diff options
| author | Patrick Steinhardt <ps@pks.im> | 2024-10-07 06:38:18 +0200 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2024-10-07 15:08:11 -0700 |
| commit | 2be7fc012e6747160b4b6586a1ec209598581ade (patch) | |
| tree | ba4e2d329d83d368396226467a51d8f80efd7ece /t/t4058-diff-duplicates.sh | |
| parent | 9f119599a69eb11f0712cab3bdbc2000eb91abd7 (diff) | |
| download | git-2be7fc012e6747160b4b6586a1ec209598581ade.tar.gz | |
cache-tree: detect mismatching number of index entries
In t4058 we have some tests that exercise git-read-tree(1) when used
with a tree that contains duplicate entries. While the expectation is
that we fail, we ideally should fail gracefully without a segfault.
But that is not the case: we never check that the number of entries in
the cache-tree is less than or equal to the number of entries in the
index. This can lead to an out-of-bounds read as we unconditionally
access `istate->cache[idx]`, where `idx` is controlled by the number of
cache-tree entries and the current position therein. The result is a
segfault.
Fix this segfault by adding a sanity check for the number of index
entries before dereferencing them.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 't/t4058-diff-duplicates.sh')
| -rwxr-xr-x | t/t4058-diff-duplicates.sh | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/t/t4058-diff-duplicates.sh b/t/t4058-diff-duplicates.sh index 2501c89c1c..3f602adb05 100755 --- a/t/t4058-diff-duplicates.sh +++ b/t/t4058-diff-duplicates.sh @@ -132,15 +132,15 @@ test_expect_success 'create a few commits' ' rm commit_id up final ' -test_expect_failure 'git read-tree does not segfault' ' - test_when_finished rm .git/index.lock && - test_might_fail git read-tree --reset base +test_expect_success 'git read-tree does not segfault' ' + test_must_fail git read-tree --reset base 2>err && + test_grep "error: corrupted cache-tree has entries not present in index" err ' -test_expect_failure 'reset --hard does not segfault' ' - test_when_finished rm .git/index.lock && +test_expect_success 'reset --hard does not segfault' ' git checkout base && - test_might_fail git reset --hard + test_must_fail git reset --hard 2>err && + test_grep "error: corrupted cache-tree has entries not present in index" err ' test_expect_failure 'git diff HEAD does not segfault' ' |