From: Josh Steadmon <steadmon@google.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: git@vger.kernel.org, stolee@gmail.com, avarab@gmail.com, peff@peff.net
Subject: Re: [PATCH v3 2/3] commit-graph: fix buffer read-overflow
Date: Mon, 10 Dec 2018 13:56:49 -0800 [thread overview]
Message-ID: <20181210215649.GC37614@google.com> (raw)
In-Reply-To: <xmqqsgz74acm.fsf@gitster-ct.c.googlers.com>
On 2018.12.09 13:01, Junio C Hamano wrote:
> Josh Steadmon <steadmon@google.com> writes:
>
> > diff --git a/t/t5318-commit-graph.sh b/t/t5318-commit-graph.sh
> > index 5fe21db99f..5b6b44b78e 100755
> > --- a/t/t5318-commit-graph.sh
> > +++ b/t/t5318-commit-graph.sh
> > @@ -366,24 +366,30 @@ GRAPH_OCTOPUS_DATA_OFFSET=$(($GRAPH_COMMIT_DATA_OFFSET + \
> > GRAPH_BYTE_OCTOPUS=$(($GRAPH_OCTOPUS_DATA_OFFSET + 4))
> > GRAPH_BYTE_FOOTER=$(($GRAPH_OCTOPUS_DATA_OFFSET + 4 * $NUM_OCTOPUS_EDGES))
> >
> > -# usage: corrupt_graph_and_verify <position> <data> <string>
> > +# usage: corrupt_graph_and_verify <position> <data> <string> [<zero_pos>]
> > # Manipulates the commit-graph file at the position
> > -# by inserting the data, then runs 'git commit-graph verify'
> > +# by inserting the data, optionally zeroing the file
> > +# starting at <zero_pos>, then runs 'git commit-graph verify'
> > # and places the output in the file 'err'. Test 'err' for
> > # the given string.
> > corrupt_graph_and_verify() {
> > pos=$1
> > data="${2:-\0}"
> > grepstr=$3
> > + orig_size=$(stat --format=%s $objdir/info/commit-graph)
>
> "stat(1)" is not so portable, so you'll get complaints from minority
> platform users later. So is "truncate(1)".
Ack, thanks for the catch. I have a workaround for stat in the form of
"wc -c", and for truncate with a combination of dd and /dev/zero.
However, I'm finding conflicting information about whether or not
/dev/zero exists on macOS. At the least, it sounds like it might not
work on very old versions. Would this be acceptable, or should I add a
new test function to do this?
> > + zero_pos=${4:-${orig_size}}
> > cd "$TRASH_DIRECTORY/full" &&
> > test_when_finished mv commit-graph-backup $objdir/info/commit-graph &&
> > cp $objdir/info/commit-graph commit-graph-backup &&
> > printf "$data" | dd of="$objdir/info/commit-graph" bs=1 seek="$pos" conv=notrunc &&
> > + truncate --size=$zero_pos $objdir/info/commit-graph &&
> > + truncate --size=$orig_size $objdir/info/commit-graph &&
> > test_must_fail git commit-graph verify 2>test_err &&
> > grep -v "^+" test_err >err
> > test_i18ngrep "$grepstr" err
> > }
> >
> > +
> > test_expect_success 'detect bad signature' '
> > corrupt_graph_and_verify 0 "\0" \
> > "graph signature"
> > @@ -484,6 +490,11 @@ test_expect_success 'detect invalid checksum hash' '
> > "incorrect checksum"
> > '
> >
> > +test_expect_success 'detect incorrect chunk count' '
> > + corrupt_graph_and_verify $GRAPH_BYTE_CHUNK_COUNT "\xff" \
>
> Implementations of printf(1) may not grok "\xff" as a valid
> representation of "\377". The shell built-in of dash(1) for example
> would not work with this.
Ack, will fix in V4. Thanks.
> > + "chunk lookup table entry missing" $GRAPH_CHUNK_LOOKUP_OFFSET
> > +'
> > +
> > test_expect_success 'git fsck (checks commit-graph)' '
> > cd "$TRASH_DIRECTORY/full" &&
> > git fsck &&
next prev parent reply other threads:[~2018-12-10 21:56 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-05 22:32 [PATCH 0/2] Add commit-graph fuzzer and fix buffer overflow Josh Steadmon
2018-12-05 22:32 ` [PATCH 1/2] commit-graph, fuzz: Add fuzzer for commit-graph Josh Steadmon
2018-12-05 22:48 ` Ævar Arnfjörð Bjarmason
2018-12-06 1:00 ` Josh Steadmon
2018-12-06 1:32 ` Junio C Hamano
2018-12-06 1:41 ` Junio C Hamano
2018-12-06 4:47 ` Junio C Hamano
2018-12-05 22:32 ` [PATCH 2/2] commit-graph: fix buffer read-overflow Josh Steadmon
2018-12-06 13:11 ` Derrick Stolee
2018-12-06 20:20 ` [PATCH v2 0/3] Add commit-graph fuzzer and fix buffer overflow Josh Steadmon
2018-12-06 20:20 ` [PATCH v2 1/3] commit-graph, fuzz: Add fuzzer for commit-graph Josh Steadmon
2018-12-06 20:20 ` [PATCH v2 2/3] commit-graph: fix buffer read-overflow Josh Steadmon
2018-12-07 9:07 ` Jeff King
2018-12-07 13:33 ` Derrick Stolee
2018-12-06 20:20 ` [PATCH v2 3/3] Makefile: correct example fuzz build Josh Steadmon
2018-12-07 22:27 ` [PATCH v3 0/3] Add commit-graph fuzzer and fix buffer overflow Josh Steadmon
2018-12-07 22:27 ` [PATCH v3 1/3] commit-graph, fuzz: Add fuzzer for commit-graph Josh Steadmon
2018-12-07 22:27 ` [PATCH v3 2/3] commit-graph: fix buffer read-overflow Josh Steadmon
2018-12-09 4:01 ` Junio C Hamano
2018-12-10 4:28 ` SZEDER Gábor
2018-12-10 21:58 ` Josh Steadmon
2018-12-10 21:56 ` Josh Steadmon [this message]
2018-12-11 9:50 ` Jeff King
2018-12-07 22:27 ` [PATCH v3 3/3] Makefile: correct example fuzz build Josh Steadmon
2018-12-13 19:43 ` [PATCH v4 0/3] Add commit-graph fuzzer and fix buffer overflow Josh Steadmon
2018-12-13 19:43 ` [PATCH v4 1/3] commit-graph, fuzz: Add fuzzer for commit-graph Josh Steadmon
2018-12-13 19:43 ` [PATCH v4 2/3] commit-graph: fix buffer read-overflow Josh Steadmon
2019-01-12 10:57 ` SZEDER Gábor
2019-01-15 19:58 ` Josh Steadmon
2018-12-13 19:43 ` [PATCH v4 3/3] Makefile: correct example fuzz build Josh Steadmon
2018-12-18 17:35 ` [PATCH v4 0/3] Add commit-graph fuzzer and fix buffer overflow Jeff King
2018-12-18 21:05 ` Josh Steadmon
2018-12-19 15:51 ` Jeff King
2018-12-20 19:35 ` Johannes Schindelin
2018-12-20 20:11 ` Jeff King
2018-12-26 22:29 ` Junio C Hamano
2019-01-15 19:59 ` [PATCH v5 " Josh Steadmon
2019-01-15 19:59 ` [PATCH v5 1/3] commit-graph, fuzz: Add fuzzer for commit-graph Josh Steadmon
2019-01-15 20:33 ` Junio C Hamano
2019-01-15 19:59 ` [PATCH v5 2/3] commit-graph: fix buffer read-overflow Josh Steadmon
2019-01-15 19:59 ` [PATCH v5 3/3] Makefile: correct example fuzz build Josh Steadmon
2019-01-15 20:39 ` Junio C Hamano
2019-01-15 21:59 ` Josh Steadmon
2019-01-15 22:34 ` Junio C Hamano
2019-01-15 22:25 ` [PATCH v6 0/3] Add commit-graph fuzzer and fix buffer overflow Josh Steadmon
2019-01-15 22:25 ` [PATCH v6 1/3] commit-graph, fuzz: Add fuzzer for commit-graph Josh Steadmon
2019-01-15 22:25 ` [PATCH v6 2/3] commit-graph: fix buffer read-overflow Josh Steadmon
2019-02-20 14:55 ` Ævar Arnfjörð Bjarmason
2019-02-20 16:50 ` SZEDER Gábor
2019-01-15 22:25 ` [PATCH v6 3/3] Makefile: correct example fuzz build Josh Steadmon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181210215649.GC37614@google.com \
--to=steadmon@google.com \
--cc=avarab@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
--cc=stolee@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.