diff options
author | Jeff King <peff@peff.net> | 2016-10-06 12:48:42 -0400 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2016-10-10 10:53:33 -0700 |
commit | e8c42cb9ce6a566aad797cc6c5bc1279d608d819 (patch) | |
tree | e43133ea5a1cd25e181b3daf7cdbab1a82104cbb | |
parent | 3f7bd767ed6df4dbbc36c5ab881c0de668107001 (diff) | |
download | git-e8c42cb9ce6a566aad797cc6c5bc1279d608d819.tar.gz git-e8c42cb9ce6a566aad797cc6c5bc1279d608d819.tar.xz |
files_read_raw_ref: prevent infinite retry loops in general
Limit the number of retries to 3. That should be adequate to
prevent any races, while preventing the possibility of
infinite loops if the logic fails to handle any other
possible error modes correctly.
After the fix in the previous commit, there's no known way
to trigger an infinite loop, but I did manually verify that
this fixes the test in that commit even when the code change
is not applied.
Signed-off-by: Jeff King <peff@peff.net>
Reviewed-by: Michael Haggerty <mhagger@alum.mit.edu>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
-rw-r--r-- | refs/files-backend.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/refs/files-backend.c b/refs/files-backend.c index 087a8fa02..245556435 100644 --- a/refs/files-backend.c +++ b/refs/files-backend.c @@ -1451,6 +1451,7 @@ int read_raw_ref(const char *refname, unsigned char *sha1, int fd; int ret = -1; int save_errno; + int remaining_retries = 3; *type = 0; strbuf_reset(&sb_path); @@ -1466,8 +1467,14 @@ stat_ref: * <-> symlink) between the lstat() and reading, then * we don't want to report that as an error but rather * try again starting with the lstat(). + * + * We'll keep a count of the retries, though, just to avoid + * any confusing situation sending us into an infinite loop. */ + if (remaining_retries-- <= 0) + goto out; + if (lstat(path, &st) < 0) { if (errno != ENOENT) goto out; |