From: Jonathan Nieder <jrnieder@gmail.com>
To: Thomas Gummerer <t.gummerer@gmail.com>
Cc: git@vger.kernel.org, Junio C Hamano <gitster@pobox.com>,
"brian m. carlson" <sandals@crustytoothpaste.ath.cx>,
Jeff King <peff@peff.net>
Subject: Re: [PATCH 2/3] http-push: fix construction of hex value from path
Date: Tue, 3 Oct 2017 15:53:15 -0700 [thread overview]
Message-ID: <20171003225315.GE19555@aiede.mtv.corp.google.com> (raw)
In-Reply-To: <20171003195713.13395-3-t.gummerer@gmail.com>
Hi,
Thomas Gummerer wrote:
> The get_oid_hex_from_objpath takes care of creating a oid from a
> pathname. It does this by memcpy'ing the first two bytes of the path to
> the "hex" string, then skipping the '/', and then copying the rest of the
> path to the "hex" string. Currently it fails to increase the pointer to
> the hex string, so the second memcpy invocation just mashes over what
> was copied in the first one, and leaves the last two bytes in the string
> uninitialized.
Wow. The fix is obviously correct.
> This breaks valgrind in t5540, although the test passes without
> valgrind:
[...]
> Signed-off-by: Thomas Gummerer <t.gummerer@gmail.com>
> ---
> http-push.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Would it be straightforward to add a correctness test for this? It
seems like this code path didn't work at all and no one noticed.
This is the code path in http-push.c which says
/*
* NEEDSWORK: remote_ls() ignores info/refs on the remote side. But it
* should _only_ heed the information from that file, instead of trying to
* determine the refs from the remote file system (badly: it does not even
* know about packed-refs).
*/
static void remote_ls(const char *path, int flags,
I think the problem is that when it fails, we end up thinking that
there are *fewer* objects than are actually present remotely so the
only ill effect is pushing too much. So this should be observable in
server logs (i.e. it is testable) but it's not a catastrophic failure
which means it's harder to test than it would be otherwise.
Moreover, this is in the webdav-based "dumb http" push code path,
which I do not trust much at all. I wonder if we could retire it
completely (or at least provide an option to turn it off).
> diff --git a/http-push.c b/http-push.c
> index e4c9b065ce..e9a01ec4da 100644
> --- a/http-push.c
> +++ b/http-push.c
> @@ -1018,7 +1018,7 @@ static int get_oid_hex_from_objpath(const char *path, struct object_id *oid)
> memcpy(hex, path, 2);
> path += 2;
> path++; /* skip '/' */
> - memcpy(hex, path, GIT_SHA1_HEXSZ - 2);
> + memcpy(hex + 2, path, GIT_SHA1_HEXSZ - 2);
>
> return get_oid_hex(hex, oid);
Thanks,
Jonathan
next prev parent reply other threads:[~2017-10-03 22:53 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-03 19:57 [PATCH 0/3] fixes for running the test suite with --valgrind Thomas Gummerer
2017-10-03 19:57 ` [PATCH 1/3] path.c: fix uninitialized memory access Thomas Gummerer
2017-10-03 22:45 ` Jonathan Nieder
2017-10-03 23:30 ` Jeff King
2017-10-03 23:37 ` Jonathan Nieder
2017-10-04 4:47 ` Junio C Hamano
2017-10-04 5:21 ` Jeff King
2017-10-04 19:22 ` Thomas Gummerer
2017-10-04 19:36 ` Jonathan Nieder
2017-10-03 19:57 ` [PATCH 2/3] http-push: fix construction of hex value from path Thomas Gummerer
2017-10-03 22:53 ` Jonathan Nieder [this message]
2017-10-03 23:36 ` Jeff King
2017-10-04 4:48 ` Junio C Hamano
2017-10-04 5:20 ` Junio C Hamano
2017-10-04 5:26 ` Jeff King
2017-10-04 6:26 ` Junio C Hamano
2017-10-03 19:57 ` [PATCH 3/3] sub-process: allocate argv on the heap Thomas Gummerer
2017-10-03 20:24 ` Johannes Sixt
2017-10-04 4:59 ` Junio C Hamano
2017-10-04 5:32 ` Jeff King
2017-10-04 5:58 ` Johannes Sixt
2017-10-04 19:31 ` Thomas Gummerer
2017-10-03 20:25 ` Stefan Beller
2017-10-03 23:41 ` [PATCH 0/3] fixes for running the test suite with --valgrind Jeff King
2017-10-03 23:50 ` Jonathan Nieder
2017-10-03 23:54 ` Jeff King
2017-10-04 10:19 ` playing with MSan, was " Jeff King
2017-10-04 19:30 ` Thomas Gummerer
2017-10-05 3:46 ` lstat-ing delayed-filter output, was Re: playing with MSan Jeff King
2017-10-05 10:47 ` Lars Schneider
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171003225315.GE19555@aiede.mtv.corp.google.com \
--to=jrnieder@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
--cc=sandals@crustytoothpaste.ath.cx \
--cc=t.gummerer@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).