Re: [PATCH] pkt-line: don't check string length in packet_length()

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Junio C Hamano <gitster@pobox.com>
To: "René Scharfe" <l.s.r@web.de>
Cc: Git List <git@vger.kernel.org>
Subject: Re: [PATCH] pkt-line: don't check string length in packet_length()
Date: Wed, 05 Jul 2023 15:27:24 -0700	[thread overview]
Message-ID: <xmqqsfa2uh83.fsf@gitster.g> (raw)
In-Reply-To: <6f984150-5a98-b2b8-1791-b101f5953b7a@web.de> ("René Scharfe"'s message of "Wed, 5 Jul 2023 23:11:15 +0200")

René Scharfe <l.s.r@web.de> writes:

> Sure, that's done.  If any of the four characters is not a hexadecimal
> digit then packet_length() returns a negative value, before and after
> the change.

Ah, it is the beauty of hexval[] table ;-)

So as long as we are sure that we are not running beyond the end of
the buffer, we are OK.  And as I already said, I think "this change
is safe for our two callers; those adding more callers in the future
are better be very careful" is probably good enough for this one.

hex.h:hex2chr() says "don't run over the end of short strings", but
as far as I can see it does not check any such thing; find a page of
memory, whose next page is unmapped, and pointing *s at the last
byte of that page and calling it will happily run over the end and
would cause SIGBUS.  The function assumes that such a short string
is always NUL terminated, which is not a great way to guarantee that
we do not run over the end of strings.

next prev parent reply	other threads:[~2023-07-05 22:27 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-07-01  7:05 [PATCH] pkt-line: don't check string length in packet_length() René Scharfe
2023-07-05  5:56 ` Junio C Hamano
2023-07-05 16:15   ` René Scharfe
2023-07-05 20:33     ` Junio C Hamano
2023-07-05 21:11       ` René Scharfe
2023-07-05 22:27         ` Junio C Hamano [this message]
2023-07-06  5:07           ` René Scharfe
2023-07-07 21:47 ` [PATCH v2] pkt-line: add size parameter to packet_length() René Scharfe

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=xmqqsfa2uh83.fsf@gitster.g \
    --to=gitster@pobox.com \
    --cc=git@vger.kernel.org \
    --cc=l.s.r@web.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.