git@vger.kernel.org mailing list mirror (one of many)
 help / color / mirror / code / Atom feed
From: Teng Long <dyroneteng@gmail.com>
To: git@vger.kernel.org
Cc: gitster@pobox.com, avarab@gmail.com, derrickstolee@github.com,
	me@ttaylorr.com, tenglong.tl@alibaba-inc.com,
	Teng Long <dyroneteng@gmail.com>,
	XingXin <moweng.xx@antgroup.com>
Subject: [PATCH 1/1] pack-bitmap.c: avoid exposing absolute paths
Date: Fri, 26 Aug 2022 15:09:12 +0800	[thread overview]
Message-ID: <20220826070912.70274-2-dyroneteng@gmail.com> (raw)
In-Reply-To: <20220826070912.70274-1-dyroneteng@gmail.com>

In "open_midx_bitmap_1()" and "open_pack_bitmap_1()", when we find that
there are multiple bitmaps, we will only open the first one and then
leave warnings about the remaining pack information, the information
will contain the absolute path of the repository, for example in a
alternates usage scenario. So let's hide this kind of potentially
sensitive information in this commit.

Found-by: XingXin <moweng.xx@antgroup.com>
Signed-off-by: Teng Long <dyroneteng@gmail.com>
---
 pack-bitmap.c                 | 8 ++++----
 t/t5310-pack-bitmaps.sh       | 2 +-
 t/t5326-multi-pack-bitmaps.sh | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/pack-bitmap.c b/pack-bitmap.c
index 36134222d7a..5103d91d18a 100644
--- a/pack-bitmap.c
+++ b/pack-bitmap.c
@@ -331,8 +331,8 @@ static int open_midx_bitmap_1(struct bitmap_index *bitmap_git,
 	if (bitmap_git->pack || bitmap_git->midx) {
 		struct strbuf buf = STRBUF_INIT;
 		get_midx_filename(&buf, midx->object_dir);
-		/* ignore extra bitmap file; we can only handle one */
-		warning("ignoring extra bitmap file: %s", buf.buf);
+		/* ignore extra midx bitmap files; we can only handle one */
+		warning("ignoring extra midx bitmap files");
 		close(fd);
 		strbuf_release(&buf);
 		return -1;
@@ -402,8 +402,8 @@ static int open_pack_bitmap_1(struct bitmap_index *bitmap_git, struct packed_git
 	}
 
 	if (bitmap_git->pack || bitmap_git->midx) {
-		/* ignore extra bitmap file; we can only handle one */
-		warning("ignoring extra bitmap file: %s", packfile->pack_name);
+		/* ignore extra bitmap files; we can only handle one */
+		warning("ignoring extra bitmap files");
 		close(fd);
 		return -1;
 	}
diff --git a/t/t5310-pack-bitmaps.sh b/t/t5310-pack-bitmaps.sh
index f775fc1ce69..7cd6d79a022 100755
--- a/t/t5310-pack-bitmaps.sh
+++ b/t/t5310-pack-bitmaps.sh
@@ -421,7 +421,7 @@ test_expect_success 'complains about multiple pack bitmaps' '
 		test_line_count = 2 bitmaps &&
 
 		git rev-list --use-bitmap-index HEAD 2>err &&
-		grep "ignoring extra bitmap file" err
+		grep "ignoring extra bitmap files" err
 	)
 '
 
diff --git a/t/t5326-multi-pack-bitmaps.sh b/t/t5326-multi-pack-bitmaps.sh
index 4fe57414c13..1786f28376a 100755
--- a/t/t5326-multi-pack-bitmaps.sh
+++ b/t/t5326-multi-pack-bitmaps.sh
@@ -303,7 +303,7 @@ test_expect_success 'graceful fallback when missing reverse index' '
 
 		GIT_TEST_MIDX_READ_RIDX=0 \
 			git rev-list --use-bitmap-index HEAD 2>err &&
-		! grep "ignoring extra bitmap file" err
+		grep "multi-pack bitmap is missing required reverse index" err
 	)
 '
 
-- 
2.37.2.1.g1591e7ee52e


  reply	other threads:[~2022-08-26  7:10 UTC|newest]

Thread overview: 67+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-08-26  7:09 [PATCH 0/1] pack-bitmap.c: avoid exposing absolute paths Teng Long
2022-08-26  7:09 ` Teng Long [this message]
2022-08-26 16:34 ` Junio C Hamano
2022-08-29  2:48   ` Teng Long
2022-10-26 21:42     ` Taylor Blau
2022-10-26 23:19       ` Ævar Arnfjörð Bjarmason
2022-10-31 13:20         ` Teng Long
2022-10-27 20:45       ` Jeff King
2022-10-30 18:42         ` Taylor Blau
2022-10-31 12:22           ` [PATCH 0/1] pack-bitmap.c: avoid exposing absolute paths Taylor Blau <me@ttaylorr.com> writes: Teng Long
2022-11-02  5:37         ` [PATCH 0/1] pack-bitmap.c: avoid exposing absolute paths Teng Long
2022-11-02  7:54           ` Jeff King
2022-11-02 13:52             ` Teng Long
2022-10-31 13:13       ` Teng Long
2022-11-03  1:00         ` Taylor Blau
2022-11-02  9:20 ` Ævar Arnfjörð Bjarmason
2022-11-02 13:04   ` Teng Long
2022-11-02 12:56 ` [PATCH v2 " Teng Long
2022-11-02 12:56   ` [PATCH v2 1/1] " Teng Long
2022-11-03  1:16     ` Taylor Blau
2022-11-03  9:35       ` Teng Long
2022-11-05  0:35         ` Taylor Blau
2022-11-03  1:21   ` [PATCH v2 0/1] " Taylor Blau
2022-11-03  8:42     ` Teng Long
2022-11-04  3:17   ` [PATCH v3 0/2] " Teng Long
2022-11-04  3:17     ` [PATCH v3 1/2] " Teng Long
2022-11-04 22:11       ` Taylor Blau
2022-11-04  3:17     ` [PATCH v3 2/2] pack-bitmap.c: remove unnecessary "open_pack_index()" calls Teng Long
2022-11-04 22:09       ` Taylor Blau
2022-11-04 22:13     ` [PATCH v3 0/2] pack-bitmap.c: avoid exposing absolute paths Taylor Blau
2022-11-10  7:10     ` Teng Long
2022-11-10  7:10       ` [PATCH v3 1/2] pack-bitmap.c: remove unnecessary "open_pack_index()" calls Teng Long
2022-11-14 22:03         ` Jeff King
2022-11-14 22:14           ` Taylor Blau
2022-11-14 22:31             ` Jeff King
2022-11-14 22:50               ` Taylor Blau
2022-11-10  7:10       ` [PATCH v3 2/2] pack-bitmap.c: avoid exposing absolute paths Teng Long
2022-11-11 22:26       ` [PATCH v3 0/2] " Taylor Blau
2022-11-14 22:23         ` Jeff King
2022-11-17 14:19           ` Teng Long
2022-11-17 15:03             ` Jeff King
2022-11-17 21:57               ` Taylor Blau
2022-11-21  3:27                 ` Teng Long
2022-11-21 12:16     ` [PATCH v4 0/4] " Teng Long
2022-11-21 12:16       ` [PATCH v4 1/4] pack-bitmap.c: remove unnecessary "open_pack_index()" calls Teng Long
2022-11-21 12:16       ` [PATCH v4 2/4] pack-bitmap.c: avoid exposing absolute paths Teng Long
2022-11-21 12:16       ` [PATCH v4 3/4] pack-bitmap.c: break out of the bitmap loop early if not tracing Teng Long
2022-11-21 23:27         ` Junio C Hamano
2022-11-28 13:09           ` Teng Long
2022-11-21 12:16       ` [PATCH v4 4/4] pack-bitmap.c: trace bitmap ignore logs when midx-bitmap is found Teng Long
2022-11-21 19:09         ` Jeff King
2022-11-21 23:29           ` Junio C Hamano
2022-11-28 12:29             ` Teng Long
2022-11-28 12:37           ` Teng Long
2022-11-29  1:27             ` Jeff King
2022-11-29 13:14               ` Teng Long
2022-11-21 19:04       ` [PATCH v4 0/4] pack-bitmap.c: avoid exposing absolute paths Jeff King
2022-11-28 12:48         ` Teng Long
2022-11-28 14:09       ` [PATCH v5 " Teng Long
2022-11-28 14:09         ` [PATCH v5 1/4] pack-bitmap.c: remove unnecessary "open_pack_index()" calls Teng Long
2022-11-28 14:09         ` [PATCH v5 2/4] pack-bitmap.c: avoid exposing absolute paths Teng Long
2022-11-28 14:09         ` [PATCH v5 3/4] pack-bitmap.c: break out of the bitmap loop early if not tracing Teng Long
2022-11-28 23:26           ` Taylor Blau
2022-11-29 13:17             ` Teng Long
2022-11-28 14:09         ` [PATCH v5 4/4] pack-bitmap.c: trace bitmap ignore logs when midx-bitmap is found Teng Long
2022-11-28 23:30         ` [PATCH v5 0/4] pack-bitmap.c: avoid exposing absolute paths Taylor Blau
2022-11-29 13:21           ` Teng Long

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: http://vger.kernel.org/majordomo-info.html

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220826070912.70274-2-dyroneteng@gmail.com \
    --to=dyroneteng@gmail.com \
    --cc=avarab@gmail.com \
    --cc=derrickstolee@github.com \
    --cc=git@vger.kernel.org \
    --cc=gitster@pobox.com \
    --cc=me@ttaylorr.com \
    --cc=moweng.xx@antgroup.com \
    --cc=tenglong.tl@alibaba-inc.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

	https://80x24.org/mirrors/git.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).