Hi Stolee
On 07/10/2021 14:35, Derrick Stolee wrote:
On 10/7/2021 5:50 AM, Phillip Wood via GitGitGadget wrote:
From: Phillip Wood <phillip.wood@xxxxxxxxxxxxx>
In a sparse index it is possible for the tree that is being verified
to be freed while it is being verified. This happens when the index is
sparse but the cache tree is not and index_name_pos() looks up a path
from the cache tree that is a descendant of a sparse index entry. That
triggers a call to ensure_full_index() which frees the cache tree that
is being verified. Carrying on trying to verify the tree after this
results in a use-after-free bug. Instead restart the verification if a
sparse index is converted to a full index. This bug is triggered by a
call to reset_head() in "git rebase --apply". Thanks to René Scharfe
and Derick Stolee for their help analyzing the problem.
nit: s/Derick/Derrick/
Sorry, maybe Junio can tweak that when he applies the patch, if not I'll
fix it.
Otherwise, this version looks good to me. Thanks for putting the last
bit of polish on it.
I'm taking this patch into our microsoft/git fork as we speak [1].
[1] https://github.com/microsoft/git/pull/439
That's nice to know, Thanks
Phillip
