From: Christian Couder <christian.couder@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>, Jeff King <peff@peff.net>,
Christian Couder <chriscool@tuxfamily.org>
Subject: [PATCH v3 0/3] limit the size of the packs we receive
Date: Wed, 24 Aug 2016 20:41:54 +0200 [thread overview]
Message-ID: <20160824184157.19264-1-chriscool@tuxfamily.org> (raw)
Goal
~~~~
In https://public-inbox.org/git/20150612182045.GA23698%40peff.net/,
Peff sent a patch that is used by GitHub to abort `git receive-pack`
when the size of the pack we receive is bigger than a configured
limit.
GitLab is interested in using the same approach and in standardizing
the error messages the user could get back.
Comments
~~~~~~~~
I kept Peff as the author of the patches that are made mostly from his
patch, but I added my Signed-off-by to them.
Changes from previous v2 version
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
All these changes have been suggested by Junio and are in patch 3/3,
the other 2 patches are the same as v2:
- renamed "receive.maxsize" to "receive.maxInputSize",
- improved commit message,
- renamed test script from "t5546-push-limits.sh" to
"t5546-receive-limits.sh",
- improved the tests in the last patch by adding a
test_pack_input_limit() function and deleting the destination repo
at the beginning of this function.
Links
~~~~~
This patch series is available here:
https://github.com/chriscool/git/commits/max-receive
The previous versions are here on GitHub:
RFC: https://github.com/chriscool/git/commits/max-receive2
v1: https://github.com/chriscool/git/commits/max-receive6
v2: https://github.com/chriscool/git/commits/max-receive7
and here on the list:
RFC: https://public-inbox.org/git/20160815195729.16826-1-chriscool@tuxfamily.org/
v1: https://public-inbox.org/git/20160816081701.29949-1-chriscool@tuxfamily.org/
v2: https://public-inbox.org/git/20160818131553.22580-1-chriscool@tuxfamily.org/
Peff's initial patch is:
https://public-inbox.org/git/20150612182045.GA23698%40peff.net/
Diff with previous v2 version
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/Documentation/config.txt b/Documentation/config.txt
index f5b6061..8a115b3 100644
--- a/Documentation/config.txt
+++ b/Documentation/config.txt
@@ -2517,10 +2517,11 @@ receive.unpackLimit::
especially on slow filesystems. If not set, the value of
`transfer.unpackLimit` is used instead.
-receive.maxsize::
- If the size of a pack file is larger than this limit, then
- git-receive-pack will error out, instead of accepting the pack
- file. If not set or set to 0, then the size is unlimited.
+receive.maxInputSize::
+ If the size of the incoming pack stream is larger than this
+ limit, then git-receive-pack will error out, instead of
+ accepting the pack file. If not set or set to 0, then the size
+ is unlimited.
receive.denyDeletes::
If set to true, git-receive-pack will deny a ref update that deletes
diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c
index 4b0379b..f1ce05c 100644
--- a/builtin/receive-pack.c
+++ b/builtin/receive-pack.c
@@ -213,7 +213,7 @@ static int receive_pack_config(const char *var, const char *value, void *cb)
return 0;
}
- if (strcmp(var, "receive.maxsize") == 0) {
+ if (strcmp(var, "receive.maxinputsize") == 0) {
max_input_size = git_config_int64(var, value);
return 0;
}
diff --git a/t/t5546-push-limits.sh b/t/t5546-push-limits.sh
deleted file mode 100755
index 09e958f..0000000
--- a/t/t5546-push-limits.sh
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/sh
-
-test_description='check input limits for pushing'
-. ./test-lib.sh
-
-test_expect_success 'create remote repository' '
- git init --bare dest
-'
-
-# Let's run tests with different unpack limits: 1 and 10
-# When the limit is 1, `git receive-pack` will call `git index-pack`.
-# When the limit is 10, `git receive-pack` will call `git unpack-objects`.
-
-while read unpacklimit filesize filename seed
-do
-
- test_expect_success "create known-size ($filesize bytes) commit '$filename'" '
- test-genrandom "$seed" "$filesize" >"$filename" &&
- git add "$filename" &&
- test_commit "$filename"
- '
-
- test_expect_success "set unpacklimit to $unpacklimit" '
- git --git-dir=dest config receive.unpacklimit "$unpacklimit"
- '
-
- test_expect_success 'setting receive.maxsize to 512 rejects push' '
- git --git-dir=dest config receive.maxsize 512 &&
- test_must_fail git push dest HEAD
- '
-
- test_expect_success 'bumping limit to 4k allows push' '
- git --git-dir=dest config receive.maxsize 4k &&
- git push dest HEAD
- '
-
-done <<\EOF
-1 1024 one-k-file foo
-10 1024 other-one-k-file bar
-EOF
-
-test_done
diff --git a/t/t5546-receive-limits.sh b/t/t5546-receive-limits.sh
new file mode 100755
index 0000000..10cb0be
--- /dev/null
+++ b/t/t5546-receive-limits.sh
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+test_description='check receive input limits'
+. ./test-lib.sh
+
+# Let's run tests with different unpack limits: 1 and 10000
+# When the limit is 1, `git receive-pack` will call `git index-pack`.
+# When the limit is 10000, `git receive-pack` will call `git unpack-objects`.
+
+test_pack_input_limit () {
+ case "$1" in
+ index) unpack_limit=1 ;;
+ unpack) unpack_limit=10000 ;;
+ esac
+
+ test_expect_success 'prepare destination repository' '
+ rm -fr dest &&
+ git --bare init dest
+ '
+
+ test_expect_success "set unpacklimit to $unpack_limit" '
+ git --git-dir=dest config receive.unpacklimit "$unpack_limit"
+ '
+
+ test_expect_success 'setting receive.maxInputSize to 512 rejects push' '
+ git --git-dir=dest config receive.maxInputSize 512 &&
+ test_must_fail git push dest HEAD
+ '
+
+ test_expect_success 'bumping limit to 4k allows push' '
+ git --git-dir=dest config receive.maxInputSize 4k &&
+ git push dest HEAD
+ '
+
+ test_expect_success 'prepare destination repository (again)' '
+ rm -fr dest &&
+ git --bare init dest
+ '
+
+ test_expect_success 'lifting the limit allows push' '
+ git --git-dir=dest config receive.maxInputSize 0 &&
+ git push dest HEAD
+ '
+}
+
+test_expect_success "create known-size (1024 bytes) commit" '
+ test-genrandom foo 1024 >one-k &&
+ git add one-k &&
+ test_commit one-k
+'
+
+test_pack_input_limit index
+test_pack_input_limit unpack
+
+test_done
---
Christian Couder (1):
unpack-objects: add --max-input-size=<size> option
Jeff King (2):
index-pack: add --max-input-size=<size> option
receive-pack: allow a maximum input size to be specified
Documentation/config.txt | 6 ++++
Documentation/git-index-pack.txt | 2 ++
Documentation/git-receive-pack.txt | 3 ++
Documentation/git-unpack-objects.txt | 3 ++
builtin/index-pack.c | 5 ++++
builtin/receive-pack.c | 12 ++++++++
builtin/unpack-objects.c | 7 +++++
t/t5546-receive-limits.sh | 55 ++++++++++++++++++++++++++++++++++++
8 files changed, 93 insertions(+)
create mode 100755 t/t5546-receive-limits.sh
--
2.10.0.rc1.3.g93be2b9
next reply other threads:[~2016-08-24 18:42 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-24 18:41 Christian Couder [this message]
2016-08-24 18:41 ` [PATCH v3 1/3] index-pack: add --max-input-size=<size> option Christian Couder
2016-08-24 18:41 ` [PATCH v3 2/3] unpack-objects: " Christian Couder
2016-08-24 18:41 ` [PATCH v3 3/3] receive-pack: allow a maximum input size to be specified Christian Couder
2016-08-24 18:54 ` Jeff King
2016-08-24 19:30 ` [PATCH v3 0/3] limit the size of the packs we receive Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160824184157.19264-1-chriscool@tuxfamily.org \
--to=christian.couder@gmail.com \
--cc=chriscool@tuxfamily.org \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).