From: Eric Sunshine <sunshine@sunshineco.com>
To: Jeremy Linton <lintonrjeremy@gmail.com>
Cc: Git List <git@vger.kernel.org>,
Jonathan Tan <jonathantanmy@google.com>,
Junio C Hamano <gitster@pobox.com>
Subject: Re: [PATCH] packfile: Correct zlib buffer handling
Date: Fri, 25 May 2018 19:36:42 -0400 [thread overview]
Message-ID: <CAPig+cS=7EbGviDYoNFNF-CrMfCY4mySQoWX3JtJBhbNf105sw@mail.gmail.com> (raw)
In-Reply-To: <20180525231713.23047-1-lintonrjeremy@gmail.com>
On Fri, May 25, 2018 at 7:17 PM, Jeremy Linton <lintonrjeremy@gmail.com> wrote:
> The buffer being passed to zlib includes a null terminator that
> git needs to keep in place. unpack_compressed_entry() attempts to
> detect the case that the source buffer hasn't been fully consumed
> by checking to see if the destination buffer has been over consumed.
>
> This yields two problems, first a single byte overrun won't be detected
> properly because the Z_STREAM_END will then be set, but the null
> terminator will have been overwritten. The other problem is that
> more recent zlib patches have been poisoning the unconsumed portions
> of the buffers which also overwrites the null, while correctly
> returning length and status.
>
> Lets rely on the fact that the source buffer will only be fully
s/Lets/Let's/
> consumed when the when the destination buffer is inflated to the
s/when the when the/when the/
> correct size. We can do this by passing zlib the correct buffer size
> and properly checking the return status. The latter check actually
> already exists if the buffer size is correct.
>
> Signed-off-by: Jeremy Linton <lintonrjeremy@gmail.com>
next prev parent reply other threads:[~2018-05-25 23:36 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-25 23:17 [PATCH] packfile: Correct zlib buffer handling Jeremy Linton
2018-05-25 23:36 ` Eric Sunshine [this message]
2018-05-26 1:06 ` Todd Zullinger
-- strict thread matches above, loose matches on Subject: below --
2018-05-25 22:56 Jeremy Linton
2018-05-26 5:51 ` Duy Nguyen
2018-05-26 23:57 ` Junio C Hamano
2018-05-27 5:02 ` Duy Nguyen
2018-05-27 11:53 ` Junio C Hamano
2018-05-28 2:41 ` Junio C Hamano
2018-06-13 1:04 ` Jeremy Linton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAPig+cS=7EbGviDYoNFNF-CrMfCY4mySQoWX3JtJBhbNf105sw@mail.gmail.com' \
--to=sunshine@sunshineco.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=jonathantanmy@google.com \
--cc=lintonrjeremy@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).