Merge branch 'jk/detect-truncated-zlib-input' into maint
A regression in Git 2.12 era made "git fsck" fall into an infinite
loop while processing truncated loose objects.
* jk/detect-truncated-zlib-input:
cat-file: handle streaming failures consistently
check_stream_sha1(): handle input underflow
t1450: check large blob in trailing-garbage test
diff --git a/builtin/cat-file.c b/builtin/cat-file.c
index 64ec174..0520cec 100644
--- a/builtin/cat-file.c
+++ b/builtin/cat-file.c
@@ -50,6 +50,13 @@
return 0;
}
+static int stream_blob(const struct object_id *oid)
+{
+ if (stream_blob_to_fd(1, oid, NULL, 0))
+ die("unable to stream %s to stdout", oid_to_hex(oid));
+ return 0;
+}
+
static int cat_one_file(int opt, const char *exp_type, const char *obj_name,
int unknown_type)
{
@@ -131,7 +138,7 @@
}
if (type == OBJ_BLOB)
- return stream_blob_to_fd(1, &oid, NULL, 0);
+ return stream_blob(&oid);
buf = read_object_file(&oid, &type, &size);
if (!buf)
die("Cannot read object %s", obj_name);
@@ -154,7 +161,7 @@
oidcpy(&blob_oid, &oid);
if (oid_object_info(the_repository, &blob_oid, NULL) == OBJ_BLOB)
- return stream_blob_to_fd(1, &blob_oid, NULL, 0);
+ return stream_blob(&blob_oid);
/*
* we attempted to dereference a tag to a blob
* and failed; there may be new dereference
@@ -317,8 +324,9 @@
BUG("invalid cmdmode: %c", opt->cmdmode);
batch_write(opt, contents, size);
free(contents);
- } else if (stream_blob_to_fd(1, oid, NULL, 0) < 0)
- die("unable to stream %s to stdout", oid_to_hex(oid));
+ } else {
+ stream_blob(oid);
+ }
}
else {
enum object_type type;
diff --git a/sha1-file.c b/sha1-file.c
index 2edf456..03b86ae 100644
--- a/sha1-file.c
+++ b/sha1-file.c
@@ -2191,7 +2191,8 @@
* see the comment in unpack_sha1_rest for details.
*/
while (total_read <= size &&
- (status == Z_OK || status == Z_BUF_ERROR)) {
+ (status == Z_OK ||
+ (status == Z_BUF_ERROR && !stream->avail_out))) {
stream->next_out = buf;
stream->avail_out = sizeof(buf);
if (size - total_read < stream->avail_out)
diff --git a/t/t1450-fsck.sh b/t/t1450-fsck.sh
index 0f2dd26..b5677d2 100755
--- a/t/t1450-fsck.sh
+++ b/t/t1450-fsck.sh
@@ -673,16 +673,35 @@
test_i18ngrep "garbage.*$commit" out
'
-test_expect_success 'fsck detects trailing loose garbage (blob)' '
+test_expect_success 'fsck detects trailing loose garbage (large blob)' '
blob=$(echo trailing | git hash-object -w --stdin) &&
file=$(sha1_file $blob) &&
test_when_finished "remove_object $blob" &&
chmod +w "$file" &&
echo garbage >>"$file" &&
- test_must_fail git fsck 2>out &&
+ test_must_fail git -c core.bigfilethreshold=5 fsck 2>out &&
test_i18ngrep "garbage.*$blob" out
'
+test_expect_success 'fsck detects truncated loose object' '
+ # make it big enough that we know we will truncate in the data
+ # portion, not the header
+ test-tool genrandom truncate 4096 >file &&
+ blob=$(git hash-object -w file) &&
+ file=$(sha1_file $blob) &&
+ test_when_finished "remove_object $blob" &&
+ test_copy_bytes 1024 <"$file" >tmp &&
+ rm "$file" &&
+ mv -f tmp "$file" &&
+
+ # check both regular and streaming code paths
+ test_must_fail git fsck 2>out &&
+ test_i18ngrep corrupt.*$blob out &&
+
+ test_must_fail git -c core.bigfilethreshold=128 fsck 2>out &&
+ test_i18ngrep corrupt.*$blob out
+'
+
# for each of type, we have one version which is referenced by another object
# (and so while unreachable, not dangling), and another variant which really is
# dangling.
