From: Nicolas Pitre <nico@cam.org>
To: Junio C Hamano <gitster@pobox.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
"Shawn O. Pearce" <spearce@spearce.org>,
git@vger.kernel.org
Subject: [PATCH 0/3] don't let disk corruptions escape pack SHA1 checksum
Date: Thu, 28 Aug 2008 22:05:56 -0400 (EDT) [thread overview]
Message-ID: <alpine.LFD.1.10.0808282142490.1624@xanadu.home> (raw)
In-Reply-To: <alpine.LFD.1.10.0808271627540.1624@xanadu.home>
On Wed, 27 Aug 2008, Nicolas Pitre wrote:
> On Wed, 27 Aug 2008, Linus Torvalds wrote:
>
> > However, we do have this odd case of fixing up the pack after-the-fact
> > when we receive it from somebody else (because we get a thin pack and
> > don't know how many objects the final result will have). And that case
> > seems to be not as safe, because it
> >
> > - re-reads the file to recompute the SHA1
> >
> > This is understandable, and it's fairly ok, but it does mean that there
> > is a bigger chance of the SHA1 matching if something has corrupted the
> > file in the meantime!
>
> I think that can be fixed. When reading the file back, it is possible
> to compute 2 sha1s: one to compare with the recieved one using original
> pack header, and the second which would be the final one. FRom a
> certain offset, new objects were added, so that first sha1 is validated
> against the received one and reset, and at the end, it should correspond
> to the sha1 of added objects that we should compute when writing them.
So here is 3 patches for this in C git (Shawn already did it for jgit).
There are 3 spots where this needs to be plugged: in pack-objects,
index-pack and fast-import. I did the first two.
I don't think this is that pertinent in fast-import because:
- we want fast-import to be fast
- after fast-import is done, a full repack is typically done which
would revalidate everything (maybe fast-import should use index v2
with its per object CRC32 though)
But maybe I'm wrong about that. In any case, I am leaving the
fast-import to someone more knowledgeable about its code than I do.
Nicolas Pitre (3):
improve reliability of fixup_pack_header_footer()
pack-objects: use fixup_pack_header_footer()'s validation mode
index-pack: use fixup_pack_header_footer()'s validation mode
Nicolas
next prev parent reply other threads:[~2008-08-29 2:08 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-08-25 16:46 "failed to read delta base object at..." J. Bruce Fields
2008-08-25 18:58 ` Nicolas Pitre
2008-08-25 21:18 ` J. Bruce Fields
2008-08-25 19:01 ` Linus Torvalds
2008-08-25 21:31 ` J. Bruce Fields
2008-08-25 21:37 ` Linus Torvalds
2008-08-25 22:13 ` J. Bruce Fields
2008-08-25 23:59 ` Linus Torvalds
2008-08-26 20:43 ` Jason McMullan
2008-08-26 21:01 ` Jason McMullan
2008-08-27 17:05 ` Linus Torvalds
2008-08-27 19:17 ` Nicolas Pitre
2008-08-27 19:48 ` Linus Torvalds
2008-08-27 20:46 ` Nicolas Pitre
2008-08-29 2:05 ` Nicolas Pitre [this message]
2008-08-29 2:07 ` [PATCH 1/3] improve reliability of fixup_pack_header_footer() Nicolas Pitre
2008-08-29 2:07 ` [PATCH 2/3] pack-objects: use fixup_pack_header_footer()'s validation mode Nicolas Pitre
2008-08-29 2:07 ` [PATCH 3/3] index-pack: " Nicolas Pitre
2008-08-29 4:44 ` [PATCH 1/3] improve reliability of fixup_pack_header_footer() Shawn O. Pearce
2008-08-29 13:08 ` Nicolas Pitre
2008-08-29 14:30 ` Shawn O. Pearce
2008-08-29 20:07 ` [PATCH 0/5] pack header rewriting improvements Nicolas Pitre
2008-08-29 20:07 ` [PATCH 1/5] pack-objects: improve returned information from write_one() Nicolas Pitre
2008-08-29 20:07 ` [PATCH 2/5] improve reliability of fixup_pack_header_footer() Nicolas Pitre
2008-08-29 20:08 ` [PATCH 3/5] pack-objects: use fixup_pack_header_footer()'s validation mode Nicolas Pitre
2008-08-29 20:08 ` [PATCH 4/5] index-pack: " Nicolas Pitre
2008-08-29 20:08 ` [PATCH 5/5] fixup_pack_header_footer(): use nicely aligned buffer sizes Nicolas Pitre
2008-08-31 7:10 ` Junio C Hamano
2008-08-29 20:14 ` [PATCH 1/3] improve reliability of fixup_pack_header_footer() Nicolas Pitre
2008-08-29 4:55 ` [PATCH 0/3] don't let disk corruptions escape pack SHA1 checksum Shawn O. Pearce
2008-08-26 20:55 ` "failed to read delta base object at..." J. Bruce Fields
2008-08-27 20:14 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.LFD.1.10.0808282142490.1624@xanadu.home \
--to=nico@cam.org \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=spearce@spearce.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).