From: Johannes Schindelin <Johannes.Schindelin@gmx.de>
To: Jeff King <peff@peff.net>
Cc: git@vger.kernel.org
Subject: Re: [PATCH 5/5] packfile: detect overflow in .idx file size checks
Date: Fri, 13 Nov 2020 12:02:41 +0100 (CET) [thread overview]
Message-ID: <nycvar.QRO.7.76.6.2011131200460.18437@tvgsbejvaqbjf.bet> (raw)
In-Reply-To: <20201113050719.GE744691@coredump.intra.peff.net>
Hi Peff,
On Fri, 13 Nov 2020, Jeff King wrote:
> diff --git a/packfile.c b/packfile.c
> index 63fe9ee8be..9702b1218b 100644
> --- a/packfile.c
> +++ b/packfile.c
> @@ -148,7 +148,7 @@ int load_idx(const char *path, const unsigned int hashsz, void *idx_map,
> * - hash of the packfile
> * - file checksum
> */
> - if (idx_size != 4 * 256 + (size_t)nr * (hashsz + 4) + hashsz + hashsz)
> + if (idx_size != st_add(4 * 256 + hashsz + hashsz, st_mult(nr, hashsz + 4)))
> return error("wrong index v1 file size in %s", path);
> } else if (version == 2) {
> /*
> @@ -164,10 +164,10 @@ int load_idx(const char *path, const unsigned int hashsz, void *idx_map,
> * variable sized table containing 8-byte entries
> * for offsets larger than 2^31.
> */
> - size_t min_size = 8 + 4*256 + (size_t)nr*(hashsz + 4 + 4) + hashsz + hashsz;
> + size_t min_size = st_add(8 + 4*256 + hashsz + hashsz, st_mult(nr, hashsz + 4 + 4));
> size_t max_size = min_size;
> if (nr)
> - max_size += ((size_t)nr - 1)*8;
> + max_size = st_add(max_size, st_mult(nr - 1, 8));
I wondered about these multiplications and whether we should use the
`st_*()` helpers, when reading 1/5. And I am glad I read on!
FWIW I like all five patches.
Thanks,
Dscho
> if (idx_size < min_size || idx_size > max_size)
> return error("wrong index v2 file size in %s", path);
> if (idx_size != min_size &&
> --
> 2.29.2.705.g306f91dc4e
>
next prev parent reply other threads:[~2020-11-13 11:17 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-13 5:06 [PATCH 0/5] handling 4GB .idx files Jeff King
2020-11-13 5:06 ` [PATCH 1/5] compute pack .idx byte offsets using size_t Jeff King
2020-11-13 5:07 ` [PATCH 2/5] use size_t to store pack .idx byte offsets Jeff King
2020-11-13 5:07 ` [PATCH 3/5] fsck: correctly compute checksums on idx files larger than 4GB Jeff King
2020-11-13 5:07 ` [PATCH 4/5] block-sha1: take a size_t length parameter Jeff King
2020-11-13 5:07 ` [PATCH 5/5] packfile: detect overflow in .idx file size checks Jeff King
2020-11-13 11:02 ` Johannes Schindelin [this message]
2020-11-15 14:43 ` [PATCH 0/5] handling 4GB .idx files Thomas Braun
2020-11-16 4:10 ` Jeff King
2020-11-16 13:30 ` Derrick Stolee
2020-11-16 23:49 ` Jeff King
2020-11-30 22:57 ` Thomas Braun
2020-12-01 11:23 ` Jeff King
2020-12-01 11:39 ` t7900's new expensive test Jeff King
2020-12-01 20:55 ` Derrick Stolee
2020-12-02 2:47 ` [PATCH] t7900: speed up " Jeff King
2020-12-03 15:23 ` Derrick Stolee
2020-12-01 18:27 ` [PATCH 0/5] handling 4GB .idx files Taylor Blau
2020-12-02 13:12 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=nycvar.QRO.7.76.6.2011131200460.18437@tvgsbejvaqbjf.bet \
--to=johannes.schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).