On Thu, Jan 14, 2021 at 07:07:08AM -0500, Derrick Stolee wrote: > >> + * If a '.rev' file is present, it is checked for consistency, mmap'd, and > >> + * pointers are assigned into it (instead of using the in-memory variant). > > > > Hmph, I missed where it got checked for consistency, though. If the > > file is corrupt and has say duplicated entries, we'd happily grab > > the data via get_be32(), for example. > > Even if the consistency check is just verifying the trailing hash, that > seems like something that requires O(N) before performing a lookup. Perhaps > this was copied from somewhere else, or means something different? For the .idx file, we check that the size is what we expect. This is important because it lets us access the mapped bytes in normal use without having to do a bounds check. It looks like we do the same for the .rev file here, which is good. If calling that "checked for consistency" is too strong, I don't think it's a big deal to drop the wording (we do not make any such claim for open_pack_index()). -Peff
