Re: [PATCH] do not read beyond end of malloc'd buffer

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Jim Meyering <jim@xxxxxxxxxxxx> writes:

> I was surprised to see "git diff --word-diff" output a ton of
> garbage, and tracked it down to a bug that's triggered when the
> diff.suppress-blank-empty config option to true and when at least
> one of the context lines is empty.

Heh, I am not that surprised ;-) 

I think the real culprit is a year-old 882749a (diff: add --word-diff
option that generalizes --color-words, 2010-04-14); it probably shows that
not many people use diff.s-b-e settings?

>     printf 'a\n\n[-b-]{+c+}\n' > exp
>     git init && git config diff.suppress-blank-empty true
>     printf 'a\n\nb\n' > f && git add . && git commit -m. .
>     printf 'a\n\nc\n' > f
>     git diff --word-diff | tail -3 > out
>     diff out exp
>
> Before the patch, the git diff ... command would read from beyond
> the end of a heap buffer, and "out" would contain far more than the
> expected 5 bytes.

It is a bit unfortunate that we cannot make this into a test script, as it
depends on what is on the uninitialized part of the heap, which might
happen to be a NUL in which case the test would pass.

Running tests under the valgrind mode may catch issues, though.

Thanks. Will queue with this test squashed in.

diff --git a/t/t4034-diff-words.sh b/t/t4034-diff-words.sh
index 37aeab0..c374aa4 100755
--- a/t/t4034-diff-words.sh
+++ b/t/t4034-diff-words.sh
@@ -307,4 +307,30 @@ test_language_driver python
 test_language_driver ruby
 test_language_driver tex
 
+test_expect_success 'word-diff with diff.sbe' '
+	cat >expect <<-\EOF &&
+	diff --git a/pre b/post
+	index a1a53b5..bc8fe6d 100644
+	--- a/pre
+	+++ b/post
+	@@ -1,3 +1,3 @@
+	a
+
+	[-b-]{+c+}
+	EOF
+	cat >pre <<-\EOF &&
+	a
+
+	b
+	EOF
+	cat >post <<-\EOF &&
+	a
+
+	c
+	EOF
+	test_when_finished "git config --unset diff.suppress-blank-empty" &&
+	git config diff.suppress-blank-empty true &&
+	word_diff --word-diff=plain
+'
+
 test_done
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]