mirror of
https://github.com/git/git
synced 2024-10-28 19:25:47 +00:00
46d723ce57
We parse through binary hunks by looping through the buffer with code
like:
llen = linelen(buffer, size);
...do something with the line...
buffer += llen;
size -= llen;
However, before we enter the loop, there is one call that increments
"buffer" but forgets to decrement "size". As a result, our "size" is off
by the length of that line, and subsequent calls to linelen() may look
past the end of the buffer for a newline.
The fix is easy: we just need to decrement size as we do elsewhere.
This bug goes all the way back to 0660626caf
(binary diff: further
updates., 2006-05-05). Presumably nobody noticed because it only
triggers if the patch is corrupted, and even then we are often "saved"
by luck. We use a strbuf to store the incoming patch, so we overallocate
there, plus we add a 16-byte run of NULs as slop for memory comparisons.
So if this happened accidentally, the common case is that we'd just read
a few uninitialized bytes from the end of the strbuf before producing
the expected "this patch is corrupted" error complaint.
However, it is possible to carefully construct a case which reads off
the end of the buffer. The included test does so. It will pass both
before and after this patch when run normally, but using a tool like
ASan shows that we get an out-of-bounds read before this patch, but not
after.
Reported-by: Xingman Chen <xichixingman@gmail.com>
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
181 lines
4.7 KiB
Bash
Executable file
181 lines
4.7 KiB
Bash
Executable file
#!/bin/sh
|
|
#
|
|
# Copyright (c) 2005 Junio C Hamano
|
|
#
|
|
|
|
test_description='git apply handling binary patches
|
|
|
|
'
|
|
. ./test-lib.sh
|
|
|
|
test_expect_success 'setup' '
|
|
cat >file1 <<-\EOF &&
|
|
A quick brown fox jumps over the lazy dog.
|
|
A tiny little penguin runs around in circles.
|
|
There is a flag with Linux written on it.
|
|
A slow black-and-white panda just sits there,
|
|
munching on his bamboo.
|
|
EOF
|
|
cat file1 >file2 &&
|
|
cat file1 >file4 &&
|
|
|
|
git update-index --add --remove file1 file2 file4 &&
|
|
git commit -m "Initial Version" 2>/dev/null &&
|
|
|
|
git checkout -b binary &&
|
|
perl -pe "y/x/\000/" <file1 >file3 &&
|
|
cat file3 >file4 &&
|
|
git add file2 &&
|
|
perl -pe "y/\000/v/" <file3 >file1 &&
|
|
rm -f file2 &&
|
|
git update-index --add --remove file1 file2 file3 file4 &&
|
|
git commit -m "Second Version" &&
|
|
|
|
git diff-tree -p master binary >B.diff &&
|
|
git diff-tree -p -C master binary >C.diff &&
|
|
|
|
git diff-tree -p --binary master binary >BF.diff &&
|
|
git diff-tree -p --binary -C master binary >CF.diff &&
|
|
|
|
git diff-tree -p --full-index master binary >B-index.diff &&
|
|
git diff-tree -p -C --full-index master binary >C-index.diff &&
|
|
|
|
git diff-tree -p --binary --no-prefix master binary -- file3 >B0.diff &&
|
|
|
|
git init other-repo &&
|
|
(
|
|
cd other-repo &&
|
|
git fetch .. master &&
|
|
git reset --hard FETCH_HEAD
|
|
)
|
|
'
|
|
|
|
test_expect_success 'stat binary diff -- should not fail.' \
|
|
'git checkout master &&
|
|
git apply --stat --summary B.diff'
|
|
|
|
test_expect_success 'stat binary -p0 diff -- should not fail.' '
|
|
git checkout master &&
|
|
git apply --stat -p0 B0.diff
|
|
'
|
|
|
|
test_expect_success 'stat binary diff (copy) -- should not fail.' \
|
|
'git checkout master &&
|
|
git apply --stat --summary C.diff'
|
|
|
|
test_expect_success 'check binary diff -- should fail.' \
|
|
'git checkout master &&
|
|
test_must_fail git apply --check B.diff'
|
|
|
|
test_expect_success 'check binary diff (copy) -- should fail.' \
|
|
'git checkout master &&
|
|
test_must_fail git apply --check C.diff'
|
|
|
|
test_expect_success \
|
|
'check incomplete binary diff with replacement -- should fail.' '
|
|
git checkout master &&
|
|
test_must_fail git apply --check --allow-binary-replacement B.diff
|
|
'
|
|
|
|
test_expect_success \
|
|
'check incomplete binary diff with replacement (copy) -- should fail.' '
|
|
git checkout master &&
|
|
test_must_fail git apply --check --allow-binary-replacement C.diff
|
|
'
|
|
|
|
test_expect_success 'check binary diff with replacement.' \
|
|
'git checkout master &&
|
|
git apply --check --allow-binary-replacement BF.diff'
|
|
|
|
test_expect_success 'check binary diff with replacement (copy).' \
|
|
'git checkout master &&
|
|
git apply --check --allow-binary-replacement CF.diff'
|
|
|
|
# Now we start applying them.
|
|
|
|
do_reset () {
|
|
rm -f file? &&
|
|
git reset --hard &&
|
|
git checkout -f master
|
|
}
|
|
|
|
test_expect_success 'apply binary diff -- should fail.' \
|
|
'do_reset &&
|
|
test_must_fail git apply B.diff'
|
|
|
|
test_expect_success 'apply binary diff -- should fail.' \
|
|
'do_reset &&
|
|
test_must_fail git apply --index B.diff'
|
|
|
|
test_expect_success 'apply binary diff (copy) -- should fail.' \
|
|
'do_reset &&
|
|
test_must_fail git apply C.diff'
|
|
|
|
test_expect_success 'apply binary diff (copy) -- should fail.' \
|
|
'do_reset &&
|
|
test_must_fail git apply --index C.diff'
|
|
|
|
test_expect_success 'apply binary diff with full-index' '
|
|
do_reset &&
|
|
git apply B-index.diff
|
|
'
|
|
|
|
test_expect_success 'apply binary diff with full-index (copy)' '
|
|
do_reset &&
|
|
git apply C-index.diff
|
|
'
|
|
|
|
test_expect_success 'apply full-index binary diff in new repo' '
|
|
(cd other-repo &&
|
|
do_reset &&
|
|
test_must_fail git apply ../B-index.diff)
|
|
'
|
|
|
|
test_expect_success 'apply binary diff without replacement.' \
|
|
'do_reset &&
|
|
git apply BF.diff'
|
|
|
|
test_expect_success 'apply binary diff without replacement (copy).' \
|
|
'do_reset &&
|
|
git apply CF.diff'
|
|
|
|
test_expect_success 'apply binary diff.' \
|
|
'do_reset &&
|
|
git apply --allow-binary-replacement --index BF.diff &&
|
|
test -z "$(git diff --name-status binary)"'
|
|
|
|
test_expect_success 'apply binary diff (copy).' \
|
|
'do_reset &&
|
|
git apply --allow-binary-replacement --index CF.diff &&
|
|
test -z "$(git diff --name-status binary)"'
|
|
|
|
test_expect_success 'apply binary -p0 diff' '
|
|
do_reset &&
|
|
git apply -p0 --index B0.diff &&
|
|
test -z "$(git diff --name-status binary -- file3)"
|
|
'
|
|
|
|
test_expect_success 'reject truncated binary diff' '
|
|
do_reset &&
|
|
|
|
# this length is calculated to get us very close to
|
|
# the 8192-byte strbuf we will use to read in the patch.
|
|
test-tool genrandom foo 6205 >file1 &&
|
|
git diff --binary >patch &&
|
|
|
|
# truncate the patch at the second "literal" line,
|
|
# but exclude the trailing newline. We must use perl
|
|
# for this, since tools like "sed" cannot reliably
|
|
# produce output without the trailing newline.
|
|
perl -pe "
|
|
if (/^literal/ && \$count++ >= 1) {
|
|
chomp;
|
|
print;
|
|
exit 0;
|
|
}
|
|
" <patch >patch.trunc &&
|
|
|
|
do_reset &&
|
|
test_must_fail git apply patch.trunc
|
|
'
|
|
test_done
|