admin/git
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'jk/zlib-inflate-fixes'

Browse Source 
Fix our use of zlib corner cases.

* jk/zlib-inflate-fixes:
  unpack_loose_rest(): rewrite return handling for clarity
  unpack_loose_rest(): simplify error handling
  unpack_loose_rest(): never clean up zstream
  unpack_loose_rest(): avoid numeric comparison of zlib status
  unpack_loose_header(): avoid numeric comparison of zlib status
  git_inflate(): skip zlib_post_call() sanity check on Z_NEED_DICT
  unpack_loose_header(): fix infinite loop on broken zlib input
  unpack_loose_header(): report headers without NUL as "bad"
  unpack_loose_header(): simplify next_out assignment
  loose_object_info(): BUG() on inflating content with unknown type
This commit is contained in:
Junio C Hamano
2025-04-15 13:50:13 -07:00
parent 139d703511 1cb2f293f5
commit c39e5cbaa5
3 changed files with 92 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
git-zlib.c
View File

@@ -45,7 +45,7 @@ static void zlib_pre_call(git_zstream *s)
s->z.avail_out = zlib_buf_cap(s->avail_out);
}
static void zlib_post_call(git_zstream *s)
static void zlib_post_call(git_zstream *s, int status)
{
unsigned long bytes_consumed;
unsigned long bytes_produced;
@@ -54,7 +54,12 @@ static void zlib_post_call(git_zstream *s)
bytes_produced = s->z.next_out - s->next_out;
if (s->z.total_out != s->total_out + bytes_produced)
BUG("total_out mismatch");
if (s->z.total_in != s->total_in + bytes_consumed)
/*
* zlib does not update total_in when it returns Z_NEED_DICT,
* causing a mismatch here. Skip the sanity check in that case.
*/
if (status != Z_NEED_DICT &&
s->z.total_in != s->total_in + bytes_consumed)
BUG("total_in mismatch");
s->total_out = s->z.total_out;
@@ -72,7 +77,7 @@ void git_inflate_init(git_zstream *strm)
zlib_pre_call(strm);
status = inflateInit(&strm->z);
zlib_post_call(strm);
zlib_post_call(strm, status);
if (status == Z_OK)
return;
die("inflateInit: %s (%s)", zerr_to_string(status),
@@ -90,7 +95,7 @@ void git_inflate_init_gzip_only(git_zstream *strm)
zlib_pre_call(strm);
status = inflateInit2(&strm->z, windowBits);
zlib_post_call(strm);
zlib_post_call(strm, status);
if (status == Z_OK)
return;
die("inflateInit2: %s (%s)", zerr_to_string(status),
@@ -103,7 +108,7 @@ void git_inflate_end(git_zstream *strm)
zlib_pre_call(strm);
status = inflateEnd(&strm->z);
zlib_post_call(strm);
zlib_post_call(strm, status);
if (status == Z_OK)
return;
error("inflateEnd: %s (%s)", zerr_to_string(status),
@@ -122,7 +127,7 @@ int git_inflate(git_zstream *strm, int flush)
? 0 : flush);
if (status == Z_MEM_ERROR)
die("inflate: out of memory");
zlib_post_call(strm);
zlib_post_call(strm, status);
/*
* Let zlib work another round, while we can still
@@ -160,7 +165,7 @@ void git_deflate_init(git_zstream *strm, int level)
memset(strm, 0, sizeof(*strm));
zlib_pre_call(strm);
status = deflateInit(&strm->z, level);
zlib_post_call(strm);
zlib_post_call(strm, status);
if (status == Z_OK)
return;
die("deflateInit: %s (%s)", zerr_to_string(status),
@@ -176,7 +181,7 @@ static void do_git_deflate_init(git_zstream *strm, int level, int windowBits)
status = deflateInit2(&strm->z, level,
Z_DEFLATED, windowBits,
8, Z_DEFAULT_STRATEGY);
zlib_post_call(strm);
zlib_post_call(strm, status);
if (status == Z_OK)
return;
die("deflateInit2: %s (%s)", zerr_to_string(status),
@@ -207,7 +212,7 @@ int git_deflate_abort(git_zstream *strm)
zlib_pre_call(strm);
status = deflateEnd(&strm->z);
zlib_post_call(strm);
zlib_post_call(strm, status);
return status;
}
@@ -227,7 +232,7 @@ int git_deflate_end_gently(git_zstream *strm)
zlib_pre_call(strm);
status = deflateEnd(&strm->z);
zlib_post_call(strm);
zlib_post_call(strm, status);
return status;
}
@@ -244,7 +249,7 @@ int git_deflate(git_zstream *strm, int flush)
? 0 : flush);
if (status == Z_MEM_ERROR)
die("deflate: out of memory");
zlib_post_call(strm);
zlib_post_call(strm, status);
/*
* Let zlib work another round, while we can still