From: Eric Sunshine <sunshine@sunshineco.com>
To: Jeff King <peff@peff.net>
Cc: Hoyoung Lee <lhywkd22@gmail.com>, git@vger.kernel.org
Subject: Re: [PATCH v3 2/2] t/helper/test-delta: fix possible resource leak and ensure safe cleanup
Date: Wed, 23 Jul 2025 04:17:01 -0400 [thread overview]
Message-ID: <CAPig+cQAcEiM7aPQZXYX03Ok_qZktWpAgPPS9DUWu3UPVrxx7Q@mail.gmail.com> (raw)
In-Reply-To: <20250723080639.GA570920@coredump.intra.peff.net>
On Wed, Jul 23, 2025 at 4:06 AM Jeff King <peff@peff.net> wrote:
> On Wed, Jul 23, 2025 at 03:55:13AM -0400, Jeff King wrote:
> > I dunno. We are reaching diminishing returns spending brainpower on a
> > function that is meant to be somewhat quick-and-dirty.
>
> OK, I clearly could not resist spending more brainpower on it. If we are
> doing quick-and-dirty, why not just die()? The end result is the same,
> but per my argument in the earlier iteration of the series, that means
> we do not have to worry about cleaning up at all.
Yes, die() seems sensible here. It's nice and tidy and makes the code
easier to reason about.
> Incidentally that would also fix two minor bugs I noticed:
>
> - passing st.st_size directly to xmalloc() is wrong, because of
> truncation from off_t to size_t. This should use the xsize_t helper.
> This is even a potential security vulnerability, but probably not
> important in a test helper.
>
> - likewise read_in_full() might return a non-negative value smaller
> than the requested size (if the file racily changes and we get an
> early EOF). But we only check whether we got a negative error value.
> So we may read fewer bytes than expected and feed uninitialized
> garbage to the delta code.
Can of worms opened.
next prev parent reply other threads:[~2025-07-23 8:17 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-22 17:41 [PATCH v3 0/2] fix resource leaks in test helpers Hoyoung Lee
2025-07-22 17:41 ` [PATCH v3 1/2] t/helper/test-truncate: close file descriptor after truncation Hoyoung Lee
2025-07-22 21:48 ` Junio C Hamano
2025-07-22 17:41 ` [PATCH v3 2/2] t/helper/test-delta: fix possible resource leak and ensure safe cleanup Hoyoung Lee
2025-07-23 7:28 ` Eric Sunshine
2025-07-23 7:55 ` Jeff King
2025-07-23 8:06 ` Jeff King
2025-07-23 8:17 ` Eric Sunshine [this message]
2025-07-23 23:59 ` Jeff King
2025-07-24 0:00 ` [PATCH 1/3] test-delta: handle errors with die() Jeff King
2025-07-24 0:02 ` [PATCH 2/3] test-delta: use strbufs to hold input files Jeff King
2025-07-24 0:03 ` [PATCH 3/3] test-delta: close output descriptor after use Jeff King
2025-07-23 8:11 ` [PATCH v3 2/2] t/helper/test-delta: fix possible resource leak and ensure safe cleanup Eric Sunshine
2025-07-23 8:46 ` Jeff King
2025-07-23 16:37 ` Eric Sunshine
2025-07-23 17:11 ` Junio C Hamano
2025-07-23 16:48 ` Junio C Hamano
2025-07-23 16:44 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAPig+cQAcEiM7aPQZXYX03Ok_qZktWpAgPPS9DUWu3UPVrxx7Q@mail.gmail.com \
--to=sunshine@sunshineco.com \
--cc=git@vger.kernel.org \
--cc=lhywkd22@gmail.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).