From a4cafc737916c2df5a52875cb1d0976662e3ab0e Mon Sep 17 00:00:00 2001 From: Jeff King Date: Sun, 15 Sep 2019 12:51:56 -0400 Subject: list-objects-filter: use empty string instead of NULL for sparse "base" We use add_excludes_from_blob_to_list() to parse a sparse blob. Since we don't have a base path, we pass NULL and 0 for the base and baselen, respectively. But the rest of the exclude code passes a literal empty string instead of NULL for this case. And indeed, we eventually end up with match_pathname() calling fspathncmp(), which then calls the system strncmp(path, base, baselen). This works on many platforms, which notice that baselen is 0 and do not look at the bytes of "base" at all. But it does violate the C standard, and building with SANITIZE=undefined will complain. You can also see it by instrumenting fspathncmp like this: diff --git a/dir.c b/dir.c index d021c908e5..4bb3d3ec96 100644 --- a/dir.c +++ b/dir.c @@ -71,6 +71,8 @@ int fspathcmp(const char *a, const char *b) int fspathncmp(const char *a, const char *b, size_t count) { + if (!a || !b) + BUG("null fspathncmp arguments"); return ignore_case ? strncasecmp(a, b, count) : strncmp(a, b, count); } We could perhaps be more defensive in match_pathname(), but even if we did so, it makes sense for this code to match the rest of the exclude callers. Signed-off-by: Jeff King Acked-by: Jeff Hostetler Signed-off-by: Junio C Hamano diff --git a/list-objects-filter.c b/list-objects-filter.c index 50f0c6d..83c788e 100644 --- a/list-objects-filter.c +++ b/list-objects-filter.c @@ -472,7 +472,7 @@ static void *filter_sparse_oid__init( die(_("unable to access sparse blob in '%s'"), filter_options->sparse_oid_name); d->omits = omitted; - if (add_excludes_from_blob_to_list(&sparse_oid, NULL, 0, &d->el) < 0) + if (add_excludes_from_blob_to_list(&sparse_oid, "", 0, &d->el) < 0) die(_("unable to parse sparse filter data in %s"), oid_to_hex(&sparse_oid)); -- cgit v0.10.2-6-g49f6