diff options
author | Jim Meyering <jim@meyering.net> | 2011-10-12 16:33:54 +0200 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2011-10-12 12:08:11 -0700 |
commit | 2c93286ab2ca5271e26779ffd1ecfd1c7a082a41 (patch) | |
tree | ff4f06df6e607c8e11a4857737aa2331713d6492 | |
parent | 7ed863a85a6ce2c4ac4476848310b8f917ab41f9 (diff) | |
download | git-2c93286ab2ca5271e26779ffd1ecfd1c7a082a41.tar.gz git-2c93286ab2ca5271e26779ffd1ecfd1c7a082a41.tar.xz |
fix "git apply --index ..." not to deref NULL
I noticed this when "git am CORRUPTED" unexpectedly failed with an
odd diagnostic, and even removed one of the files it was supposed
to have patched.
Reproduce with any valid old/new patch from which you have removed
the "+++ b/FILE" line. You'll see a diagnostic like this
fatal: unable to write file '(null)' mode 100644: Bad address
and you'll find that FILE has been removed.
The above is on glibc-based systems. On other systems, rather than
getting "null", you may provoke a segfault as git tries to
dereference the NULL file name.
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
-rw-r--r-- | builtin/apply.c | 3 | ||||
-rwxr-xr-x | t/t4254-am-corrupt.sh | 43 |
2 files changed, 46 insertions, 0 deletions
diff --git a/builtin/apply.c b/builtin/apply.c index 14951daed..97ade776f 100644 --- a/builtin/apply.c +++ b/builtin/apply.c @@ -1405,6 +1405,9 @@ static int find_header(char *line, unsigned long size, int *hdrsize, struct patc "%d leading pathname components (line %d)" , p_value, linenr); patch->old_name = patch->new_name = patch->def_name; } + if (!patch->is_delete && !patch->new_name) + die("git diff header lacks filename information " + "(line %d)", linenr); patch->is_toplevel_relative = 1; *hdrsize = git_hdr_len; return offset; diff --git a/t/t4254-am-corrupt.sh b/t/t4254-am-corrupt.sh new file mode 100755 index 000000000..b7da95fac --- /dev/null +++ b/t/t4254-am-corrupt.sh @@ -0,0 +1,43 @@ +#!/bin/sh + +test_description='git am with corrupt input' +. ./test-lib.sh + +# Note the missing "+++" line: +cat > bad-patch.diff <<'EOF' +From: A U Thor <au.thor@example.com> +diff --git a/f b/f +index 7898192..6178079 100644 +--- a/f +@@ -1 +1 @@ +-a ++b +EOF + +test_expect_success setup ' + test $? = 0 && + echo a > f && + git add f && + test_tick && + git commit -m initial +' + +# This used to fail before, too, but with a different diagnostic. +# fatal: unable to write file '(null)' mode 100644: Bad address +# Also, it had the unwanted side-effect of deleting f. +test_expect_success 'try to apply corrupted patch' ' + git am bad-patch.diff 2> actual + test $? = 1 +' + +cat > expected <<EOF +fatal: git diff header lacks filename information (line 4) +EOF + +test_expect_success 'compare diagnostic; ensure file is still here' ' + test $? = 0 && + test -f f && + test_cmp expected actual +' + +test_done |