From: "Shawn O. Pearce" <spearce@spearce.org>
To: Junio C Hamano <junkio@cox.net>
Cc: git@vger.kernel.org
Subject: [PATCH 2/9] Fix mmap leak caused by reading bad indexes.
Date: Tue, 6 Mar 2007 20:44:11 -0500 [thread overview]
Message-ID: <20070307014411.GC26482@spearce.org> (raw)
If an index is corrupt, or is simply too new for us to understand,
we were leaking the mmap that held the entire content of the index.
This could be a considerable size on large projects, given that
the index is at least 24 bytes * nr_objects.
Signed-off-by: Shawn O. Pearce <spearce@spearce.org>
---
sha1_file.c | 25 ++++++++++++++++---------
1 files changed, 16 insertions(+), 9 deletions(-)
diff --git a/sha1_file.c b/sha1_file.c
index c13ef66..cfce7ac 100644
--- a/sha1_file.c
+++ b/sha1_file.c
@@ -430,8 +430,9 @@ void pack_report()
pack_mapped, peak_pack_mapped);
}
-static int check_packed_git_idx(const char *path, unsigned long *idx_size_,
- void **idx_map_)
+static int check_packed_git_idx(const char *path,
+ unsigned long *idx_size_,
+ void **idx_map_)
{
void *idx_map;
uint32_t *index;
@@ -446,6 +447,10 @@ static int check_packed_git_idx(const char *path, unsigned long *idx_size_,
return -1;
}
idx_size = st.st_size;
+ if (idx_size < 4 * 256 + 20 + 20) {
+ close(fd);
+ return error("index file %s is too small", path);
+ }
idx_map = xmmap(NULL, idx_size, PROT_READ, MAP_PRIVATE, fd, 0);
close(fd);
@@ -453,25 +458,25 @@ static int check_packed_git_idx(const char *path, unsigned long *idx_size_,
*idx_map_ = idx_map;
*idx_size_ = idx_size;
- /* check index map */
- if (idx_size < 4*256 + 20 + 20)
- return error("index file %s is too small", path);
-
/* a future index format would start with this, as older git
* binaries would fail the non-monotonic index check below.
* give a nicer warning to the user if we can.
*/
- if (index[0] == htonl(PACK_IDX_SIGNATURE))
+ if (index[0] == htonl(PACK_IDX_SIGNATURE)) {
+ munmap(idx_map, idx_size);
return error("index file %s is a newer version"
" and is not supported by this binary"
" (try upgrading GIT to a newer version)",
path);
+ }
nr = 0;
for (i = 0; i < 256; i++) {
unsigned int n = ntohl(index[i]);
- if (n < nr)
+ if (n < nr) {
+ munmap(idx_map, idx_size);
return error("non-monotonic index %s", path);
+ }
nr = n;
}
@@ -482,8 +487,10 @@ static int check_packed_git_idx(const char *path, unsigned long *idx_size_,
* - 20-byte SHA1 of the packfile
* - 20-byte SHA1 file checksum
*/
- if (idx_size != 4*256 + nr * 24 + 20 + 20)
+ if (idx_size != 4*256 + nr * 24 + 20 + 20) {
+ munmap(idx_map, idx_size);
return error("wrong index file size in %s", path);
+ }
return 0;
}
--
1.5.0.3.863.gf0989
reply other threads:[~2007-03-07 1:46 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070307014411.GC26482@spearce.org \
--to=spearce@spearce.org \
--cc=git@vger.kernel.org \
--cc=junkio@cox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.