[PATCH] revision.c: set-up "index_state.repo", don't segfault in pack-objects

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Narrowly fix a segfault that's been reported against pack-objects at
[1] and [2].

This fixes a segfault in "git pack-objects", see a reports at [1] and
[2]. In that case we'd go through the add_index_objects_to_pending()
codepath being modified here, and eventually call into
new_untracked_cache().

We'd then segfault in new_untracked_cache_flags() as we tried to use a
NULL "repo" extracted from the "struct index_state".

The segfault we ran into there is only a symptom of a much bigger
problem, namely that we have various "struct index_state" variables
constructed in various places, and then call into functions that might
expect to have a non-NULL "repo" member. In follow-up work we'll fix
that more general problem, but let's just fix the segfault for now.

1. https://lore.kernel.org/git/977a6e0e-251c-4fa5-8b3b-fa3e2a761926@xxxxxxxxxxxxxxxx/
2. https://lore.kernel.org/git/ecb6fa27-b918-4234-8e44-13c2a3e76e07@xxxxxxxxx/

Reported-by: Paul Horn <git@knutwalker.engineer>
Reported-by: Emily Noneman <emily.noneman@xxxxxxxxx>
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@xxxxxxxxx>
---

On Thu, Aug 04 2022, Emily Noneman wrote:
> Ævar Arnfjörð Bjarmason, your patch fixed the issue for me! Thank you!

Thanks, would you mind testing this more narrow fix, I think it should
fix the segfault too, but let's be sure & confirm it.

I haven't (and haven't really tried) to come up with a regression fix
for this. I have changes that come after this which extensively test
the same issue elsewhere, so maybe it's not needed...

 revision.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/revision.c b/revision.c
index 87f1c117d13..48c2f1b91a8 100644
--- a/revision.c
+++ b/revision.c
@@ -1775,7 +1775,7 @@ void add_index_objects_to_pending(struct rev_info *revs, unsigned int flags)
 	worktrees = get_worktrees();
 	for (p = worktrees; *p; p++) {
 		struct worktree *wt = *p;
-		struct index_state istate = { NULL };
+		struct index_state istate = { .repo = revs->repo };
 
 		if (wt->is_current)
 			continue; /* current index already taken care of */
-- 
2.37.1.1283.g2c56c4202c5
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux