[PATCH 1 of 5] index: check more aggressively when adding new entries
Bryan O'Sullivan
bos at serpentine.com
Wed May 2 18:22:38 CDT 2012
# HG changeset patch
# User Bryan O'Sullivan <bryano at fb.com>
# Date 1336000671 25200
# Branch stable
# Node ID 7376bc611dbdb05b2cee683eeed1736517ef5938
# Parent 55fecd29c30c2db64093d6aff7bbefec1a4f0d58
index: check more aggressively when adding new entries
This makes it impossible to construct a revlog entry with bogus
parents.
diff -r 55fecd29c30c -r 7376bc611dbd mercurial/parsers.c
--- a/mercurial/parsers.c Wed May 02 16:17:50 2012 -0700
+++ b/mercurial/parsers.c Wed May 02 16:17:51 2012 -0700
@@ -416,10 +416,11 @@
static PyObject *index_insert(indexObject *self, PyObject *args)
{
- PyObject *obj;
+ PyObject *obj, *o1, *o2;
char *node;
long offset;
Py_ssize_t len, nodelen;
+ long p1, p2;
if (!PyArg_ParseTuple(args, "lO", &offset, &obj))
return NULL;
@@ -449,6 +450,21 @@
return NULL;
}
+ o1 = PyTuple_GET_ITEM(obj, 5);
+ o2 = PyTuple_GET_ITEM(obj, 6);
+ if (!PyInt_Check(o1) || !PyInt_Check(o2)) {
+ PyErr_SetString(PyExc_TypeError, "parent revs are not ints");
+ return NULL;
+ }
+ p1 = PyInt_AS_LONG(o1);
+ p2 = PyInt_AS_LONG(o2);
+ if (p1 < -1 || p1 >= offset || p2 < -1 || p2 >= offset ||
+ (p1 == -1 ? p1 != p2 : p1 == p2)) {
+ PyErr_Format(PyExc_ValueError,
+ "parent revs are invalid (%ld, %ld)", p1, p2);
+ return NULL;
+ }
+
if (self->added == NULL) {
self->added = PyList_New(0);
if (self->added == NULL)
More information about the Mercurial-devel
mailing list