Re: [PATCH 0/5] add pack index v2 reading capability to git v1.4.4.4

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Junio C Hamano <gitster@pobox.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Nicolas Pitre <nico@cam.org>, git@vger.kernel.org
Subject: Re: [PATCH 0/5] add pack index v2 reading capability to git v1.4.4.4
Date: Thu, 17 Jul 2008 01:01:20 -0700	[thread overview]
Message-ID: <7vzlohhrcf.fsf@gitster.siamese.dyndns.org> (raw)
In-Reply-To: <alpine.LFD.1.10.0807161033170.2835@woody.linux-foundation.org> (Linus Torvalds's message of "Wed, 16 Jul 2008 10:34:13 -0700 (PDT)")

Linus Torvalds <torvalds@linux-foundation.org> writes:

> On Wed, 16 Jul 2008, Junio C Hamano wrote:
>> 
>> I do not think it should SEGV.  The pack-idx signature was chosen rather
>> carefully to allow older ones to die gracefully.
>
> Well, Pasky reported differently.
>
>>     error: non-monotonic index
>>     error: Could not read 4a588075c54cd5902e5f4d43b9d6b0c31d0f9769
>
> Pasky's report was
>
> 	error: non-monotonic index
> 	/usr/bin/git-fetch: line 297: 30402 Segmentation fault git-http-fetch -v -a "$head" "$remote/"
>
> but maybe that was something specific to his case.

It is caused by the http walker not being careful.  In v1.4.4.5
http-fetch.c, this code appears unmodified since v1.4.4.4, and an
equivalent code is still in http-walker.c in more recent versions:

    static int setup_index(struct alt_base *repo, unsigned char *sha1)
    {
            struct packed_git *new_pack;
            if (has_pack_file(sha1))
                    return 0; /* don't list this as something we can get */

            if (fetch_index(repo, sha1))
                    return -1;

            new_pack = parse_pack_index(sha1);
            new_pack->next = repo->packs;
            repo->packs = new_pack;
            return 0;
    }

Nico taught parse_pack_index() what v2 pack idx file looks like, but when
the code hits unknown idx file (or a corrupt one), the function signals
error by returning NULL; assigning to new_pack->next without checking
would segfault.

We would need this fix to futureproof ourselves for pack idx v3 and later,
and also for protecting from a corrupt idx file coming over the wire.

---

 http-walker.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/http-walker.c b/http-walker.c
index 51c18f2..9dc6b27 100644
--- a/http-walker.c
+++ b/http-walker.c
@@ -442,6 +442,8 @@ static int setup_index(struct walker *walker, struct alt_base *repo, unsigned ch
 		return -1;
 
 	new_pack = parse_pack_index(sha1);
+	if (!new_pack)
+		return -1; /* parse_pack_index() already issued an error message */
 	new_pack->next = repo->packs;
 	repo->packs = new_pack;
 	return 0;

     prev parent reply	other threads:[~2008-07-17  8:02 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-07-16  6:31 [PATCH 0/5] add pack index v2 reading capability to git v1.4.4.4 Nicolas Pitre
2008-07-16  6:31 ` [PATCH 1/5] clean up pack index handling a bit Nicolas Pitre
2008-07-16  6:31   ` [PATCH 2/5] clean up and optimize nth_packed_object_sha1() usage Nicolas Pitre
2008-07-16  6:31     ` [PATCH 3/5] get rid of num_packed_objects() Nicolas Pitre
2008-07-16  6:31       ` [PATCH 4/5] pack-objects: learn about pack index version 2 Nicolas Pitre
2008-07-16  6:31         ` [PATCH 5/5] sha1_file.c: learn about " Nicolas Pitre
2008-07-16 10:46 ` [PATCH 0/5] add pack index v2 reading capability to git v1.4.4.4 Johannes Schindelin
2008-07-16 16:25 ` Linus Torvalds
2008-07-16 17:04   ` Junio C Hamano
2008-07-16 17:08   ` Junio C Hamano
2008-07-16 17:34     ` Linus Torvalds
2008-07-17  8:01       ` Junio C Hamano [this message]

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:51c18f2 dfblob:9dc6b27 )
 OR (
bs:"Re: [PATCH 0/5] add pack index v2 reading capability to git v1.4.4.4" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=7vzlohhrcf.fsf@gitster.siamese.dyndns.org \
    --to=gitster@pobox.com \
    --cc=git@vger.kernel.org \
    --cc=nico@cam.org \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.