"brian m. carlson" <sand...@crustytoothpaste.net> writes: > There are a small number of places in our codebase where we cast a > buffer of unsigned char to a struct object_id pointer. When we have > GIT_MAX_RAWSZ set to 32 (because we have SHA-256), one of these places > (the buffer for tree objects) can lead to us copying too much data when > using SHA-1 as the hash, since there are only 20 bytes to read.
Thanks. And thanks for a pleasant-to-follow discussion during the review of the previous round. > Changes from v1: > * Use hashcpy instead of memcpy. > * Adopt Peff's suggestion for improving patch 3. > > brian m. carlson (5): > tree-walk: copy object ID before use > match-trees: compute buffer offset correctly when splicing > match-trees: use hashcpy to splice trees > tree-walk: store object_id in a separate member > cache: make oidcpy always copy GIT_MAX_RAWSZ bytes > > builtin/grep.c | 8 ++++---- > builtin/merge-tree.c | 20 ++++++++++---------- > builtin/pack-objects.c | 4 ++-- > builtin/reflog.c | 4 ++-- > cache-tree.c | 4 ++-- > cache.h | 2 +- > contrib/coccinelle/object_id.cocci | 30 ------------------------------ > delta-islands.c | 2 +- > fsck.c | 4 ++-- > http-push.c | 4 ++-- > list-objects.c | 6 +++--- > match-trees.c | 27 ++++++++++++++++++++------- > notes.c | 4 ++-- > packfile.c | 2 +- > revision.c | 4 ++-- > tree-diff.c | 6 +++--- > tree-walk.c | 21 ++++++++++++--------- > tree-walk.h | 9 ++++++--- > tree.c | 10 +++++----- > unpack-trees.c | 6 +++--- > walker.c | 4 ++-- > 21 files changed, 85 insertions(+), 96 deletions(-)
