diff options
Diffstat (limited to 'meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_2324.patch')
-rw-r--r-- | meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_2324.patch | 307 |
1 files changed, 307 insertions, 0 deletions
diff --git a/meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_2324.patch b/meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_2324.patch new file mode 100644 index 0000000000..756ae660e9 --- /dev/null +++ b/meta/recipes-devtools/git/git-2.5.0/CVE-2016-2315_2324.patch @@ -0,0 +1,307 @@ +From 2824e1841b99393d2469c495253d547c643bd8f1 Mon Sep 17 00:00:00 2001 +From: Jeff King <peff@peff.net> +Date: Thu, 11 Feb 2016 17:28:36 -0500 +Subject: [PATCH] list-objects: pass full pathname to callbacks + +When we find a blob at "a/b/c", we currently pass this to +our show_object_fn callbacks as two components: "a/b/" and +"c". Callbacks which want the full value then call +path_name(), which concatenates the two. But this is an +inefficient interface; the path is a strbuf, and we could +simply append "c" to it temporarily, then roll back the +length, without creating a new copy. + +So we could improve this by teaching the callsites of +path_name() this trick (and there are only 3). But we can +also notice that no callback actually cares about the +broken-down representation, and simply pass each callback +the full path "a/b/c" as a string. The callback code becomes +even simpler, then, as we do not have to worry about freeing +an allocated buffer, nor rolling back our modification to +the strbuf. + +This is theoretically less efficient, as some callbacks +would not bother to format the final path component. But in +practice this is not measurable. Since we use the same +strbuf over and over, our work to grow it is amortized, and +we really only pay to memcpy a few bytes. + +Signed-off-by: Jeff King <peff@peff.net> +Signed-off-by: Junio C Hamano <gitster@pobox.com> + +Upstream-Status: Backport +CVE: CVE-2016-2315 and CVE-2016-2324 (actual fixs) +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + builtin/pack-objects.c | 15 ++------------- + builtin/rev-list.c | 12 ++++-------- + list-objects.c | 14 +++++++++----- + list-objects.h | 2 +- + pack-bitmap-write.c | 3 +-- + pack-bitmap.c | 13 ++++--------- + reachable.c | 5 ++--- + revision.c | 17 ++--------------- + revision.h | 3 +-- + 9 files changed, 26 insertions(+), 58 deletions(-) + +Index: git-2.5.0/builtin/pack-objects.c +=================================================================== +--- git-2.5.0.orig/builtin/pack-objects.c ++++ git-2.5.0/builtin/pack-objects.c +@@ -2284,21 +2284,11 @@ static void show_commit(struct commit *c + index_commit_for_bitmap(commit); + } + +-static void show_object(struct object *obj, +- struct strbuf *path, const char *last, +- void *data) ++static void show_object(struct object *obj, const char *name, void *data) + { +- char *name = path_name(path, last); +- + add_preferred_base_object(name); + add_object_entry(obj->sha1, obj->type, name, 0); + obj->flags |= OBJECT_ADDED; +- +- /* +- * We will have generated the hash from the name, +- * but not saved a pointer to it - we can free it +- */ +- free((char *)name); + } + + static void show_edge(struct commit *commit) +@@ -2480,8 +2470,7 @@ static int get_object_list_from_bitmap(s + } + + static void record_recent_object(struct object *obj, +- struct strbuf *path, +- const char *last, ++ const char *name, + void *data) + { + sha1_array_append(&recent_objects, obj->sha1); +Index: git-2.5.0/builtin/rev-list.c +=================================================================== +--- git-2.5.0.orig/builtin/rev-list.c ++++ git-2.5.0/builtin/rev-list.c +@@ -177,9 +177,7 @@ static void finish_commit(struct commit + free_commit_buffer(commit); + } + +-static void finish_object(struct object *obj, +- struct strbuf *path, const char *name, +- void *cb_data) ++static void finish_object(struct object *obj, const char *name, void *cb_data) + { + struct rev_list_info *info = cb_data; + if (obj->type == OBJ_BLOB && !has_sha1_file(obj->sha1)) +@@ -188,15 +186,13 @@ static void finish_object(struct object + parse_object(obj->sha1); + } + +-static void show_object(struct object *obj, +- struct strbuf *path, const char *component, +- void *cb_data) ++static void show_object(struct object *obj, const char *name, void *cb_data) + { + struct rev_list_info *info = cb_data; +- finish_object(obj, path, component, cb_data); ++ finish_object(obj, name, cb_data); + if (info->flags & REV_LIST_QUIET) + return; +- show_object_with_name(stdout, obj, path, component); ++ show_object_with_name(stdout, obj, name); + } + + static void show_edge(struct commit *commit) +Index: git-2.5.0/list-objects.c +=================================================================== +--- git-2.5.0.orig/list-objects.c ++++ git-2.5.0/list-objects.c +@@ -16,6 +16,7 @@ static void process_blob(struct rev_info + void *cb_data) + { + struct object *obj = &blob->object; ++ size_t pathlen; + + if (!revs->blob_objects) + return; +@@ -24,7 +25,11 @@ static void process_blob(struct rev_info + if (obj->flags & (UNINTERESTING | SEEN)) + return; + obj->flags |= SEEN; +- show(obj, path, name, cb_data); ++ ++ pathlen = path->len; ++ strbuf_addstr(path, name); ++ show(obj, path->buf, cb_data); ++ strbuf_setlen(path, pathlen); + } + + /* +@@ -86,9 +91,8 @@ static void process_tree(struct rev_info + } + + obj->flags |= SEEN; +- show(obj, base, name, cb_data); +- + strbuf_addstr(base, name); ++ show(obj, base->buf, cb_data); + if (base->len) + strbuf_addch(base, '/'); + +@@ -207,7 +211,7 @@ void traverse_commit_list(struct rev_inf + continue; + if (obj->type == OBJ_TAG) { + obj->flags |= SEEN; +- show_object(obj, NULL, name, data); ++ show_object(obj, name, data); + continue; + } + if (!path) +@@ -219,7 +223,7 @@ void traverse_commit_list(struct rev_inf + } + if (obj->type == OBJ_BLOB) { + process_blob(revs, (struct blob *)obj, show_object, +- NULL, path, data); ++ &base, path, data); + continue; + } + die("unknown pending object %s (%s)", +Index: git-2.5.0/list-objects.h +=================================================================== +--- git-2.5.0.orig/list-objects.h ++++ git-2.5.0/list-objects.h +@@ -2,7 +2,7 @@ + #define LIST_OBJECTS_H + + typedef void (*show_commit_fn)(struct commit *, void *); +-typedef void (*show_object_fn)(struct object *, struct strbuf *, const char *, void *); ++typedef void (*show_object_fn)(struct object *, const char *, void *); + void traverse_commit_list(struct rev_info *, show_commit_fn, show_object_fn, void *); + + typedef void (*show_edge_fn)(struct commit *); +Index: git-2.5.0/pack-bitmap-write.c +=================================================================== +--- git-2.5.0.orig/pack-bitmap-write.c ++++ git-2.5.0/pack-bitmap-write.c +@@ -148,8 +148,7 @@ static uint32_t find_object_pos(const un + return entry->in_pack_pos; + } + +-static void show_object(struct object *object, struct strbuf *path, +- const char *last, void *data) ++static void show_object(struct object *object, const char *name, void *data) + { + struct bitmap *base = data; + bitmap_set(base, find_object_pos(object->sha1)); +Index: git-2.5.0/pack-bitmap.c +=================================================================== +--- git-2.5.0.orig/pack-bitmap.c ++++ git-2.5.0/pack-bitmap.c +@@ -422,19 +422,15 @@ static int ext_index_add_object(struct o + return bitmap_pos + bitmap_git.pack->num_objects; + } + +-static void show_object(struct object *object, struct strbuf *path, +- const char *last, void *data) ++static void show_object(struct object *object, const char *name, void *data) + { + struct bitmap *base = data; + int bitmap_pos; + + bitmap_pos = bitmap_position(object->sha1); + +- if (bitmap_pos < 0) { +- char *name = path_name(path, last); ++ if (bitmap_pos < 0) + bitmap_pos = ext_index_add_object(object, name); +- free(name); +- } + + bitmap_set(base, bitmap_pos); + } +@@ -902,9 +898,8 @@ struct bitmap_test_data { + size_t seen; + }; + +-static void test_show_object(struct object *object, +- struct strbuf *path, +- const char *last, void *data) ++static void test_show_object(struct object *object, const char *name, ++ void *data) + { + struct bitmap_test_data *tdata = data; + int bitmap_pos; +Index: git-2.5.0/reachable.c +=================================================================== +--- git-2.5.0.orig/reachable.c ++++ git-2.5.0/reachable.c +@@ -37,15 +37,14 @@ static int add_one_ref(const char *path, + * The traversal will have already marked us as SEEN, so we + * only need to handle any progress reporting here. + */ +-static void mark_object(struct object *obj, struct strbuf *path, +- const char *name, void *data) ++static void mark_object(struct object *obj, const char *name, void *data) + { + update_progress(data); + } + + static void mark_commit(struct commit *c, void *data) + { +- mark_object(&c->object, NULL, NULL, data); ++ mark_object(&c->object, NULL, data); + } + + struct recent_data { +Index: git-2.5.0/revision.c +=================================================================== +--- git-2.5.0.orig/revision.c ++++ git-2.5.0/revision.c +@@ -21,27 +21,14 @@ + + volatile show_early_output_fn_t show_early_output; + +-char *path_name(struct strbuf *path, const char *name) ++void show_object_with_name(FILE *out, struct object *obj, const char *name) + { +- struct strbuf ret = STRBUF_INIT; +- if (path) +- strbuf_addbuf(&ret, path); +- strbuf_addstr(&ret, name); +- return strbuf_detach(&ret, NULL); +-} +- +-void show_object_with_name(FILE *out, struct object *obj, +- struct strbuf *path, const char *component) +-{ +- char *name = path_name(path, component); +- char *p; ++ const char *p; + + fprintf(out, "%s ", sha1_to_hex(obj->sha1)); + for (p = name; *p && *p != '\n'; p++) + fputc(*p, out); + fputc('\n', out); +- +- free(name); + } + + static void mark_blob_uninteresting(struct blob *blob) +Index: git-2.5.0/revision.h +=================================================================== +--- git-2.5.0.orig/revision.h ++++ git-2.5.0/revision.h +@@ -258,8 +258,7 @@ extern void mark_tree_uninteresting(stru + + char *path_name(struct strbuf *path, const char *name); + +-extern void show_object_with_name(FILE *, struct object *, +- struct strbuf *, const char *); ++extern void show_object_with_name(FILE *, struct object *, const char *); + + extern void add_pending_object(struct rev_info *revs, + struct object *obj, const char *name); |