From: "René Scharfe" <l.s.r@web.de>
To: Jeff King <peff@peff.net>, git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
Dragan Simic <dsimic@manjaro.org>,
Kristoffer Haugsbakk <code@khaugsbakk.name>,
Manlio Perillo <manlio.perillo@gmail.com>
Subject: Re: [PATCH 11/15] find multi-byte comment chars in unterminated buffers
Date: Thu, 7 Mar 2024 20:41:59 +0100 [thread overview]
Message-ID: <742ed8e6-d68b-47a0-8d57-731716c5365d@web.de> (raw)
In-Reply-To: <20240307110809.GA3668372@coredump.intra.peff.net>
Am 07.03.24 um 12:08 schrieb Jeff King:
> On Thu, Mar 07, 2024 at 04:26:38AM -0500, Jeff King wrote:
>
>> IMHO this is the trickiest commit of the whole series, as it would be
>> easy to get the length computations subtly wrong.
>
> And sure enough...
>
>> diff --git a/trailer.c b/trailer.c
>> index fe18faf6c5..f59c90b4b5 100644
>> --- a/trailer.c
>> +++ b/trailer.c
>> @@ -882,7 +882,7 @@ static size_t find_trailer_block_start(const char *buf, size_t len)
>>
>> /* The first paragraph is the title and cannot be trailers */
>> for (s = buf; s < buf + len; s = next_line(s)) {
>> - if (s[0] == comment_line_char)
>> + if (starts_with_mem(s, buf + len - s, comment_line_str))
>> continue;
>> if (is_blank_line(s))
>> break;
>> @@ -902,7 +902,7 @@ static size_t find_trailer_block_start(const char *buf, size_t len)
>> const char **p;
>> ssize_t separator_pos;
>>
>> - if (bol[0] == comment_line_char) {
>> + if (starts_with_mem(bol, buf + end_of_title - bol, comment_line_str)) {
>> non_trailer_lines += possible_continuation_lines;
>> possible_continuation_lines = 0;
>> continue;
>
> This second hunk needs:
>
> diff --git a/trailer.c b/trailer.c
> index f59c90b4b5..fdb0b8137e 100644
> --- a/trailer.c
> +++ b/trailer.c
> @@ -902,7 +902,7 @@ static size_t find_trailer_block_start(const char *buf, size_t len)
> const char **p;
> ssize_t separator_pos;
>
> - if (starts_with_mem(bol, buf + end_of_title - bol, comment_line_str)) {
> + if (starts_with_mem(bol, buf + len - bol, comment_line_str)) {
> non_trailer_lines += possible_continuation_lines;
> possible_continuation_lines = 0;
> continue;
>
> I was trying to bound the size based on the loop, which is:
>
> for (l = last_line(buf, len);
> l >= end_of_title;
> l = last_line(buf, l)) {
> const char *bol = buf + l;
>
> but I misread "end_of_title" as an upper bound, not a lower one. Which
> makes sense because we're iterating backwards over the lines. So I
> suppose we could bound it by the previous "bol" value. But in practice,
> your prefix won't cross such a boundary anyway, as it won't have a
> newline in it (maybe that's something we should enforce? I guess you
> could set core.commentChar to '\n' even before my series, which would be
> slightly insane).
>
> So just bounding ourselves to "buf + len" seems reasonable, as that
> makes sure we don't step outside the buffer passed into the function.
>
> Curiously, this was found by the sanitizer job in CI, where UBSan
> complains of integer overflow in the pointer computation. I had run with
> both ASan/UBSan locally, but just using gcc, which doesn't seem to find
> it (the CI job uses clang). So I'll that to my mental tally of "clang
> seems to be better with sanitizers".
>
> -Peff
next prev parent reply other threads:[~2024-03-07 19:42 UTC|newest]
Thread overview: 82+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-05 8:43 Clarify the meaning of "character" in the documentation Manlio Perillo
2024-03-05 9:00 ` Kristoffer Haugsbakk
2024-03-05 15:32 ` Junio C Hamano
2024-03-05 15:42 ` Dragan Simic
2024-03-05 16:38 ` Junio C Hamano
2024-03-05 17:28 ` Dragan Simic
2024-03-06 8:08 ` [messy PATCH] multi-byte core.commentChar Jeff King
2024-03-07 9:14 ` [PATCH 0/15] allow " Jeff King
2024-03-07 9:15 ` [PATCH 01/15] strbuf: simplify comment-handling in add_lines() helper Jeff King
2024-03-07 9:16 ` [PATCH 02/15] strbuf: avoid static variables in strbuf_add_commented_lines() Jeff King
2024-03-07 9:18 ` [PATCH 03/15] commit: refactor base-case of adjust_comment_line_char() Jeff King
2024-03-07 9:19 ` [PATCH 04/15] strbuf: avoid shadowing global comment_line_char name Jeff King
2024-03-07 9:20 ` [PATCH 05/15] environment: store comment_line_char as a string Jeff King
2024-03-07 9:21 ` [PATCH 06/15] strbuf: accept a comment string for strbuf_stripspace() Jeff King
2024-03-07 9:53 ` Jeff King
2024-03-07 9:22 ` [PATCH 07/15] strbuf: accept a comment string for strbuf_commented_addf() Jeff King
2024-03-07 9:23 ` [PATCH 08/15] strbuf: accept a comment string for strbuf_add_commented_lines() Jeff King
2024-03-07 9:23 ` [PATCH 09/15] prefer comment_line_str to comment_line_char for printing Jeff King
2024-03-07 9:24 ` [PATCH 10/15] find multi-byte comment chars in NUL-terminated strings Jeff King
2024-03-07 9:26 ` [PATCH 11/15] find multi-byte comment chars in unterminated buffers Jeff King
2024-03-07 11:08 ` Jeff King
2024-03-07 19:41 ` René Scharfe [this message]
2024-03-07 19:47 ` René Scharfe
2024-03-07 19:42 ` René Scharfe
2024-03-08 10:17 ` Phillip Wood
2024-03-08 15:58 ` Junio C Hamano
2024-03-08 16:20 ` Phillip Wood
2024-03-12 8:19 ` Jeff King
2024-03-12 14:36 ` phillip.wood123
2024-03-13 6:23 ` Jeff King
2024-03-12 8:05 ` Jeff King
2024-03-14 19:37 ` René Scharfe
2024-03-07 9:27 ` [PATCH 12/15] sequencer: handle multi-byte comment characters when writing todo list Jeff King
2024-03-08 10:20 ` Phillip Wood
2024-03-12 8:21 ` Jeff King
2024-03-07 9:28 ` [PATCH 13/15] wt-status: drop custom comment-char stringification Jeff King
2024-03-07 9:30 ` [PATCH 14/15] environment: drop comment_line_char compatibility macro Jeff King
2024-03-07 9:34 ` [PATCH 15/15] config: allow multi-byte core.commentChar Jeff King
2024-03-08 11:07 ` [PATCH 0/15] " Phillip Wood
2024-03-12 9:10 ` [PATCH v2 0/16] " Jeff King
2024-03-12 9:17 ` [PATCH v2 01/16] config: forbid newline as core.commentChar Jeff King
2024-03-12 9:17 ` [PATCH v2 02/16] strbuf: simplify comment-handling in add_lines() helper Jeff King
2024-03-12 9:17 ` [PATCH v2 03/16] strbuf: avoid static variables in strbuf_add_commented_lines() Jeff King
2024-03-12 9:17 ` [PATCH v2 04/16] commit: refactor base-case of adjust_comment_line_char() Jeff King
2024-03-12 9:17 ` [PATCH v2 05/16] strbuf: avoid shadowing global comment_line_char name Jeff King
2024-03-12 9:17 ` [PATCH v2 06/16] environment: store comment_line_char as a string Jeff King
2024-03-12 9:17 ` [PATCH v2 07/16] strbuf: accept a comment string for strbuf_stripspace() Jeff King
2024-03-12 9:17 ` [PATCH v2 08/16] strbuf: accept a comment string for strbuf_commented_addf() Jeff King
2024-03-12 9:17 ` [PATCH v2 09/16] strbuf: accept a comment string for strbuf_add_commented_lines() Jeff King
2024-03-12 9:17 ` [PATCH v2 10/16] prefer comment_line_str to comment_line_char for printing Jeff King
2024-03-12 9:17 ` [PATCH v2 11/16] find multi-byte comment chars in NUL-terminated strings Jeff King
2024-03-12 9:17 ` [PATCH v2 12/16] find multi-byte comment chars in unterminated buffers Jeff King
2024-03-12 9:17 ` [PATCH v2 13/16] sequencer: handle multi-byte comment characters when writing todo list Jeff King
2024-03-12 9:17 ` [PATCH v2 14/16] wt-status: drop custom comment-char stringification Jeff King
2024-03-12 9:17 ` [PATCH v2 15/16] environment: drop comment_line_char compatibility macro Jeff King
2024-03-12 9:17 ` [PATCH v2 16/16] config: allow multi-byte core.commentChar Jeff King
2024-03-13 18:23 ` Kristoffer Haugsbakk
2024-03-13 18:39 ` Junio C Hamano
2024-03-15 5:59 ` Jeff King
2024-03-15 7:16 ` Kristoffer Haugsbakk
2024-03-15 8:10 ` Jeff King
2024-03-15 13:30 ` Kristoffer Haugsbakk
2024-03-15 15:40 ` Junio C Hamano
2024-03-16 5:50 ` Jeff King
2024-03-26 22:10 ` Junio C Hamano
2024-03-26 22:12 ` Kristoffer Haugsbakk
2024-03-27 7:46 ` Jeff King
2024-03-27 8:19 ` [PATCH 17/16] config: add core.commentString Jeff King
2024-03-27 12:45 ` Chris Torek
2024-03-27 16:13 ` Junio C Hamano
2024-03-28 9:47 ` Jeff King
2024-03-27 14:53 ` [PATCH v2 16/16] config: allow multi-byte core.commentChar Junio C Hamano
2024-03-12 14:40 ` [PATCH v2 0/16] " phillip.wood123
2024-03-12 20:30 ` Junio C Hamano
2024-03-05 16:58 ` Clarify the meaning of "character" in the documentation Kristoffer Haugsbakk
2024-03-05 17:20 ` Dragan Simic
2024-03-05 17:37 ` Kristoffer Haugsbakk
2024-03-05 21:19 ` Dragan Simic
2024-03-05 16:51 ` Kristoffer Haugsbakk
2024-03-05 17:37 ` Junio C Hamano
2024-03-05 17:49 ` Kristoffer Haugsbakk
2024-03-05 22:48 ` brian m. carlson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=742ed8e6-d68b-47a0-8d57-731716c5365d@web.de \
--to=l.s.r@web.de \
--cc=code@khaugsbakk.name \
--cc=dsimic@manjaro.org \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=manlio.perillo@gmail.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).