undef/git-commit-vandalism
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
47fe3f6ef0
git-commit-vandalism/builtin
History
Jeff King 47fe3f6ef0 nth_packed_object_offset: bounds-check extended offset 
If a pack .idx file has a corrupted offset for an object, we
may try to access an offset in the .idx or .pack file that
is larger than the file's size.  For the .pack case, we have
use_pack() to protect us, which realizes the access is out
of bounds. But if the corrupted value asks us to look in the
.idx file's secondary 64-bit offset table, we blindly add it
to the mmap'd index data and access arbitrary memory.

We can fix this with a simple bounds-check compared to the
size we found when we opened the .idx file.

Note that there's similar code in index-pack that is
triggered only during "index-pack --verify". To support
both, we pull the bounds-check into a separate function,
which dies when it sees a corrupted file.

It would be nice if we could return an error, so that the
pack code could try to find a good copy of the object
elsewhere. Currently nth_packed_object_offset doesn't have
any way to return an error, but it could probably use "0" as
a sentinel value (since no object can start there). This is
the minimal fix, and we can improve the resilience later on
top.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2016-02-25 11:32:43 -08:00
..
add.c Merge branch 'jk/add-e-kill-editor' into maint 2015-06-05 12:00:09 -07:00
annotate.c annotate: use argv_array 2014-07-16 11:10:11 -07:00
apply.c builtin/apply.c: fix a memleak 2015-03-23 11:12:58 -07:00
archive.c
bisect--helper.c
blame.c Sync with 2.3.10 2015-09-28 15:28:31 -07:00
branch.c Merge branch 'dl/branch-error-message' into maint 2015-06-05 12:00:29 -07:00
bundle.c bundle: verify arguments more strictly 2015-05-08 10:52:11 -07:00
cat-file.c Merge branch 'ah/usage-strings' 2015-02-11 13:44:20 -08:00
check-attr.c standardize usage info string format 2015-01-14 09:32:04 -08:00
check-ignore.c standardize usage info string format 2015-01-14 09:32:04 -08:00
check-mailmap.c standardize usage info string format 2015-01-14 09:32:04 -08:00
check-ref-format.c standardize usage info string format 2015-01-14 09:32:04 -08:00
checkout-index.c standardize usage info string format 2015-01-14 09:32:04 -08:00
checkout.c standardize usage info string format 2015-01-14 09:32:04 -08:00
clean.c Merge branch 'rs/janitorial' into maint 2015-06-16 14:33:47 -07:00
clone.c clone: simplify string handling in guess_dir_name() 2015-07-09 14:21:29 -07:00
column.c standardize usage info string format 2015-01-14 09:32:04 -08:00
commit-tree.c commit-tree: simplify parsing of option -S using skip_prefix() 2014-12-29 09:32:45 -08:00
commit.c Merge branch 'pt/xdg-config-path' into maint 2015-06-05 12:00:04 -07:00
config.c Merge branch 'pt/xdg-config-path' into maint 2015-06-05 12:00:04 -07:00
count-objects.c count-objects: use for_each_loose_file_in_objdir 2014-10-16 10:10:41 -07:00
credential.c
describe.c standardize usage info string format 2015-01-14 09:32:04 -08:00
diff-files.c standardize usage info string format 2015-01-14 09:32:04 -08:00
diff-index.c standardize usage info string format 2015-01-14 09:32:04 -08:00
diff-tree.c standardize usage info string format 2015-01-14 09:32:04 -08:00
diff.c lockfile.h: extract new header file for the functions in lockfile.c 2014-10-01 13:56:14 -07:00
fast-export.c teach fast-export an --anonymize option 2014-08-27 10:42:16 -07:00
fetch-pack.c standardize usage info string format 2015-01-14 09:32:04 -08:00
fetch.c Merge branch 'mh/refs-have-new' 2015-03-05 12:45:39 -08:00
fmt-merge-msg.c Merge branch 'jc/plug-fmt-merge-msg-leak' into maint 2015-06-05 12:00:05 -07:00
for-each-ref.c Merge branch 'mh/reporting-broken-refs-from-for-each-ref' into maint 2015-08-03 10:41:31 -07:00
fsck.c fsck: report errors if reflog entries point at invalid objects 2015-06-08 12:40:36 -07:00
gc.c standardize usage info string format 2015-01-14 09:32:04 -08:00
get-tar-commit-id.c use skip_prefix() to avoid more magic numbers 2014-10-07 11:09:16 -07:00
grep.c Merge branch 'ps/grep-help-all-callback-arg' 2015-04-20 15:28:34 -07:00
hash-object.c Merge branch 'jc/hash-object' into maint 2015-05-26 13:49:25 -07:00
help.c Merge branch 'sb/leaks' 2015-03-20 13:11:53 -07:00
index-pack.c nth_packed_object_offset: bounds-check extended offset 2016-02-25 11:32:43 -08:00
init-db.c Merge branch 'jk/init-core-worktree-at-root' into maint 2015-05-13 14:05:49 -07:00
interpret-trailers.c trailer: add interpret-trailers command 2014-10-13 13:55:27 -07:00
log.c Merge branch 'jc/do-not-feed-tags-to-clear-commit-marks' into maint 2015-07-15 11:41:16 -07:00
ls-files.c Merge branch 'jc/report-path-error-to-dir' into maint 2015-03-31 14:53:08 -07:00
ls-remote.c standardize usage info string format 2015-01-14 09:32:04 -08:00
ls-tree.c ls-tree: disable negative pathspec because it's not supported 2014-12-01 11:33:45 -08:00
mailinfo.c standardize usage info string format 2015-01-14 09:32:04 -08:00
mailsplit.c mailsplit: remove unnecessary unlink(2) call 2014-10-07 10:49:57 -07:00
merge-base.c standardize usage info string format 2015-01-14 09:32:04 -08:00
merge-file.c Sync with 2.3.10 2015-09-28 15:28:31 -07:00
merge-index.c standardize usage info string format 2015-01-14 09:32:04 -08:00
merge-ours.c
merge-recursive.c
merge-tree.c react to errors in xdi_diff 2015-09-28 14:57:10 -07:00
merge.c Revert "merge: pass verbosity flag down to merge-recursive" 2015-04-16 08:03:14 -07:00
mktag.c
mktree.c
mv.c standardize usage info string format 2015-01-14 09:32:04 -08:00
name-rev.c standardize usage info string format 2015-01-14 09:32:04 -08:00
notes.c standardize usage info string format 2015-01-14 09:32:04 -08:00
pack-objects.c Merge branch 'jk/sha1-file-reduce-useless-warnings' into maint 2015-06-05 12:00:07 -07:00
pack-redundant.c standardize usage info string format 2015-01-14 09:32:04 -08:00
pack-refs.c standardize usage info string format 2015-01-14 09:32:04 -08:00
patch-id.c patch-id: make it stable against hunk reordering 2014-06-10 13:09:24 -07:00
prune-packed.c standardize usage info string format 2015-01-14 09:32:04 -08:00
prune.c prune: turn on ref_paranoia flag 2015-03-20 12:40:56 -07:00
push.c push: allow --follow-tags to be set by config push.followTags 2015-03-14 15:08:35 -07:00
read-tree.c lockfile.h: extract new header file for the functions in lockfile.c 2014-10-01 13:56:14 -07:00
receive-pack.c Merge branch 'jc/update-instead-into-void' 2015-04-14 11:49:10 -07:00
reflog.c reflog: improve and update documentation 2015-03-05 12:35:36 -08:00
remote-ext.c use skip_prefix() to avoid more magic numbers 2014-10-07 11:09:16 -07:00
remote-fd.c
remote.c Merge branch 'ah/usage-strings' 2015-02-11 13:44:20 -08:00
repack.c Merge branch 'jk/prune-with-corrupt-refs' 2015-03-25 12:54:26 -07:00
replace.c ref_transaction_update(): remove "have_old" parameter 2015-02-17 11:22:50 -08:00
rerere.c Sync with 2.3.10 2015-09-28 15:28:31 -07:00
reset.c lockfile.h: extract new header file for the functions in lockfile.c 2014-10-01 13:56:14 -07:00
rev-list.c Merge branch 'ls/hint-rev-list-count' into maint 2015-07-27 12:21:47 -07:00
rev-parse.c standardize usage info string format 2015-01-14 09:32:04 -08:00
revert.c standardize usage info string format 2015-01-14 09:32:04 -08:00
rm.c use file_exists() to check if a file exists in the worktree 2015-05-20 13:49:10 -07:00
send-pack.c send-pack.c: add --atomic command line argument 2015-01-07 19:56:44 -08:00
shortlog.c standardize usage info string format 2015-01-14 09:32:04 -08:00
show-branch.c Sync with 2.3.9 2015-09-04 10:34:19 -07:00
show-ref.c standardize usage info string format 2015-01-14 09:32:04 -08:00
stripspace.c
symbolic-ref.c standardize usage info string format 2015-01-14 09:32:04 -08:00
tag.c Merge branch 'jk/tag-h-column-is-a-listing-option' into maint 2015-03-27 13:00:23 -07:00
unpack-file.c
unpack-objects.c index-pack: terminate object buffers with NUL 2014-12-09 11:56:37 -08:00
update-index.c update-index: fix a memleak 2015-03-22 12:26:31 -07:00
update-ref.c ref_transaction_verify(): new function to check a reference's value 2015-02-17 11:24:59 -08:00
update-server-info.c
upload-archive.c
var.c
verify-commit.c standardize usage info string format 2015-01-14 09:32:04 -08:00
verify-pack.c standardize usage info string format 2015-01-14 09:32:04 -08:00
verify-tag.c standardize usage info string format 2015-01-14 09:32:04 -08:00
write-tree.c