From: Junio C Hamano <gitster@pobox.com>
To: Ori Bernstein <ori@eigenstate.org>
Cc: git@vger.kernel.org
Subject: Re: [PATCH] Avoid infinite loop in malformed packfiles
Date: Mon, 24 Aug 2020 10:33:21 -0700 [thread overview]
Message-ID: <xmqqsgcc54pq.fsf@gitster.c.googlers.com> (raw)
In-Reply-To: <20200823031151.10985-1-ori@eigenstate.org> (Ori Bernstein's message of "Sat, 22 Aug 2020 20:11:52 -0700")
Ori Bernstein <ori@eigenstate.org> writes:
> diff --git a/packfile.c b/packfile.c
> index 6ab5233613..321e002c50 100644
> --- a/packfile.c
> +++ b/packfile.c
> @@ -1715,6 +1716,12 @@ void *unpack_entry(struct repository *r, struct packed_git *p, off_t obj_offset,
> break;
> }
>
> + if (delta_stack_nr > UNPACK_ENTRY_STACK_LIMIT) {
> + error("overlong delta chain at offset %jd from %s",
> + (uintmax_t)curpos, p->pack_name);
The "j" length field is not used anywhere in the codebase for
portability concerns, I think. "d" is for signed, but curpos
is an unsigned off_t. I think
"... %"PRIuMAX" from %s", (uintmax_t)curpos, ...
would match how we write this kind of thing everywhere else in the
code, e.g. showing obj_offset in packed_to_object_type() in the same
file in an error message.
> @@ -1633,6 +1633,7 @@ static void write_pack_access_log(struct packed_git *p, off_t obj_offset)
>
> int do_check_packed_object_crc;
>
> +#define UNPACK_ENTRY_STACK_LIMIT 10000
> #define UNPACK_ENTRY_STACK_PREALLOC 64
> struct unpack_entry_stack_ent {
> off_t obj_offset;
What escape hatch would the end-users have when they have a
legitimate packfile that has a truly deep delta chain, by the way?
Thanks.
next prev parent reply other threads:[~2020-08-24 17:33 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-23 0:52 [PATCH] Avoid infinite loop in malformed packfiles Ori Bernstein
2020-08-23 2:52 ` ori
2020-08-23 3:08 ` Eric Sunshine
2020-08-23 3:11 ` Ori Bernstein
2020-08-23 6:26 ` René Scharfe
2020-08-23 20:41 ` Ori Bernstein
2020-08-24 16:06 ` René Scharfe
2020-08-24 20:12 ` Jeff King
2020-08-24 20:38 ` Junio C Hamano
2020-08-24 20:52 ` Jeff King
2020-08-24 21:22 ` Junio C Hamano
2020-08-30 3:33 ` ori
2020-08-30 10:56 ` René Scharfe
2020-08-30 16:15 ` Junio C Hamano
2020-08-31 9:29 ` Jeff King
2020-08-31 16:32 ` Junio C Hamano
2020-08-31 19:23 ` Jeff King
2020-08-31 16:50 ` ori
2020-08-24 17:33 ` Junio C Hamano [this message]
2020-08-24 20:30 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqsgcc54pq.fsf@gitster.c.googlers.com \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=ori@eigenstate.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.