diff options
| author | Derrick Stolee <dstolee@microsoft.com> | 2018-02-27 11:47:04 (GMT) |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2018-02-27 22:27:16 (GMT) |
| commit | 21abed500cb06bc54247cbc11def92739259bb70 (patch) | |
| tree | 7e6f629e892e6011e3039f1877b151c63f155873 | |
| parent | 0e87b85683df145007862d23b5f0773368d66464 (diff) | |
| download | git-21abed500cb06bc54247cbc11def92739259bb70.zip git-21abed500cb06bc54247cbc11def92739259bb70.tar.gz git-21abed500cb06bc54247cbc11def92739259bb70.tar.bz2 | |
sha1_name: fix uninitialized memory errors
During abbreviation checks, we navigate to the position within a
pack-index that an OID would be inserted and check surrounding OIDs
for the maximum matching prefix. This position may be beyond the
last position, because the given OID is lexicographically larger
than every OID in the pack. Then nth_packed_object_oid() does not
initialize "oid".
Use the return value of nth_packed_object_oid() to prevent these
errors.
Also the comment about checking near-by objects miscounts the
neighbours. If we have a hit at "first", we check "first-1" and
"first+1" to make sure we have sufficiently long abbreviation not to
match either. If we do not have a hit, "first" is the smallest
among the objects that are larger than what we want to name, so we
check that and "first-1" to make sure we have sufficiently long
abbreviation not to match either. In either case, we only check up
to two near-by objects.
Reported-by: Christian Couder <christian.couder@gmail.com>
Signed-off-by: Derrick Stolee <dstolee@microsoft.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| -rw-r--r-- | sha1_name.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/sha1_name.c b/sha1_name.c index 05a6359..f1c3d37 100644 --- a/sha1_name.c +++ b/sha1_name.c @@ -542,20 +542,20 @@ static void find_abbrev_len_for_pack(struct packed_git *p, /* * first is now the position in the packfile where we would insert * mad->hash if it does not exist (or the position of mad->hash if - * it does exist). Hence, we consider a maximum of three objects + * it does exist). Hence, we consider a maximum of two objects * nearby for the abbreviation length. */ mad->init_len = 0; if (!match) { - nth_packed_object_oid(&oid, p, first); - extend_abbrev_len(&oid, mad); + if (nth_packed_object_oid(&oid, p, first)) + extend_abbrev_len(&oid, mad); } else if (first < num - 1) { - nth_packed_object_oid(&oid, p, first + 1); - extend_abbrev_len(&oid, mad); + if (nth_packed_object_oid(&oid, p, first + 1)) + extend_abbrev_len(&oid, mad); } if (first > 0) { - nth_packed_object_oid(&oid, p, first - 1); - extend_abbrev_len(&oid, mad); + if (nth_packed_object_oid(&oid, p, first - 1)) + extend_abbrev_len(&oid, mad); } mad->init_len = mad->cur_len; } |