aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_2324.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_2324.patch')
-rw-r--r--meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_2324.patch307
1 files changed, 307 insertions, 0 deletions
diff --git a/meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_2324.patch b/meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_2324.patch
new file mode 100644
index 0000000000..756ae660e9
--- /dev/null
+++ b/meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_2324.patch
@@ -0,0 +1,307 @@
+From 2824e1841b99393d2469c495253d547c643bd8f1 Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Thu, 11 Feb 2016 17:28:36 -0500
+Subject: [PATCH] list-objects: pass full pathname to callbacks
+
+When we find a blob at "a/b/c", we currently pass this to
+our show_object_fn callbacks as two components: "a/b/" and
+"c". Callbacks which want the full value then call
+path_name(), which concatenates the two. But this is an
+inefficient interface; the path is a strbuf, and we could
+simply append "c" to it temporarily, then roll back the
+length, without creating a new copy.
+
+So we could improve this by teaching the callsites of
+path_name() this trick (and there are only 3). But we can
+also notice that no callback actually cares about the
+broken-down representation, and simply pass each callback
+the full path "a/b/c" as a string. The callback code becomes
+even simpler, then, as we do not have to worry about freeing
+an allocated buffer, nor rolling back our modification to
+the strbuf.
+
+This is theoretically less efficient, as some callbacks
+would not bother to format the final path component. But in
+practice this is not measurable. Since we use the same
+strbuf over and over, our work to grow it is amortized, and
+we really only pay to memcpy a few bytes.
+
+Signed-off-by: Jeff King <peff@peff.net>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+
+Upstream-Status: Backport
+CVE: CVE-2016-2315 and CVE-2016-2324 (actual fixs)
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+---
+ builtin/pack-objects.c | 15 ++-------------
+ builtin/rev-list.c | 12 ++++--------
+ list-objects.c | 14 +++++++++-----
+ list-objects.h | 2 +-
+ pack-bitmap-write.c | 3 +--
+ pack-bitmap.c | 13 ++++---------
+ reachable.c | 5 ++---
+ revision.c | 17 ++---------------
+ revision.h | 3 +--
+ 9 files changed, 26 insertions(+), 58 deletions(-)
+
+Index: git-2.5.0/builtin/pack-objects.c
+===================================================================
+--- git-2.5.0.orig/builtin/pack-objects.c
++++ git-2.5.0/builtin/pack-objects.c
+@@ -2284,21 +2284,11 @@ static void show_commit(struct commit *c
+ index_commit_for_bitmap(commit);
+ }
+
+-static void show_object(struct object *obj,
+- struct strbuf *path, const char *last,
+- void *data)
++static void show_object(struct object *obj, const char *name, void *data)
+ {
+- char *name = path_name(path, last);
+-
+ add_preferred_base_object(name);
+ add_object_entry(obj->sha1, obj->type, name, 0);
+ obj->flags |= OBJECT_ADDED;
+-
+- /*
+- * We will have generated the hash from the name,
+- * but not saved a pointer to it - we can free it
+- */
+- free((char *)name);
+ }
+
+ static void show_edge(struct commit *commit)
+@@ -2480,8 +2470,7 @@ static int get_object_list_from_bitmap(s
+ }
+
+ static void record_recent_object(struct object *obj,
+- struct strbuf *path,
+- const char *last,
++ const char *name,
+ void *data)
+ {
+ sha1_array_append(&recent_objects, obj->sha1);
+Index: git-2.5.0/builtin/rev-list.c
+===================================================================
+--- git-2.5.0.orig/builtin/rev-list.c
++++ git-2.5.0/builtin/rev-list.c
+@@ -177,9 +177,7 @@ static void finish_commit(struct commit
+ free_commit_buffer(commit);
+ }
+
+-static void finish_object(struct object *obj,
+- struct strbuf *path, const char *name,
+- void *cb_data)
++static void finish_object(struct object *obj, const char *name, void *cb_data)
+ {
+ struct rev_list_info *info = cb_data;
+ if (obj->type == OBJ_BLOB && !has_sha1_file(obj->sha1))
+@@ -188,15 +186,13 @@ static void finish_object(struct object
+ parse_object(obj->sha1);
+ }
+
+-static void show_object(struct object *obj,
+- struct strbuf *path, const char *component,
+- void *cb_data)
++static void show_object(struct object *obj, const char *name, void *cb_data)
+ {
+ struct rev_list_info *info = cb_data;
+- finish_object(obj, path, component, cb_data);
++ finish_object(obj, name, cb_data);
+ if (info->flags & REV_LIST_QUIET)
+ return;
+- show_object_with_name(stdout, obj, path, component);
++ show_object_with_name(stdout, obj, name);
+ }
+
+ static void show_edge(struct commit *commit)
+Index: git-2.5.0/list-objects.c
+===================================================================
+--- git-2.5.0.orig/list-objects.c
++++ git-2.5.0/list-objects.c
+@@ -16,6 +16,7 @@ static void process_blob(struct rev_info
+ void *cb_data)
+ {
+ struct object *obj = &blob->object;
++ size_t pathlen;
+
+ if (!revs->blob_objects)
+ return;
+@@ -24,7 +25,11 @@ static void process_blob(struct rev_info
+ if (obj->flags & (UNINTERESTING | SEEN))
+ return;
+ obj->flags |= SEEN;
+- show(obj, path, name, cb_data);
++
++ pathlen = path->len;
++ strbuf_addstr(path, name);
++ show(obj, path->buf, cb_data);
++ strbuf_setlen(path, pathlen);
+ }
+
+ /*
+@@ -86,9 +91,8 @@ static void process_tree(struct rev_info
+ }
+
+ obj->flags |= SEEN;
+- show(obj, base, name, cb_data);
+-
+ strbuf_addstr(base, name);
++ show(obj, base->buf, cb_data);
+ if (base->len)
+ strbuf_addch(base, '/');
+
+@@ -207,7 +211,7 @@ void traverse_commit_list(struct rev_inf
+ continue;
+ if (obj->type == OBJ_TAG) {
+ obj->flags |= SEEN;
+- show_object(obj, NULL, name, data);
++ show_object(obj, name, data);
+ continue;
+ }
+ if (!path)
+@@ -219,7 +223,7 @@ void traverse_commit_list(struct rev_inf
+ }
+ if (obj->type == OBJ_BLOB) {
+ process_blob(revs, (struct blob *)obj, show_object,
+- NULL, path, data);
++ &base, path, data);
+ continue;
+ }
+ die("unknown pending object %s (%s)",
+Index: git-2.5.0/list-objects.h
+===================================================================
+--- git-2.5.0.orig/list-objects.h
++++ git-2.5.0/list-objects.h
+@@ -2,7 +2,7 @@
+ #define LIST_OBJECTS_H
+
+ typedef void (*show_commit_fn)(struct commit *, void *);
+-typedef void (*show_object_fn)(struct object *, struct strbuf *, const char *, void *);
++typedef void (*show_object_fn)(struct object *, const char *, void *);
+ void traverse_commit_list(struct rev_info *, show_commit_fn, show_object_fn, void *);
+
+ typedef void (*show_edge_fn)(struct commit *);
+Index: git-2.5.0/pack-bitmap-write.c
+===================================================================
+--- git-2.5.0.orig/pack-bitmap-write.c
++++ git-2.5.0/pack-bitmap-write.c
+@@ -148,8 +148,7 @@ static uint32_t find_object_pos(const un
+ return entry->in_pack_pos;
+ }
+
+-static void show_object(struct object *object, struct strbuf *path,
+- const char *last, void *data)
++static void show_object(struct object *object, const char *name, void *data)
+ {
+ struct bitmap *base = data;
+ bitmap_set(base, find_object_pos(object->sha1));
+Index: git-2.5.0/pack-bitmap.c
+===================================================================
+--- git-2.5.0.orig/pack-bitmap.c
++++ git-2.5.0/pack-bitmap.c
+@@ -422,19 +422,15 @@ static int ext_index_add_object(struct o
+ return bitmap_pos + bitmap_git.pack->num_objects;
+ }
+
+-static void show_object(struct object *object, struct strbuf *path,
+- const char *last, void *data)
++static void show_object(struct object *object, const char *name, void *data)
+ {
+ struct bitmap *base = data;
+ int bitmap_pos;
+
+ bitmap_pos = bitmap_position(object->sha1);
+
+- if (bitmap_pos < 0) {
+- char *name = path_name(path, last);
++ if (bitmap_pos < 0)
+ bitmap_pos = ext_index_add_object(object, name);
+- free(name);
+- }
+
+ bitmap_set(base, bitmap_pos);
+ }
+@@ -902,9 +898,8 @@ struct bitmap_test_data {
+ size_t seen;
+ };
+
+-static void test_show_object(struct object *object,
+- struct strbuf *path,
+- const char *last, void *data)
++static void test_show_object(struct object *object, const char *name,
++ void *data)
+ {
+ struct bitmap_test_data *tdata = data;
+ int bitmap_pos;
+Index: git-2.5.0/reachable.c
+===================================================================
+--- git-2.5.0.orig/reachable.c
++++ git-2.5.0/reachable.c
+@@ -37,15 +37,14 @@ static int add_one_ref(const char *path,
+ * The traversal will have already marked us as SEEN, so we
+ * only need to handle any progress reporting here.
+ */
+-static void mark_object(struct object *obj, struct strbuf *path,
+- const char *name, void *data)
++static void mark_object(struct object *obj, const char *name, void *data)
+ {
+ update_progress(data);
+ }
+
+ static void mark_commit(struct commit *c, void *data)
+ {
+- mark_object(&c->object, NULL, NULL, data);
++ mark_object(&c->object, NULL, data);
+ }
+
+ struct recent_data {
+Index: git-2.5.0/revision.c
+===================================================================
+--- git-2.5.0.orig/revision.c
++++ git-2.5.0/revision.c
+@@ -21,27 +21,14 @@
+
+ volatile show_early_output_fn_t show_early_output;
+
+-char *path_name(struct strbuf *path, const char *name)
++void show_object_with_name(FILE *out, struct object *obj, const char *name)
+ {
+- struct strbuf ret = STRBUF_INIT;
+- if (path)
+- strbuf_addbuf(&ret, path);
+- strbuf_addstr(&ret, name);
+- return strbuf_detach(&ret, NULL);
+-}
+-
+-void show_object_with_name(FILE *out, struct object *obj,
+- struct strbuf *path, const char *component)
+-{
+- char *name = path_name(path, component);
+- char *p;
++ const char *p;
+
+ fprintf(out, "%s ", sha1_to_hex(obj->sha1));
+ for (p = name; *p && *p != '\n'; p++)
+ fputc(*p, out);
+ fputc('\n', out);
+-
+- free(name);
+ }
+
+ static void mark_blob_uninteresting(struct blob *blob)
+Index: git-2.5.0/revision.h
+===================================================================
+--- git-2.5.0.orig/revision.h
++++ git-2.5.0/revision.h
+@@ -258,8 +258,7 @@ extern void mark_tree_uninteresting(stru
+
+ char *path_name(struct strbuf *path, const char *name);
+
+-extern void show_object_with_name(FILE *, struct object *,
+- struct strbuf *, const char *);
++extern void show_object_with_name(FILE *, struct object *, const char *);
+
+ extern void add_pending_object(struct rev_info *revs,
+ struct object *obj, const char *name);
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-26 21:49:02 +0000