From: Christian Couder <christian.couder@gmail.com>
To: Jeff King <peff@peff.net>
Cc: Junio C Hamano <gitster@pobox.com>, git <git@vger.kernel.org>,
Christian Couder <chriscool@tuxfamily.org>
Subject: Re: [RFC/PATCH 3/3] receive-pack: allow a maximum input size to be specified
Date: Tue, 16 Aug 2016 10:25:44 +0200 [thread overview]
Message-ID: <CAP8UFD2Bpp-gcxEQGNSFxvKyptkyeAsMtaHZaBebJO2XiF+W3g@mail.gmail.com> (raw)
In-Reply-To: <20160816010309.zstrljqknc3vjziq@sigill.intra.peff.net>
On Tue, Aug 16, 2016 at 3:03 AM, Jeff King <peff@peff.net> wrote:
> On Mon, Aug 15, 2016 at 03:48:55PM -0700, Junio C Hamano wrote:
>
>> Jeff King <peff@peff.net> writes:
>>
>> > The simple fix is to call register_tempfile() in open_pack_file(), and
>> > just have index-pack clean up the file on its way out.
>> >
>> > But there are harder cases. For instance, imagine somebody pushes a
>> > 500MB file, and you have a pre-receive hook that says "too big; I won't
>> > accept this". And then they push in a loop, as before. You've accepted
>> > the incoming pack into the repository by the time the pre-receive runs.
>> > You can't just delete it, because you don't know if other simultaneous
>> > processes have started to depend on the objects.
>> >
>> > To solve that, I have patches that put incoming packfiles into a
>> > "quarantine" area, then run the connectivity check and pre-receive hooks
>> > with the quarantine accessible via GIT_ALTERNATE_OBJECT_DIRECTORIES. And
>> > then we either move the quarantine packs into the real repo, or blow
>> > away the tmpdir, depending on whether the hooks said the objects were
>> > OK.
Thanks Peff for the review and all these explanations and suggestions!
>> > Those are patches I plan to share upstream but just haven't gotten
>> > around to yet.
I would be happy to help if I can on these patches too!
>> I think these other patches can come later, independent from this
>> three-patch series resurrected from the archive, so I can take a
>> reroll of these once the integer-size issues you pointed out are
>> sorted out.
Ok, I just sent a non RFC reroll of the series with those issues
hopefully fixed.
> Yeah, definitely it's independent. I was mostly suggesting to Christian
> that he may want to look into the "easy" register_tempfile() case, as
> GitLab may find this is only half of the fix that they want.
Yeah, thanks again for this suggestion!
> Also a patch I may try to polish and share in the future, but not as
> high priority as some of the other stuff.
I can help polishing this patch if you want.
Thanks,
Christian.
next prev parent reply other threads:[~2016-08-16 8:26 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-15 19:57 [RFC/PATCH 0/3] limit the size of the packs we receive Christian Couder
2016-08-15 19:57 ` [RFC/PATCH 1/3] index-pack: add --max-input-size=<size> option Christian Couder
2016-08-15 20:10 ` Jeff King
2016-08-15 19:57 ` [RFC/PATCH 2/3] unpack-objects: " Christian Couder
2016-08-15 20:11 ` Jeff King
2016-08-15 19:57 ` [RFC/PATCH 3/3] receive-pack: allow a maximum input size to be specified Christian Couder
2016-08-15 20:40 ` Jeff King
2016-08-15 22:48 ` Junio C Hamano
2016-08-16 1:03 ` Jeff King
2016-08-16 8:25 ` Christian Couder [this message]
2016-08-16 14:46 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAP8UFD2Bpp-gcxEQGNSFxvKyptkyeAsMtaHZaBebJO2XiF+W3g@mail.gmail.com \
--to=christian.couder@gmail.com \
--cc=chriscool@tuxfamily.org \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).