-index"),
m->num_objects - 1);
diff --git a/t/t5319-multi-pack-index.sh b/t/t5319-multi-pack-index.sh
index 43a7a66c9d..d90dfce268 100755
--- a/t/t5319-multi-pack-index.sh
+++ b/t/t5319-multi-pack-index.sh
@@ -42,10 +42,9 @@ test_expect_success 'setup' '
EOF
'
-test_expect_success 'write midx with no packs' '
- test_when_finished rm -f pack/multi-pack-index &&
- git multi-pack-index --object-dir=. write &&
- midx_read_expect 0 0 4 .
+test_expect_success "don't write midx with no packs" '
+ test_must_fail git multi-pack-index --object-dir=. write &&
+ test_path_is_missing pack/multi-pack-index
'
generate_objects () {
--
Patched on top of v2.26.0 (git version 2.25.1)
next prev parent reply other threads:[~2020-03-23 22:25 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-28 16:24 [PATCH 1/1] midx.c: fix an integer overflow Damien Robert
2020-02-28 18:55 ` Jeff King
2020-02-28 20:39 ` Junio C Hamano
2020-02-29 17:15 ` Damien Robert
2020-02-29 15:38 ` Damien Robert
2020-03-12 17:35 ` [PATCH v2 " Damien Robert
2020-03-12 18:24 ` Damien Robert
2020-03-12 18:28 ` Derrick Stolee
2020-03-12 21:41 ` Damien Robert
2020-03-23 22:25 ` Damien Robert [this message]
2020-03-24 6:01 ` [PATCH v3 " Jeff King
2020-03-24 18:48 ` Junio C Hamano
2020-03-26 21:35 ` [PATCH v4 " Damien Robert
2020-03-26 23:27 ` Junio C Hamano
2020-03-28 22:23 ` Damien Robert
2020-03-28 23:51 ` Junio C Hamano
2020-03-28 22:18 ` [PATCH 1/1] midx.c: fix an integer underflow Damien Robert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200323222515.779477-1-damien.olivier.robert+git@gmail.com \
--to=damien.olivier.robert@gmail.com \
--cc=William.Baker@microsoft.com \
--cc=damien.olivier.robert+git@gmail.com \
--cc=dstolee@microsoft.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).