From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: AS31976 209.132.180.0/23 X-Spam-Status: No, score=-4.0 required=3.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by dcvr.yhbt.net (Postfix) with ESMTP id 56B601F487 for ; Thu, 26 Mar 2020 21:36:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726363AbgCZVgG (ORCPT ); Thu, 26 Mar 2020 17:36:06 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:36314 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726067AbgCZVgG (ORCPT ); Thu, 26 Mar 2020 17:36:06 -0400 Received: by mail-wm1-f66.google.com with SMTP id g62so9632199wme.1 for ; Thu, 26 Mar 2020 14:36:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=j0JyEl8fo9va7awogaYLGBWJkOVvCeG73t3v6yp4wy0=; b=fzUZ6Atmhpna892t2Lqy0WEbf8BpjVcgSLdDRdINBKFmwsGB5/6f9Rdx19lPLI7hWf RnH54KlyHOsqcqlMB62jfcIgfffBqsglhJbG/PoqI+hM9V1X0rmzBtZ1rb1IeY4M+3Rr H0ANnGok2G9L9Ky5CTkhLX/GrZM0JGjl8g4WPXP99upvBI7/q7yGJ5IIrohU74vF/nRb 7zTkxOaNvtu2kiHAizIPVHz+BJvEfhcWeySwSEDpsFJKyFd4xC8uHP9j3csEKIdx3e1d Rff8y+MOSgVCySAw6kM1rgjy51zUFbWSzpuB5MPN+p3sZFkSoUid34wVdL+F+sH3esHm ok4Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=j0JyEl8fo9va7awogaYLGBWJkOVvCeG73t3v6yp4wy0=; b=fCzGYyREV2CbwAO/8SUZZi/zOc5KHjJEf6KW64EnesbK06qpcyT6KuMzo90SRabBZY UnUNegD8ONClqRVYK9c41tOlLsFwVRqedRJDntrjr7oEoe72CLWsm7AJ/PXdbez80XPL c/zJAtkN0abl2jWtym9GCieZBDvV6LGbFiBgSWEA6RwOI2jMlI+8zQVIkkYOwMY4IN6o ahGSnC/mRRjxxgKMKddSXxJ7ILaADtv5wm57GY5qBE1ig7SnQPrkAd7OnuLQmq9N0h1n MjPr9tL222Ug99LXT1tl45w3Q63h0xGakdCdglZf2bsiIE3kjnQx5QxrUgBX+k47d+8P +Zcg== X-Gm-Message-State: ANhLgQ0Jbsp02m3m3jV01aERo5E3Ll6HzAWC233n02nEeiF61b5nZbeA HAphgv+oqLj8pIEple1UdNjnURJw6aUX+A== X-Google-Smtp-Source: ADFU+vttQPFuHNhyN4z5O5aS4FqP7OJ2wTb8rLOiKWBM2e+cASaOZM4NwlNcnEJ0v0J6QXd1o/sYxQ== X-Received: by 2002:adf:f091:: with SMTP id n17mr4346973wro.154.1585258561866; Thu, 26 Mar 2020 14:36:01 -0700 (PDT) Received: from localhost.localdomain (87-231-246-247.rev.numericable.fr. [87.231.246.247]) by smtp.gmail.com with ESMTPSA id z12sm5620533wrt.27.2020.03.26.14.35.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Mar 2020 14:36:00 -0700 (PDT) From: Damien Robert X-Google-Original-From: Damien Robert To: Jeff King , git@vger.kernel.org, Junio C Hamano , Derrick Stolee , William Baker Cc: Damien Robert Subject: [PATCH v4 1/1] midx.c: fix an integer overflow Date: Thu, 26 Mar 2020 22:35:34 +0100 Message-Id: <20200326213534.399377-1-damien.olivier.robert+git@gmail.com> X-Mailer: git-send-email 2.25.2 In-Reply-To: <20200312173520.2401776-1-damien.olivier.robert+git@gmail.com> References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: git-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org When verifying a midx index with 0 objects, the m->num_objects - 1 overflows to 4294967295. Fix this both by checking that the midx contains at least one oid, and also that we don't write any midx when there is no packfiles. Update the tests to check that `git multi-pack-index write` does not write an midx when there is no objects, and another to check that `git multi-pack-index verify` warns when it verifies an midx with no objects. For this last test, use t5319/no-objects.midx which was generated by an older version of git. Signed-off-by: Damien Robert --- Following the recommandations I uploaded an empty midx to check we don't regress. midx.c | 15 +++++++++++++++ t/t5319-multi-pack-index.sh | 13 +++++++++---- t/t5319/no-objects.midx | Bin 0 -> 1116 bytes 3 files changed, 24 insertions(+), 4 deletions(-) create mode 100644 t/t5319/no-objects.midx diff --git a/midx.c b/midx.c index 1527e464a7..a520e26395 100644 --- a/midx.c +++ b/midx.c @@ -923,6 +923,12 @@ static int write_midx_internal(const char *object_dir, struct multi_pack_index * cur_chunk = 0; num_chunks = large_offsets_needed ? 5 : 4; + if (packs.nr - dropped_packs == 0) { + error(_("no pack files to index.")); + result = 1; + goto cleanup; + } + written = write_midx_header(f, num_chunks, packs.nr - dropped_packs); chunk_ids[cur_chunk] = MIDX_CHUNKID_PACKNAMES; @@ -1124,6 +1130,15 @@ int verify_midx_file(struct repository *r, const char *object_dir, unsigned flag i, oid_fanout1, oid_fanout2, i + 1); } + if (m->num_objects == 0) { + midx_report(_("the midx contains no oid")); + /* + * Remaining tests assume that we have objects, so we can + * return here. + */ + return verify_midx_error; + } + if (flags & MIDX_PROGRESS) progress = start_sparse_progress(_("Verifying OID order in multi-pack-index"), m->num_objects - 1); diff --git a/t/t5319-multi-pack-index.sh b/t/t5319-multi-pack-index.sh index 43a7a66c9d..10c35d445d 100755 --- a/t/t5319-multi-pack-index.sh +++ b/t/t5319-multi-pack-index.sh @@ -42,10 +42,15 @@ test_expect_success 'setup' ' EOF ' -test_expect_success 'write midx with no packs' ' - test_when_finished rm -f pack/multi-pack-index && - git multi-pack-index --object-dir=. write && - midx_read_expect 0 0 4 . +test_expect_success "don't write midx with no packs" ' + test_must_fail git multi-pack-index --object-dir=. write && + test_path_is_missing pack/multi-pack-index +' + +test_expect_success "Warn if a midx contains no oid" ' + cp "$TEST_DIRECTORY"/t5319/no-objects.midx .git/objects/pack/multi-pack-index && + test_must_fail git multi-pack-index verify && + rm .git/objects/pack/multi-pack-index ' generate_objects () { diff --git a/t/t5319/no-objects.midx b/t/t5319/no-objects.midx new file mode 100644 index 0000000000000000000000000000000000000000..e466b8e08654c29effb5248cb109d81cfbcfd2f4 GIT binary patch literal 1116 zcmebEbctYOWMKe-06#}xFoS`?!{5`z4T