Re: [PATCH 1/3] prune-packed: fix a possible buffer overflow

2013-12-20 Thread Jeff King
On Thu, Dec 19, 2013 at 05:33:55PM +0100, Michael Haggerty wrote: > > But we don't loop on ENOENT. So if the rmdir happens in the middle, > > after the mkdir but before we call open again, we'd fail, because we > > don't treat ENOENT specially in the second call to open. That is > > unlikely to ha

Re: [PATCH 1/3] prune-packed: fix a possible buffer overflow

2013-12-19 Thread Michael Haggerty
On 12/19/2013 01:04 AM, Jeff King wrote: > On Wed, Dec 18, 2013 at 11:44:58PM +0100, Michael Haggerty wrote: > >> [While doing so, I got sidetracked by the question: what happens if a >> prune process deletes the "objects/XX" directory just the same moment >> that another process is trying to writ

Re: [PATCH 1/3] prune-packed: fix a possible buffer overflow

2013-12-18 Thread Duy Nguyen
On Wed, Dec 18, 2013 at 1:43 AM, Junio C Hamano wrote: > Duy Nguyen writes: > >> Why don't we take this opportunity to replace that array with a >> strbuf? The conversion looks simple with this function. > > Indeed. Something like this, perhaps? Yes, looking good. > void prune_packed_objects(

Re: [PATCH 1/3] prune-packed: fix a possible buffer overflow

2013-12-18 Thread Jeff King
On Wed, Dec 18, 2013 at 11:44:58PM +0100, Michael Haggerty wrote: > [While doing so, I got sidetracked by the question: what happens if a > prune process deletes the "objects/XX" directory just the same moment > that another process is trying to write an object into that directory? > I think the r

Re: [PATCH 1/3] prune-packed: fix a possible buffer overflow

2013-12-18 Thread Michael Haggerty
On 12/17/2013 07:43 PM, Junio C Hamano wrote: > Duy Nguyen writes: > >> Why don't we take this opportunity to replace that array with a >> strbuf? The conversion looks simple with this function. > > Indeed. Something like this, perhaps? > [...] Frankly, with my initial patches I was just tryin

Re: [PATCH 1/3] prune-packed: fix a possible buffer overflow

2013-12-17 Thread Junio C Hamano
Duy Nguyen writes: > Why don't we take this opportunity to replace that array with a > strbuf? The conversion looks simple with this function. Indeed. Something like this, perhaps? builtin/prune-packed.c | 38 +- 1 file changed, 21 insertions(+), 17 deletio

Re: [PATCH 1/3] prune-packed: fix a possible buffer overflow

2013-12-17 Thread Duy Nguyen
On Tue, Dec 17, 2013 at 8:43 PM, Michael Haggerty wrote: > The pathname character array might hold: > > strlen(pathname) -- the pathname argument > '/' -- a slash, if not already present in pathname > %02x/-- the first two characters of the SHA-1 plus slash >

[PATCH 1/3] prune-packed: fix a possible buffer overflow

2013-12-17 Thread Michael Haggerty
The pathname character array might hold: strlen(pathname) -- the pathname argument '/' -- a slash, if not already present in pathname %02x/-- the first two characters of the SHA-1 plus slash 38 characters-- the last 38 characters of the SHA-1 NUL