index-pack: more validation checks and cleanups
When appending objects to a pack, make sure the appended data is really what we expect instead of simply loading potentially corrupted objects and legitimating them by computing a SHA1 of that corrupt data. With this the sha1_object() can lose its test_for_collision parameter which is now redundent. Signed-off-by: Nicolas Pitre <nico@cam.org> Signed-off-by: Junio C Hamano <junkio@cox.net>
This commit is contained in:
Nicolas Pitre
Junio C Hamano
parent
ce9fbf16e0
commit
9096c660a8
18
index-pack.c
18
index-pack.c
@ -345,12 +345,10 @@ static int find_delta_children(const union delta_base *base,
|
|||||||
}
|
}
|
||||||
|
|
||||||
static void sha1_object(const void *data, unsigned long size,
|
static void sha1_object(const void *data, unsigned long size,
|
||||||
enum object_type type, unsigned char *sha1,
|
enum object_type type, unsigned char *sha1)
|
||||||
int test_for_collision)
|
|
||||||
{
|
{
|
||||||
hash_sha1_file(data, size, typename(type), sha1);
|
hash_sha1_file(data, size, typename(type), sha1);
|
||||||
|
if (has_sha1_file(sha1)) {
|
||||||
if (test_for_collision && has_sha1_file(sha1)) {
|
|
||||||
void *has_data;
|
void *has_data;
|
||||||
enum object_type has_type;
|
enum object_type has_type;
|
||||||
unsigned long has_size;
|
unsigned long has_size;
|
||||||
@ -381,7 +379,7 @@ static void resolve_delta(struct object_entry *delta_obj, void *base_data,
|
|||||||
free(delta_data);
|
free(delta_data);
|
||||||
if (!result)
|
if (!result)
|
||||||
bad_object(delta_obj->offset, "failed to apply delta");
|
bad_object(delta_obj->offset, "failed to apply delta");
|
||||||
sha1_object(result, result_size, type, delta_obj->sha1, 1);
|
sha1_object(result, result_size, type, delta_obj->sha1);
|
||||||
nr_resolved_deltas++;
|
nr_resolved_deltas++;
|
||||||
|
|
||||||
hashcpy(delta_base.sha1, delta_obj->sha1);
|
hashcpy(delta_base.sha1, delta_obj->sha1);
|
||||||
@ -438,7 +436,7 @@ static void parse_pack_objects(unsigned char *sha1)
|
|||||||
delta->obj_no = i;
|
delta->obj_no = i;
|
||||||
delta++;
|
delta++;
|
||||||
} else
|
} else
|
||||||
sha1_object(data, obj->size, obj->type, obj->sha1, 1);
|
sha1_object(data, obj->size, obj->type, obj->sha1);
|
||||||
free(data);
|
free(data);
|
||||||
if (verbose)
|
if (verbose)
|
||||||
percent = display_progress(i+1, nr_objects, percent);
|
percent = display_progress(i+1, nr_objects, percent);
|
||||||
@ -541,7 +539,7 @@ static int write_compressed(int fd, void *in, unsigned int size)
|
|||||||
return size;
|
return size;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void append_obj_to_pack(void *buf,
|
static void append_obj_to_pack(const unsigned char *sha1, void *buf,
|
||||||
unsigned long size, enum object_type type)
|
unsigned long size, enum object_type type)
|
||||||
{
|
{
|
||||||
struct object_entry *obj = &objects[nr_objects++];
|
struct object_entry *obj = &objects[nr_objects++];
|
||||||
@ -559,7 +557,7 @@ static void append_obj_to_pack(void *buf,
|
|||||||
write_or_die(output_fd, header, n);
|
write_or_die(output_fd, header, n);
|
||||||
obj[1].offset = obj[0].offset + n;
|
obj[1].offset = obj[0].offset + n;
|
||||||
obj[1].offset += write_compressed(output_fd, buf, size);
|
obj[1].offset += write_compressed(output_fd, buf, size);
|
||||||
sha1_object(buf, size, type, obj->sha1, 0);
|
hashcpy(obj->sha1, sha1);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int delta_pos_compare(const void *_a, const void *_b)
|
static int delta_pos_compare(const void *_a, const void *_b)
|
||||||
@ -612,7 +610,9 @@ static void fix_unresolved_deltas(int nr_unresolved)
|
|||||||
resolve_delta(child, data, size, type);
|
resolve_delta(child, data, size, type);
|
||||||
}
|
}
|
||||||
|
|
||||||
append_obj_to_pack(data, size, type);
|
if (check_sha1_signature(d->base.sha1, data, size, typename(type)))
|
||||||
|
die("local object %s is corrupt", sha1_to_hex(d->base.sha1));
|
||||||
|
append_obj_to_pack(d->base.sha1, data, size, type);
|
||||||
free(data);
|
free(data);
|
||||||
if (verbose)
|
if (verbose)
|
||||||
percent = display_progress(nr_resolved_deltas,
|
percent = display_progress(nr_resolved_deltas,
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user