[issue1483] insufficient arguments checking in wire protocol's between()
Dmitriy Taychenachev
mercurial-bugs at selenic.com
Sun Jan 25 09:54:39 CST 2009
New submission from Dmitriy Taychenachev <dimichxp at gmail.com>:
Mercurial doesn't properly check revisions relationship when traversing DAG from
`top' to `bottom' in between(). In case if `bottom' revision is not descendant of
`top' revision hg will stuck in endless loop searching for `bottom' after
reaching null revision. E.g. for a given pair (nullid, <any valid non-null id>)
hg will never return from between() and will cause high system load because
null's parent is null itself. Since the pair is provided by user it may be used
to make denial-of-service attack. Proposed fix attached.
----------
files: wire_between.patch
messages: 8482
nosy: dmitriy
priority: urgent
status: unread
title: insufficient arguments checking in wire protocol's between()
topic: wire
____________________________________________________
Mercurial issue tracker <mercurial-bugs at selenic.com>
<http://www.selenic.com/mercurial/bts/issue1483>
____________________________________________________
-------------- next part --------------
A non-text attachment was scrubbed...
Name: wire_between.patch
Type: text/x-patch
Size: 1027 bytes
Desc: not available
Url : http://selenic.com/pipermail/mercurial-devel/attachments/20090125/dcd218fb/attachment.bin
More information about the Mercurial-devel
mailing list