9d2e330b17
The on-disk ewah format tells us how big the ewah data is,
and we blindly read that much from the buffer without
considering whether the mmap'd data is long enough, which
can lead to out-of-bound reads.
Let's make sure we have data available before reading it,
both for the ewah header/footer as well as for the bit data
itself. In particular:
- keep our ptr/len pair in sync as we move through the
buffer, and check it before each read
- check the size for integer overflow (this should be
impossible on 64-bit, as the size is given as a 32-bit
count of 8-byte words, but is possible on a 32-bit
system)
- return the number of bytes read as an ssize_t instead of
an int, again to prevent integer overflow
- compute the return value using a pointer difference;
this should yield the same result as the existing code,
but makes it more obvious that we got our computations
right
The included test is far from comprehensive, as it just
picks a static point at which to truncate the generated
bitmap. But in practice this will hit in the middle of an
ewah and make sure we're at least exercising this code.
Reported-by: Luat Nguyen <root@l4w.io>
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
|
||
|---|---|---|
| .github | ||
| Documentation | ||
| block-sha1 | ||
| builtin | ||
| ci | ||
| compat | ||
| contrib | ||
| ewah | ||
| git-gui | ||
| gitk-git | ||
| gitweb | ||
| mergetools | ||
| perl | ||
| po | ||
| ppc | ||
| refs | ||
| sha1collisiondetection@19d97bf5af | ||
| sha1dc | ||
| t | ||
| templates | ||
| vcs-svn | ||
| xdiff | ||
| .clang-format | ||
| .gitattributes | ||
| .gitignore | ||
| .gitmodules | ||
| .mailmap | ||
| .travis.yml | ||
| .tsan-suppressions | ||
| COPYING | ||
| GIT-VERSION-GEN | ||
| INSTALL | ||
| LGPL-2.1 | ||
| Makefile | ||
| README.md | ||
| RelNotes | ||
| abspath.c | ||
| aclocal.m4 | ||
| advice.c | ||
| advice.h | ||
| alias.c | ||
| alloc.c | ||
| apply.c | ||
| apply.h | ||
| archive-tar.c | ||
| archive-zip.c | ||
| archive.c | ||
| archive.h | ||
| argv-array.c | ||
| argv-array.h | ||
| attr.c | ||
| attr.h | ||
| base85.c | ||
| bisect.c | ||
| bisect.h | ||
| blame.c | ||
| blame.h | ||
| blob.c | ||
| blob.h | ||
| branch.c | ||
| branch.h | ||
| builtin.h | ||
| bulk-checkin.c | ||
| bulk-checkin.h | ||
| bundle.c | ||
| bundle.h | ||
| cache-tree.c | ||
| cache-tree.h | ||
| cache.h | ||
| check-builtins.sh | ||
| check-racy.c | ||
| check_bindir | ||
| checkout.c | ||
| checkout.h | ||
| color.c | ||
| color.h | ||
| column.c | ||
| column.h | ||
| combine-diff.c | ||
| command-list.txt | ||
| commit-slab.h | ||
| commit.c | ||
| commit.h | ||
| common-main.c | ||
| config.c | ||
| config.h | ||
| config.mak.in | ||
| config.mak.uname | ||
| configure.ac | ||
| connect.c | ||
| connect.h | ||
| connected.c | ||
| connected.h | ||
| convert.c | ||
| convert.h | ||
| copy.c | ||
| credential-cache--daemon.c | ||
| credential-cache.c | ||
| credential-store.c | ||
| credential.c | ||
| credential.h | ||
| csum-file.c | ||
| csum-file.h | ||
| ctype.c | ||
| daemon.c | ||
| date.c | ||
| decorate.c | ||
| decorate.h | ||
| delta.h | ||
| diff-delta.c | ||
| diff-lib.c | ||
| diff-no-index.c | ||
| diff.c | ||
| diff.h | ||
| diffcore-break.c | ||
| diffcore-delta.c | ||
| diffcore-order.c | ||
| diffcore-pickaxe.c | ||
| diffcore-rename.c | ||
| diffcore.h | ||
| dir-iterator.c | ||
| dir-iterator.h | ||
| dir.c | ||
| dir.h | ||
| editor.c | ||
| entry.c | ||
| environment.c | ||
| exec_cmd.c | ||
| exec_cmd.h | ||
| fast-import.c | ||
| fetch-pack.c | ||
| fetch-pack.h | ||
| fmt-merge-msg.h | ||
| fsck.c | ||
| fsck.h | ||
| fsmonitor.c | ||
| fsmonitor.h | ||
| generate-cmdlist.sh | ||
| gettext.c | ||
| gettext.h | ||
| git-add--interactive.perl | ||
| git-archimport.perl | ||
| git-bisect.sh | ||
| git-compat-util.h | ||
| git-cvsexportcommit.perl | ||
| git-cvsimport.perl | ||
| git-cvsserver.perl | ||
| git-difftool--helper.sh | ||
| git-filter-branch.sh | ||
| git-instaweb.sh | ||
| git-merge-octopus.sh | ||
| git-merge-one-file.sh | ||
| git-merge-resolve.sh | ||
| git-mergetool--lib.sh | ||
| git-mergetool.sh | ||
| git-p4.py | ||
| git-parse-remote.sh | ||
| git-quiltimport.sh | ||
| git-rebase--am.sh | ||
| git-rebase--interactive.sh | ||
| git-rebase--merge.sh | ||
| git-rebase.sh | ||
| git-remote-testgit.sh | ||
| git-request-pull.sh | ||
| git-send-email.perl | ||
| git-sh-i18n.sh | ||
| git-sh-setup.sh | ||
| git-stash.sh | ||
| git-submodule.sh | ||
| git-svn.perl | ||
| git-web--browse.sh | ||
| git.c | ||
| git.rc | ||
| gpg-interface.c | ||
| gpg-interface.h | ||
| graph.c | ||
| graph.h | ||
| grep.c | ||
| grep.h | ||
| hash.h | ||
| hashmap.c | ||
| hashmap.h | ||
| help.c | ||
| help.h | ||
| hex.c | ||
| http-backend.c | ||
| http-fetch.c | ||
| http-push.c | ||
| http-walker.c | ||
| http.c | ||
| http.h | ||
| ident.c | ||
| imap-send.c | ||
| iterator.h | ||
| khash.h | ||
| kwset.c | ||
| kwset.h | ||
| levenshtein.c | ||
| levenshtein.h | ||
| line-log.c | ||
| line-log.h | ||
| line-range.c | ||
| line-range.h | ||
| list-objects-filter-options.c | ||
| list-objects-filter-options.h | ||
| list-objects-filter.c | ||
| list-objects-filter.h | ||
| list-objects.c | ||
| list-objects.h | ||
| list.h | ||
| ll-merge.c | ||
| ll-merge.h | ||
| lockfile.c | ||
| lockfile.h | ||
| log-tree.c | ||
| log-tree.h | ||
| mailinfo.c | ||
| mailinfo.h | ||
| mailmap.c | ||
| mailmap.h | ||
| match-trees.c | ||
| merge-blobs.c | ||
| merge-blobs.h | ||
| merge-recursive.c | ||
| merge-recursive.h | ||
| merge.c | ||
| mergesort.c | ||
| mergesort.h | ||
| mru.c | ||
| mru.h | ||
| name-hash.c | ||
| notes-cache.c | ||
| notes-cache.h | ||
| notes-merge.c | ||
| notes-merge.h | ||
| notes-utils.c | ||
| notes-utils.h | ||
| notes.c | ||
| notes.h | ||
| object.c | ||
| object.h | ||
| oidmap.c | ||
| oidmap.h | ||
| oidset.c | ||
| oidset.h | ||
| pack-bitmap-write.c | ||
| pack-bitmap.c | ||
| pack-bitmap.h | ||
| pack-check.c | ||
| pack-objects.c | ||
| pack-objects.h | ||
| pack-revindex.c | ||
| pack-revindex.h | ||
| pack-write.c | ||
| pack.h | ||
| packfile.c | ||
| packfile.h | ||
| pager.c | ||
| parse-options-cb.c | ||
| parse-options.c | ||
| parse-options.h | ||
| patch-delta.c | ||
| patch-ids.c | ||
| patch-ids.h | ||
| path.c | ||
| path.h | ||
| pathspec.c | ||
| pathspec.h | ||
| pkt-line.c | ||
| pkt-line.h | ||
| preload-index.c | ||
| pretty.c | ||
| pretty.h | ||
| prio-queue.c | ||
| prio-queue.h | ||
| progress.c | ||
| progress.h | ||
| prompt.c | ||
| prompt.h | ||
| protocol.c | ||
| protocol.h | ||
| quote.c | ||
| quote.h | ||
| reachable.c | ||
| reachable.h | ||
| read-cache.c | ||
| ref-filter.c | ||
| ref-filter.h | ||
| reflog-walk.c | ||
| reflog-walk.h | ||
| refs.c | ||
| refs.h | ||
| remote-curl.c | ||
| remote-testsvn.c | ||
| remote.c | ||
| remote.h | ||
| replace_object.c | ||
| repository.c | ||
| repository.h | ||
| rerere.c | ||
| rerere.h | ||
| resolve-undo.c | ||
| resolve-undo.h | ||
| revision.c | ||
| revision.h | ||
| run-command.c | ||
| run-command.h | ||
| send-pack.c | ||
| send-pack.h | ||
| sequencer.c | ||
| sequencer.h | ||
| server-info.c | ||
| setup.c | ||
| sh-i18n--envsubst.c | ||
| sha1-array.c | ||
| sha1-array.h | ||
| sha1-lookup.c | ||
| sha1-lookup.h | ||
| sha1_file.c | ||
| sha1_name.c | ||
| sha1dc_git.c | ||
| sha1dc_git.h | ||
| shallow.c | ||
| shell.c | ||
| shortlog.h | ||
| show-index.c | ||
| sideband.c | ||
| sideband.h | ||
| sigchain.c | ||
| sigchain.h | ||
| split-index.c | ||
| split-index.h | ||
| strbuf.c | ||
| strbuf.h | ||
| streaming.c | ||
| streaming.h | ||
| string-list.c | ||
| string-list.h | ||
| sub-process.c | ||
| sub-process.h | ||
| submodule-config.c | ||
| submodule-config.h | ||
| submodule.c | ||
| submodule.h | ||
| symlinks.c | ||
| tag.c | ||
| tag.h | ||
| tar.h | ||
| tempfile.c | ||
| tempfile.h | ||
| thread-utils.c | ||
| thread-utils.h | ||
| tmp-objdir.c | ||
| tmp-objdir.h | ||
| trace.c | ||
| trace.h | ||
| trailer.c | ||
| trailer.h | ||
| transport-helper.c | ||
| transport-internal.h | ||
| transport.c | ||
| transport.h | ||
| tree-diff.c | ||
| tree-walk.c | ||
| tree-walk.h | ||
| tree.c | ||
| tree.h | ||
| unicode_width.h | ||
| unimplemented.sh | ||
| unix-socket.c | ||
| unix-socket.h | ||
| unpack-trees.c | ||
| unpack-trees.h | ||
| upload-pack.c | ||
| url.c | ||
| url.h | ||
| urlmatch.c | ||
| urlmatch.h | ||
| usage.c | ||
| userdiff.c | ||
| userdiff.h | ||
| utf8.c | ||
| utf8.h | ||
| varint.c | ||
| varint.h | ||
| version.c | ||
| version.h | ||
| versioncmp.c | ||
| walker.c | ||
| walker.h | ||
| wildmatch.c | ||
| wildmatch.h | ||
| worktree.c | ||
| worktree.h | ||
| wrap-for-bin.sh | ||
| wrapper.c | ||
| write_or_die.c | ||
| ws.c | ||
| wt-status.c | ||
| wt-status.h | ||
| xdiff-interface.c | ||
| xdiff-interface.h | ||
| zlib.c | ||
README.md
Git - fast, scalable, distributed revision control system
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals.
Git is an Open Source project covered by the GNU General Public License version 2 (some parts of it are under different licenses, compatible with the GPLv2). It was originally written by Linus Torvalds with help of a group of hackers around the net.
Please read the file INSTALL for installation instructions.
Many Git online resources are accessible from https://git-scm.com/ including full documentation and Git related tools.
See Documentation/gittutorial.txt to get started, then see
Documentation/giteveryday.txt for a useful minimum set of commands, and
Documentation/git-.txt for documentation of each command.
If git has been correctly installed, then the tutorial can also be
read with man gittutorial or git help tutorial, and the
documentation of each command with man git-<commandname> or git help <commandname>.
CVS users may also want to read Documentation/gitcvs-migration.txt
(man gitcvs-migration or git help cvs-migration if git is
installed).
The user discussion and development of Git take place on the Git mailing list -- everyone is welcome to post bug reports, feature requests, comments and patches to git@vger.kernel.org (read Documentation/SubmittingPatches for instructions on patch submission). To subscribe to the list, send an email with just "subscribe git" in the body to majordomo@vger.kernel.org. The mailing list archives are available at https://public-inbox.org/git/, http://marc.info/?l=git and other archival sites.
The maintainer frequently sends the "What's cooking" reports that list the current status of various development topics to the mailing list. The discussion following them give a good reference for project status, development direction and remaining tasks.
The name "git" was given by Linus Torvalds when he wrote the very first version. He described the tool as "the stupid content tracker" and the name as (depending on your mood):
- random three-letter combination that is pronounceable, and not actually used by any common UNIX command. The fact that it is a mispronunciation of "get" may or may not be relevant.
- stupid. contemptible and despicable. simple. Take your pick from the dictionary of slang.
- "global information tracker": you're in a good mood, and it actually works for you. Angels sing, and a light suddenly fills the room.
- "goddamn idiotic truckload of sh*t": when it breaks