--- /dev/null
+Git v2.4.11 Release Notes
+=========================
+
+Fixes since v2.4.10
+-------------------
+
+ * Bugfix patches were backported from the 'master' front to plug heap
+ corruption holes, to catch integer overflow in the computation of
+ pathname lengths, and to get rid of the name_path API. Both of
+ these would have resulted in writing over an under-allocated buffer
+ when formulating pathnames while tree traversal.
branch of the `git.git` repository.
Documentation for older releases are available here:
-* link:v2.4.10/git.html[documentation for release 2.4.10]
+* link:v2.4.11/git.html[documentation for release 2.4.11]
* release notes for
+ link:RelNotes/2.4.11.txt[2.4.11],
link:RelNotes/2.4.10.txt[2.4.10],
link:RelNotes/2.4.9.txt[2.4.9],
link:RelNotes/2.4.8.txt[2.4.8],
#!/bin/sh
GVF=GIT-VERSION-FILE
-DEF_VER=v2.4.10
+DEF_VER=v2.4.11
LF='
'
-Documentation/RelNotes/2.4.10.txt
\ No newline at end of file
+Documentation/RelNotes/2.4.11.txt
\ No newline at end of file
index_commit_for_bitmap(commit);
}
-static void show_object(struct object *obj,
- const struct name_path *path, const char *last,
- void *data)
+static void show_object(struct object *obj, const char *name, void *data)
{
- char *name = path_name(path, last);
-
add_preferred_base_object(name);
add_object_entry(obj->sha1, obj->type, name, 0);
obj->flags |= OBJECT_ADDED;
-
- /*
- * We will have generated the hash from the name,
- * but not saved a pointer to it - we can free it
- */
- free((char *)name);
}
static void show_edge(struct commit *commit)
}
static void record_recent_object(struct object *obj,
- const struct name_path *path,
- const char *last,
+ const char *name,
void *data)
{
sha1_array_append(&recent_objects, obj->sha1);
free_commit_buffer(commit);
}
-static void finish_object(struct object *obj,
- const struct name_path *path, const char *name,
- void *cb_data)
+static void finish_object(struct object *obj, const char *name, void *cb_data)
{
struct rev_list_info *info = cb_data;
if (obj->type == OBJ_BLOB && !has_sha1_file(obj->sha1))
parse_object(obj->sha1);
}
-static void show_object(struct object *obj,
- const struct name_path *path, const char *component,
- void *cb_data)
+static void show_object(struct object *obj, const char *name, void *cb_data)
{
struct rev_list_info *info = cb_data;
- finish_object(obj, path, component, cb_data);
+ finish_object(obj, name, cb_data);
if (info->flags & REV_LIST_QUIET)
return;
- show_object_with_name(stdout, obj, path, component);
+ show_object_with_name(stdout, obj, name);
}
static void show_edge(struct commit *commit)
} parent[FLEX_ARRAY];
};
#define combine_diff_path_size(n, l) \
- (sizeof(struct combine_diff_path) + \
- sizeof(struct combine_diff_parent) * (n) + (l) + 1)
+ st_add4(sizeof(struct combine_diff_path), (l), 1, \
+ st_mult(sizeof(struct combine_diff_parent), (n)))
extern void show_combined_diff(struct combine_diff_path *elem, int num_parent,
int dense, struct rev_info *);
#define unsigned_add_overflows(a, b) \
((b) > maximum_unsigned_value_of_type(a) - (a))
+/*
+ * Returns true if the multiplication of "a" and "b" will
+ * overflow. The types of "a" and "b" must match and must be unsigned.
+ * Note that this macro evaluates "a" twice!
+ */
+#define unsigned_mult_overflows(a, b) \
+ ((a) && (b) > maximum_unsigned_value_of_type(a) / (a))
+
#ifdef __GNUC__
#define TYPEOF(x) (__typeof__(x))
#else
typedef void (*try_to_free_t)(size_t);
extern try_to_free_t set_try_to_free_routine(try_to_free_t);
+static inline size_t st_add(size_t a, size_t b)
+{
+ if (unsigned_add_overflows(a, b))
+ die("size_t overflow: %"PRIuMAX" + %"PRIuMAX,
+ (uintmax_t)a, (uintmax_t)b);
+ return a + b;
+}
+#define st_add3(a,b,c) st_add((a),st_add((b),(c)))
+#define st_add4(a,b,c,d) st_add((a),st_add3((b),(c),(d)))
+
+static inline size_t st_mult(size_t a, size_t b)
+{
+ if (unsigned_mult_overflows(a, b))
+ die("size_t overflow: %"PRIuMAX" * %"PRIuMAX,
+ (uintmax_t)a, (uintmax_t)b);
+ return a * b;
+}
+
+static inline size_t st_sub(size_t a, size_t b)
+{
+ if (a < b)
+ die("size_t underflow: %"PRIuMAX" - %"PRIuMAX,
+ (uintmax_t)a, (uintmax_t)b);
+ return a - b;
+}
+
#ifdef HAVE_ALLOCA_H
# include <alloca.h>
# define xalloca(size) (alloca(size))
}
static struct object_list **process_blob(struct blob *blob,
- struct object_list **p,
- struct name_path *path,
- const char *name)
+ struct object_list **p)
{
struct object *obj = &blob->object;
}
static struct object_list **process_tree(struct tree *tree,
- struct object_list **p,
- struct name_path *path,
- const char *name)
+ struct object_list **p)
{
struct object *obj = &tree->object;
struct tree_desc desc;
struct name_entry entry;
- struct name_path me;
obj->flags |= LOCAL;
die("bad tree object %s", sha1_to_hex(obj->sha1));
obj->flags |= SEEN;
- name = xstrdup(name);
p = add_one_object(obj, p);
- me.up = path;
- me.elem = name;
- me.elem_len = strlen(name);
init_tree_desc(&desc, tree->buffer, tree->size);
while (tree_entry(&desc, &entry))
switch (object_type(entry.mode)) {
case OBJ_TREE:
- p = process_tree(lookup_tree(entry.sha1), p, &me, name);
+ p = process_tree(lookup_tree(entry.sha1), p);
break;
case OBJ_BLOB:
- p = process_blob(lookup_blob(entry.sha1), p, &me, name);
+ p = process_blob(lookup_blob(entry.sha1), p);
break;
default:
/* Subproject commit - not in this repository */
int count = 0;
while ((commit = get_revision(revs)) != NULL) {
- p = process_tree(commit->tree, p, NULL, "");
+ p = process_tree(commit->tree, p);
commit->object.flags |= LOCAL;
if (!(commit->object.flags & UNINTERESTING))
count += add_send_request(&commit->object, lock);
continue;
}
if (obj->type == OBJ_TREE) {
- p = process_tree((struct tree *)obj, p, NULL, name);
+ p = process_tree((struct tree *)obj, p);
continue;
}
if (obj->type == OBJ_BLOB) {
- p = process_blob((struct blob *)obj, p, NULL, name);
+ p = process_blob((struct blob *)obj, p);
continue;
}
die("unknown pending object %s (%s)", sha1_to_hex(obj->sha1), name);
static void process_blob(struct rev_info *revs,
struct blob *blob,
show_object_fn show,
- struct name_path *path,
+ struct strbuf *path,
const char *name,
void *cb_data)
{
struct object *obj = &blob->object;
+ size_t pathlen;
if (!revs->blob_objects)
return;
if (obj->flags & (UNINTERESTING | SEEN))
return;
obj->flags |= SEEN;
- show(obj, path, name, cb_data);
+
+ pathlen = path->len;
+ strbuf_addstr(path, name);
+ show(obj, path->buf, cb_data);
+ strbuf_setlen(path, pathlen);
}
/*
static void process_gitlink(struct rev_info *revs,
const unsigned char *sha1,
show_object_fn show,
- struct name_path *path,
+ struct strbuf *path,
const char *name,
void *cb_data)
{
static void process_tree(struct rev_info *revs,
struct tree *tree,
show_object_fn show,
- struct name_path *path,
struct strbuf *base,
const char *name,
void *cb_data)
struct object *obj = &tree->object;
struct tree_desc desc;
struct name_entry entry;
- struct name_path me;
enum interesting match = revs->diffopt.pathspec.nr == 0 ?
all_entries_interesting: entry_not_interesting;
int baselen = base->len;
return;
die("bad tree object %s", sha1_to_hex(obj->sha1));
}
+
obj->flags |= SEEN;
- show(obj, path, name, cb_data);
- me.up = path;
- me.elem = name;
- me.elem_len = strlen(name);
-
- if (!match) {
- strbuf_addstr(base, name);
- if (base->len)
- strbuf_addch(base, '/');
- }
+ strbuf_addstr(base, name);
+ show(obj, base->buf, cb_data);
+ if (base->len)
+ strbuf_addch(base, '/');
init_tree_desc(&desc, tree->buffer, tree->size);
if (S_ISDIR(entry.mode))
process_tree(revs,
lookup_tree(entry.sha1),
- show, &me, base, entry.path,
+ show, base, entry.path,
cb_data);
else if (S_ISGITLINK(entry.mode))
process_gitlink(revs, entry.sha1,
- show, &me, entry.path,
+ show, base, entry.path,
cb_data);
else
process_blob(revs,
lookup_blob(entry.sha1),
- show, &me, entry.path,
+ show, base, entry.path,
cb_data);
}
strbuf_setlen(base, baselen);
continue;
if (obj->type == OBJ_TAG) {
obj->flags |= SEEN;
- show_object(obj, NULL, name, data);
+ show_object(obj, name, data);
continue;
}
if (!path)
path = "";
if (obj->type == OBJ_TREE) {
process_tree(revs, (struct tree *)obj, show_object,
- NULL, &base, path, data);
+ &base, path, data);
continue;
}
if (obj->type == OBJ_BLOB) {
process_blob(revs, (struct blob *)obj, show_object,
- NULL, path, data);
+ &base, path, data);
continue;
}
die("unknown pending object %s (%s)",
#define LIST_OBJECTS_H
typedef void (*show_commit_fn)(struct commit *, void *);
-typedef void (*show_object_fn)(struct object *, const struct name_path *, const char *, void *);
+typedef void (*show_object_fn)(struct object *, const char *, void *);
void traverse_commit_list(struct rev_info *, show_commit_fn, show_object_fn, void *);
typedef void (*show_edge_fn)(struct commit *);
return entry->in_pack_pos;
}
-static void show_object(struct object *object, const struct name_path *path,
- const char *last, void *data)
+static void show_object(struct object *object, const char *name, void *data)
{
struct bitmap *base = data;
bitmap_set(base, find_object_pos(object->sha1));
return bitmap_pos + bitmap_git.pack->num_objects;
}
-static void show_object(struct object *object, const struct name_path *path,
- const char *last, void *data)
+static void show_object(struct object *object, const char *name, void *data)
{
struct bitmap *base = data;
int bitmap_pos;
bitmap_pos = bitmap_position(object->sha1);
- if (bitmap_pos < 0) {
- char *name = path_name(path, last);
+ if (bitmap_pos < 0)
bitmap_pos = ext_index_add_object(object, name);
- free(name);
- }
bitmap_set(base, bitmap_pos);
}
size_t seen;
};
-static void test_show_object(struct object *object,
- const struct name_path *path,
- const char *last, void *data)
+static void test_show_object(struct object *object, const char *name,
+ void *data)
{
struct bitmap_test_data *tdata = data;
int bitmap_pos;
* The traversal will have already marked us as SEEN, so we
* only need to handle any progress reporting here.
*/
-static void mark_object(struct object *obj, const struct name_path *path,
- const char *name, void *data)
+static void mark_object(struct object *obj, const char *name, void *data)
{
update_progress(data);
}
static void mark_commit(struct commit *c, void *data)
{
- mark_object(&c->object, NULL, NULL, data);
+ mark_object(&c->object, NULL, data);
}
struct recent_data {
volatile show_early_output_fn_t show_early_output;
-char *path_name(const struct name_path *path, const char *name)
-{
- const struct name_path *p;
- char *n, *m;
- int nlen = strlen(name);
- int len = nlen + 1;
-
- for (p = path; p; p = p->up) {
- if (p->elem_len)
- len += p->elem_len + 1;
- }
- n = xmalloc(len);
- m = n + len - (nlen + 1);
- strcpy(m, name);
- for (p = path; p; p = p->up) {
- if (p->elem_len) {
- m -= p->elem_len + 1;
- memcpy(m, p->elem, p->elem_len);
- m[p->elem_len] = '/';
- }
- }
- return n;
-}
-
-static int show_path_component_truncated(FILE *out, const char *name, int len)
-{
- int cnt;
- for (cnt = 0; cnt < len; cnt++) {
- int ch = name[cnt];
- if (!ch || ch == '\n')
- return -1;
- fputc(ch, out);
- }
- return len;
-}
-
-static int show_path_truncated(FILE *out, const struct name_path *path)
-{
- int emitted, ours;
-
- if (!path)
- return 0;
- emitted = show_path_truncated(out, path->up);
- if (emitted < 0)
- return emitted;
- if (emitted)
- fputc('/', out);
- ours = show_path_component_truncated(out, path->elem, path->elem_len);
- if (ours < 0)
- return ours;
- return ours || emitted;
-}
-
-void show_object_with_name(FILE *out, struct object *obj,
- const struct name_path *path, const char *component)
+void show_object_with_name(FILE *out, struct object *obj, const char *name)
{
- struct name_path leaf;
- leaf.up = (struct name_path *)path;
- leaf.elem = component;
- leaf.elem_len = strlen(component);
+ const char *p;
fprintf(out, "%s ", sha1_to_hex(obj->sha1));
- show_path_truncated(out, &leaf);
+ for (p = name; *p && *p != '\n'; p++)
+ fputc(*p, out);
fputc('\n', out);
}
extern void mark_parents_uninteresting(struct commit *commit);
extern void mark_tree_uninteresting(struct tree *tree);
-struct name_path {
- struct name_path *up;
- int elem_len;
- const char *elem;
-};
-
-char *path_name(const struct name_path *path, const char *name);
+char *path_name(struct strbuf *path, const char *name);
-extern void show_object_with_name(FILE *, struct object *,
- const struct name_path *, const char *);
+extern void show_object_with_name(FILE *, struct object *, const char *);
extern void add_pending_object(struct rev_info *revs,
struct object *obj, const char *name);
unsigned mode, const unsigned char *sha1)
{
struct combine_diff_path *p;
- int len = base->len + pathlen;
- int alloclen = combine_diff_path_size(nparent, len);
+ size_t len = st_add(base->len, pathlen);
+ size_t alloclen = combine_diff_path_size(nparent, len);
/* if last->next is !NULL - it is a pre-allocated memory, we can reuse */
p = last->next;
projects / platform / upstream / git.git / commitdiff