D5257: manifest: also reject obviously-too-short lines when parsing lines
durin42 (Augie Fackler)
phabricator at mercurial-scm.org
Tue Nov 13 01:52:09 UTC 2018
durin42 created this revision.
Herald added a subscriber: mercurial-devel.
Herald added a reviewer: hg-reviewers.
REPOSITORY
rHG Mercurial
REVISION DETAIL
https://phab.mercurial-scm.org/D5257
AFFECTED FILES
mercurial/cext/manifest.c
CHANGE DETAILS
diff --git a/mercurial/cext/manifest.c b/mercurial/cext/manifest.c
--- a/mercurial/cext/manifest.c
+++ b/mercurial/cext/manifest.c
@@ -39,6 +39,7 @@
#define MANIFEST_NOT_SORTED -2
#define MANIFEST_MALFORMED -3
#define MANIFEST_BOGUS_FILENAME -4
+#define MANIFEST_TOO_SHORT_LINE -5
/* get the length of the path for a line */
static size_t pathlen(line *l)
@@ -126,6 +127,15 @@
if (!next) {
return MANIFEST_MALFORMED;
}
+ if ((next - data) < 22) {
+ /* We should have at least 22 bytes in a line:
+ 1 byte filename
+ 1 NUL
+ 20 bytes of hash
+ so we can give up here.
+ */
+ return MANIFEST_TOO_SHORT_LINE;
+ }
next++; /* advance past newline */
if (!realloc_if_full(self)) {
return MANIFEST_OOM; /* no memory */
@@ -202,6 +212,11 @@
PyExc_ValueError,
"Manifest had an entry with a zero-length filename.");
break;
+ case MANIFEST_TOO_SHORT_LINE:
+ PyErr_Format(
+ PyExc_ValueError,
+ "Manifest had implausibly-short line.");
+ break;
default:
PyErr_Format(PyExc_ValueError,
"Unknown problem parsing manifest.");
To: durin42, #hg-reviewers
Cc: mercurial-devel
More information about the Mercurial-devel
mailing list