From: Jeff King <peff@peff.net>
To: Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>
Cc: git@vger.kernel.org
Subject: [PATCH 1/2] help_unknown_ref(): duplicate collected refnames
Date: Tue, 14 May 2019 08:04:31 -0400 [thread overview]
Message-ID: <20190514120430.GA27229@sigill.intra.peff.net> (raw)
In-Reply-To: <20190514120220.GA7714@sigill.intra.peff.net>
When "git merge" sees an unknown refname, we iterate through the refs to
try to suggest some possible alternates. We do so with for_each_ref(),
and in the callback we add some of the refnames we get to a
string_list that is declared with NODUP, directly adding a pointer into
the refname string our callback received.
But the for_each_ref() machinery does not promise that the refname
string will remain valid, and as a result we may print garbage memory.
The code in question dates back to its inception in e56181060e (help:
add help_unknown_ref(), 2013-05-04). But back then, the refname strings
generally did remain stable, at least immediately after the
for_each_ref() call. Later, in d1cf15516f (packed_ref_iterator_begin():
iterate using `mmapped_ref_iterator`, 2017-09-25), we started
consistently re-using a separate buffer for packed refs.
The fix is simple: duplicate the strings we intend to collect. We
already call string_list_clear(), so the memory is correctly freed.
Signed-off-by: Jeff King <peff@peff.net>
---
help.c | 2 +-
t/t7600-merge.sh | 14 ++++++++++++++
2 files changed, 15 insertions(+), 1 deletion(-)
diff --git a/help.c b/help.c
index a9e451f2ee..d3b3f64e3c 100644
--- a/help.c
+++ b/help.c
@@ -766,7 +766,7 @@ static int append_similar_ref(const char *refname, const struct object_id *oid,
static struct string_list guess_refs(const char *ref)
{
struct similar_ref_cb ref_cb;
- struct string_list similar_refs = STRING_LIST_INIT_NODUP;
+ struct string_list similar_refs = STRING_LIST_INIT_DUP;
ref_cb.base_ref = ref;
ref_cb.similar_refs = &similar_refs;
diff --git a/t/t7600-merge.sh b/t/t7600-merge.sh
index 7f9c68cbe7..7551ae3488 100755
--- a/t/t7600-merge.sh
+++ b/t/t7600-merge.sh
@@ -867,4 +867,18 @@ test_expect_success EXECKEEPSPID 'killed merge can be completed with --continue'
verify_parents $c0 $c1
'
+test_expect_success 'merge suggests matching remote refname' '
+ git commit --allow-empty -m not-local &&
+ git update-ref refs/remotes/origin/not-local HEAD &&
+ git reset --hard HEAD^ &&
+
+ # This is white-box testing hackery; we happen to know
+ # that reading packed refs is more picky about the memory
+ # ownership of strings we pass to for_each_ref() callbacks.
+ git pack-refs --all --prune &&
+
+ test_must_fail git merge not-local 2>stderr &&
+ grep origin/not-local stderr
+'
+
test_done
--
2.21.0.1388.g2b1efd806f
next prev parent reply other threads:[~2019-05-14 12:04 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-14 9:54 some git confusion (where git's advice didn't help) Ulrich Windl
2019-05-14 11:21 ` Jeff King
2019-05-14 11:29 ` Duy Nguyen
2019-05-14 12:16 ` Jeff King
2019-05-14 12:02 ` [PATCH 0/2] some fixes for help_unknown_ref() Jeff King
2019-05-14 12:04 ` Jeff King [this message]
2019-05-14 12:05 ` [PATCH 2/2] help_unknown_ref(): check for refname ambiguity Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190514120430.GA27229@sigill.intra.peff.net \
--to=peff@peff.net \
--cc=Ulrich.Windl@rz.uni-regensburg.de \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).