diff options
| author | Jann Horn <jannh@google.com> | 2018-08-30 07:10:26 (GMT) |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2018-08-30 17:30:22 (GMT) |
| commit | fa72f90e7a5cfbbc32860c6336628c96791b5af3 (patch) | |
| tree | 661cb3ad4dbfed7cc0a23c9199650593d3c5a22f /t/t5303-pack-corruption-resilience.sh | |
| parent | 21870efc4aab4732ba2c422ef116597c54e4a8ec (diff) | |
| download | git-fa72f90e7a5cfbbc32860c6336628c96791b5af3.zip git-fa72f90e7a5cfbbc32860c6336628c96791b5af3.tar.gz git-fa72f90e7a5cfbbc32860c6336628c96791b5af3.tar.bz2 | |
patch-delta: consistently report corruption
When applying a delta, if we see an opcode that cannot be
fulfilled (e.g., asking to write more bytes than the
destination has left), we break out of our parsing loop but
don't signal an explicit error. We rely on the sanity check
after the loop to see if we have leftover delta bytes or
didn't fill our result buffer.
This can silently ignore corruption when the delta buffer
ends with a bogus command and the destination buffer is
already full. Instead, let's jump into the error handler
directly when we see this case.
Note that the tests also cover the "bad opcode" case, which
already handles this correctly.
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Jeff King <peff@peff.net>
Reviewed-by: Nicolas Pitre <nico@fluxnic.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 't/t5303-pack-corruption-resilience.sh')
| -rwxr-xr-x | t/t5303-pack-corruption-resilience.sh | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/t/t5303-pack-corruption-resilience.sh b/t/t5303-pack-corruption-resilience.sh index 7114c31..41dc947 100755 --- a/t/t5303-pack-corruption-resilience.sh +++ b/t/t5303-pack-corruption-resilience.sh @@ -370,4 +370,34 @@ test_expect_failure \ echo base >base && test_must_fail test-tool delta -p base truncated_copy_delta /dev/null' +# \0 - empty base +# \1 - one byte in result +# \1 - one literal byte (X) +# \1 - trailing garbage command +test_expect_success \ + 'apply delta with trailing garbage literal' \ + 'printf "\0\1\1X\1" > tail_garbage_literal && + test_must_fail test-tool delta -p /dev/null tail_garbage_literal /dev/null' + +# \5 - five bytes in base +# \1 - one byte in result +# \1 - one literal byte (X) +# \221 - copy, one byte offset, one byte size +# \0 - copy from offset 0 +# \1 - copy 1 byte +test_expect_success \ + 'apply delta with trailing garbage copy' \ + 'printf "\5\1\1X\221\0\1" > tail_garbage_copy && + echo base >base && + test_must_fail test-tool delta -p /dev/null tail_garbage_copy /dev/null' + +# \0 - empty base +# \1 - one byte in result +# \1 - one literal byte (X) +# \0 - bogus opcode +test_expect_success \ + 'apply delta with trailing garbage opcode' \ + 'printf "\0\1\1X\0" > tail_garbage_opcode && + test_must_fail test-tool delta -p /dev/null tail_garbage_opcode /dev/null' + test_done |