D7105: dirs: reject consecutive slashes in paths

Submitter	phabricator
Date	Oct. 15, 2019, 1:55 p.m.
Message ID	<differential-rev-PHID-DREV-afxdovcr5afybxjq2adl-req@mercurial-scm.org>
Download	mbox \| patch
Permalink	/patch/42356/
State	Superseded
Headers	show Return-Path: <mercurial-devel-bounces@mercurial-scm.org> Date: Tue, 15 Oct 2019 13:55:04 +0000 To: Phabricator <phabricator@mercurial-scm.org> From: "durin42 (Augie Fackler)" <phabricator@mercurial-scm.org> Subject: D7105: dirs: reject consecutive slashes in paths Message-ID: <differential-rev-PHID-DREV-afxdovcr5afybxjq2adl-req@mercurial-scm.org> Precedence: bulk Thread-Topic: PHID-DREV-afxdovcr5afybxjq2adl Thread-Index: YzZlYWIxMDlhNzc4MDJlY2IzMmM2MGVjYjA4 MIME-Version: 1.0 Cc: mercurial-devel@mercurial-scm.org Reply-To: "durin42 \(Augie Fackler\)" <phabricator+D7105+public+303784484a105d45@mercurial-scm.org> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: mercurial-devel-bounces@mercurial-scm.org Sender: "Mercurial-devel" <mercurial-devel-bounces@mercurial-scm.org>

Comments

phabricator - Oct. 15, 2019, 1:55 p.m.

durin42 created this revision.
Herald added a subscriber: mercurial-devel.
Herald added a reviewer: hg-reviewers.

REVISION SUMMARY
  We shouldn't ever see those, and the fuzzer go really excited that if
  it gives us a 65k string with 55k slashes in it we use a lot of RAM.

REPOSITORY
  rHG Mercurial

REVISION DETAIL
  https://phab.mercurial-scm.org/D7105

AFFECTED FILES
  mercurial/cext/dirs.c

CHANGE DETAILS




To: durin42, #hg-reviewers
Cc: mercurial-devel

phabricator - Oct. 16, 2019, 1:52 a.m.

This revision is now accepted and ready to land.
indygreg added a comment.
indygreg accepted this revision.


  This seems strictly correct, since the `dirs` type should be internal and should be well-formed.

REPOSITORY
  rHG Mercurial

CHANGES SINCE LAST ACTION
  https://phab.mercurial-scm.org/D7105/new/

REVISION DETAIL
  https://phab.mercurial-scm.org/D7105

To: durin42, #hg-reviewers, indygreg
Cc: indygreg, mercurial-devel

phabricator - Oct. 17, 2019, 2:38 a.m.

indygreg added a comment.


  I dropped this from committed because of discussion on this review and because Windows was not happy with the change:
  
    mercurial/cext/dirs.c(75) : error C2275: 'PyObject' : illegal use of this type as an expression
            c:\dev\python27-64\include\object.h(108) : see declaration of 'PyObject'
    mercurial/cext/dirs.c(75) : error C2065: 'val' : undeclared identifier
    mercurial/cext/dirs.c(81) : error C2065: 'val' : undeclared identifier
    mercurial/cext/dirs.c(81) : warning C4047: '=' : 'int' differs in levels of indirection from 'PyObject *'
    mercurial/cext/dirs.c(82) : error C2065: 'val' : undeclared identifier
    mercurial/cext/dirs.c(82) : warning C4047: '!=' : 'int' differs in levels of indirection from 'void *'
    mercurial/cext/dirs.c(83) : error C2065: 'val' : undeclared identifier
    mercurial/cext/dirs.c(92) : error C2065: 'val' : undeclared identifier
    mercurial/cext/dirs.c(92) : warning C4047: '=' : 'int' differs in levels of indirection from 'PyObject *'
    mercurial/cext/dirs.c(95) : error C2065: 'val' : undeclared identifier
    mercurial/cext/dirs.c(95) : warning C4047: '==' : 'int' differs in levels of indirection from 'void *'
    mercurial/cext/dirs.c(98) : error C2065: 'val' : undeclared identifier
    mercurial/cext/dirs.c(99) : error C2065: 'val' : undeclared identifier
    mercurial/cext/dirs.c(99) : warning C4047: 'function' : 'PyObject *' differs in levels of indirection from 'int'
    mercurial/cext/dirs.c(99) : warning C4024: 'PyDict_SetItem' : different types for formal and actual parameter 3
    mercurial/cext/dirs.c(100) : error C2065: 'val' : undeclared identifier
    mercurial/cext/dirs.c(100) : error C2065: 'val' : undeclared identifier
    mercurial/cext/dirs.c(100) : error C2065: 'val' : undeclared identifier
    error: command 'C:\\Users\\gps\\AppData\\Local\\Programs\\Common\\Microsoft\\Visual C++ for Python\\9.0\\VC\\Bin\\amd64\\cl.exe' failed with exit status 2
  
  TBH I'm not sure what's going on there. Perhaps a bad byte/newline sequence in the file?
  
  `1f04c51d52eadb12bfbb6fba8eca27e742ea88d4` is the node that was dropped.

REPOSITORY
  rHG Mercurial

CHANGES SINCE LAST ACTION
  https://phab.mercurial-scm.org/D7105/new/

REVISION DETAIL
  https://phab.mercurial-scm.org/D7105

To: durin42, #hg-reviewers, indygreg
Cc: yuja, indygreg, mercurial-devel

Yuya Nishihara - Oct. 17, 2019, 12:03 p.m.

>   TBH I'm not sure what's going on there. Perhaps a bad byte/newline sequence in the file?

It's a C89 thing. Declarations must come first.

phabricator - Oct. 17, 2019, 11:30 p.m.

yuja added a comment.


  >   TBH I'm not sure what's going on there. Perhaps a bad byte/newline sequence in the file?
  
  It's a C89 thing. Declarations must come first.

REPOSITORY
  rHG Mercurial

CHANGES SINCE LAST ACTION
  https://phab.mercurial-scm.org/D7105/new/

REVISION DETAIL
  https://phab.mercurial-scm.org/D7105

To: durin42, #hg-reviewers, indygreg
Cc: yuja, indygreg, mercurial-devel

Patch

diff --git a/mercurial/cext/dirs.c b/mercurial/cext/dirs.c
--- a/mercurial/cext/dirs.c
+++ b/mercurial/cext/dirs.c
@@ -52,6 +52,7 @@ 
 {
 	const char *cpath = PyBytes_AS_STRING(path);
 	Py_ssize_t pos = PyBytes_GET_SIZE(path);
+	Py_ssize_t prev_pos = -1;
 	PyObject *key = NULL;
 	int ret = -1;
 
@@ -64,6 +65,13 @@ 
 	 * locations, the references are known so these violations should go
 	 * unnoticed. */
 	while ((pos = _finddir(cpath, pos - 1)) != -1) {
+		if (pos && prev_pos == pos + 1) {
+			PyErr_SetString(
+			    PyExc_ValueError,
+			    "invalid empty directory name in dirs.c _addpath");
+			return -1;
+		}
+		prev_pos = pos;
 		PyObject *val;
 
 		key = PyBytes_FromStringAndSize(cpath, pos);

Patchwork D7105: dirs: reject consecutive slashes in paths

Comments

Patch