From: Jeff King <peff@peff.net>
To: Junio C Hamano <gitster@pobox.com>
Cc: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>,
"Git Mailing List" <git@vger.kernel.org>,
"John Szakmeister" <john@szakmeister.net>,
"Dennis Kaarsemaker" <dennis@kaarsemaker.net>
Subject: Re: [PATCH 2/3] check_stream_sha1(): handle input underflow
Date: Wed, 31 Oct 2018 00:30:51 -0400 [thread overview]
Message-ID: <20181031043051.GA5601@sigill.intra.peff.net> (raw)
In-Reply-To: <xmqqpnvqyc9x.fsf@gitster-ct.c.googlers.com>
On Wed, Oct 31, 2018 at 01:23:54PM +0900, Junio C Hamano wrote:
> Jeff King <peff@peff.net> writes:
>
> > The bug comes from commit f6371f9210 (sha1_file: add
> > read_loose_object() function, 2017-01-13), which
> > reimplemented some of the existing loose object functions.
> > So it's worth checking if this bug was inherited from any of
> > those. The answers seems to be no. The two obvious
> > candidates are both OK:
> >
> > 1. unpack_sha1_rest(); this doesn't need to loop on
> > Z_BUF_ERROR at all, since it allocates the expected
> > output buffer in advance (which we can't do since we're
> > explicitly streaming here)
> >
> > 2. check_object_signature(); the streaming path relies on
> > the istream interface, which uses read_istream_loose()
> > for this case. That function uses a similar "is our
> > output buffer full" check with Z_BUF_ERROR (which is
> > where I stole it from for this patch!)
>
> See 692f0bc7 to find who did the fix you stole from, and for what
> kind of breakage the original fix was made.
Heh. I did not dig into it, but actually thought "I'll bet Junio had to
get this right when he wrote the streaming code. No wonder he spotted my
mistake so quickly!".
> By the way, a very similar loop for pack_non_delta istream iterates
> while total_read is smaller than sz, but it does not have the same
> check upon BUF_ERROR to see if we've read everything.
Indeed. Did you find that one by inspection, or did you peek at:
https://public-inbox.org/git/20130325202114.GD16019@sigill.intra.peff.net/
? :)
-Peff
next prev parent reply other threads:[~2018-10-31 4:30 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-07 12:50 "git fsck" not detecting garbage at the end of blob object files John Szakmeister
2017-01-07 21:47 ` Dennis Kaarsemaker
2017-01-08 5:26 ` Jeff King
2017-01-13 9:15 ` John Szakmeister
2017-01-13 17:52 ` [PATCH 0/6] loose-object fsck fixes/tightening Jeff King
2017-01-13 17:54 ` [PATCH 1/6] t1450: refactor loose-object removal Jeff King
2017-01-13 17:54 ` [PATCH 2/6] sha1_file: fix error message for alternate objects Jeff King
2017-01-13 17:55 ` [PATCH 3/6] t1450: test fsck of packed objects Jeff King
2017-01-13 17:58 ` [PATCH 4/6] sha1_file: add read_loose_object() function Jeff King
2017-01-13 17:59 ` [PATCH 5/6] fsck: parse loose object paths directly Jeff King
2018-10-30 20:03 ` Infinite loop regression in git-fsck in v2.12.0 Ævar Arnfjörð Bjarmason
2018-10-30 21:35 ` Jeff King
2018-10-30 22:28 ` Junio C Hamano
2018-10-30 22:56 ` Jeff King
2018-10-30 23:12 ` Jeff King
2018-10-30 23:18 ` [PATCH 1/3] t1450: check large blob in trailing-garbage test Jeff King
2018-10-30 23:23 ` [PATCH 2/3] check_stream_sha1(): handle input underflow Jeff King
2018-10-31 4:23 ` Junio C Hamano
2018-10-31 4:30 ` Jeff King [this message]
2018-10-31 4:44 ` Junio C Hamano
2018-10-31 5:03 ` Jeff King
2018-10-31 5:13 ` Jeff King
2018-10-31 5:31 ` Junio C Hamano
2018-10-30 23:23 ` [PATCH 3/3] cat-file: handle streaming failures consistently Jeff King
2018-10-31 12:42 ` [PATCH 0/3] Add a GIT_TEST_FSCK test mode Ævar Arnfjörð Bjarmason
2018-10-31 12:42 ` [PATCH 1/3] tests: add a "env-bool" helper to test-tool Ævar Arnfjörð Bjarmason
2018-10-31 12:42 ` [PATCH 2/3] tests: mark those tests where "git fsck" fails at the end Ævar Arnfjörð Bjarmason
2018-11-01 3:37 ` Junio C Hamano
2018-10-31 12:42 ` [PATCH 3/3] tests: add a special test setup that runs "git fsck" before exiting Ævar Arnfjörð Bjarmason
2018-10-31 13:33 ` [PATCH 3/3] cat-file: handle streaming failures consistently Torsten Bögershausen
2018-10-31 14:23 ` Junio C Hamano
2018-10-31 14:37 ` Jeff King
2018-10-31 17:38 ` Eric Sunshine
2018-10-31 20:29 ` Jeff King
2018-10-30 21:56 ` Infinite loop regression in git-fsck in v2.12.0 Ævar Arnfjörð Bjarmason
2018-10-30 23:08 ` Jeff King
2017-01-13 18:00 ` [PATCH 6/6] fsck: detect trailing garbage in all object types Jeff King
2017-01-19 11:18 ` [PATCH 0/6] loose-object fsck fixes/tightening John Szakmeister
2017-01-13 9:16 ` "git fsck" not detecting garbage at the end of blob object files John Szakmeister
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181031043051.GA5601@sigill.intra.peff.net \
--to=peff@peff.net \
--cc=avarab@gmail.com \
--cc=dennis@kaarsemaker.net \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=john@szakmeister.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).