Patchwork [1,of,2] parsers: read sizes of metadata pair of obsolete marker at once

login
register
mail settings
Submitter Yuya Nishihara
Date Oct. 11, 2015, 1:07 p.m.
Message ID <d81b75826e27c7a12585.1444568825@mimosa>
Download mbox | patch
Permalink /patch/10946/
State Accepted
Headers show

Comments

Yuya Nishihara - Oct. 11, 2015, 1:07 p.m.
# HG changeset patch
# User Yuya Nishihara <yuya@tcha.org>
# Date 1444556501 -32400
#      Sun Oct 11 18:41:41 2015 +0900
# Node ID d81b75826e27c7a12585f95d5f48b4f580750ffd
# Parent  e2f8db6c17d8e2b227d2f83dc072181d54ebafb9
parsers: read sizes of metadata pair of obsolete marker at once

This will make it easy to implement bound checking. Currently fm1readmarker()
has no protection for corrupted obsstore and can cause infinite loop or
out-of-bound reads.

Patch

diff --git a/mercurial/parsers.c b/mercurial/parsers.c
--- a/mercurial/parsers.c
+++ b/mercurial/parsers.c
@@ -2630,12 +2630,12 @@  static PyObject *fm1readmarker(const cha
 	}
 	for (i = 0; i < nmetadata; i++) {
 		PyObject *tmp, *left = NULL, *right = NULL;
-		Py_ssize_t metasize = (unsigned char)(*data++);
-		left = PyString_FromStringAndSize(meta, metasize);
-		meta += metasize;
-		metasize = (unsigned char)(*data++);
-		right = PyString_FromStringAndSize(meta, metasize);
-		meta += metasize;
+		Py_ssize_t leftsize = (unsigned char)(*data++);
+		Py_ssize_t rightsize = (unsigned char)(*data++);
+		left = PyString_FromStringAndSize(meta, leftsize);
+		meta += leftsize;
+		right = PyString_FromStringAndSize(meta, rightsize);
+		meta += rightsize;
 		tmp = PyTuple_New(2);
 		if (!left || !right || !tmp) {
 			Py_XDECREF(left);