This patch series addresses a problem where `git diff` is called using
`-G` or `-S --pickaxe-regex` on new-born files that are configured
without user diff drivers, and that hence get mmap()ed into memory.
The problem with that: mmap()ed memory is *not* NUL-terminated, yet the
pickaxe code calls regexec() on it just the same.
This problem has been reported by my colleague Chris Sidi.
Please note that this patch series is a hot fix I applied to Git for
Windows (the bug does not trigger a segmentation fault for me on Linux,
strangely enough, but it is really a problem on Windows).
So at least I have a workaround in place. Ideally, though, we would
NUL-terminate the buffers only when needed, or somehow call regexec() on
ptr/size parameters instead of passing a supposedly NUL-terminated
string to it?
Johannes Schindelin (3):
Demonstrate a problem: our pickaxe code assumes NUL-terminated buffers
diff_populate_filespec: NUL-terminate buffers
diff_grep: add assertions verifying that the buffers are
NUL-terminated
diff.c | 9 +++++++++
diffcore-pickaxe.c | 2 ++
t/t4059-diff-pickaxe.sh | 22 ++++++++++++++++++++++
3 files changed, 33 insertions(+)
create mode 100755 t/t4059-diff-pickaxe.sh
Published-As: https://github.com/dscho/git/releases/tag/mmap-regexec-v1
Fetch-It-Via: git fetch https://github.com/dscho/git mmap-regexec-v1
--
2.10.0.windows.1.2.g732a511
base-commit: 6ebdac1bab966b720d776aa43ca188fe378b1f4b
