On Fri, Mar 24, 2023 at 02:38:17PM -0700, Junio C Hamano wrote: > Jeff King <peff@xxxxxxxx> writes: > > > Yes, I think the SEEK_SET cases really do need to be doing more > > checking. AFAICT they are blindly trusting the offsets in the file > > (which is locally generated, so it's more of a corruption problem than a > > security one, but still). And this series improves that, which is good > > (but I still think it should be a die() and not a BUG()). > > Yes, I think by mistake I merged the topic way too early than it has > been discussed sufficiently. I haven't reverted the merge into 'next' > but it may not be a bad idea if the concensus is that the seek-like > whence interface is too ugly to live. BUG() that triggers on data > errors should be updated to die(), whether we do it as a follow-on > patch or with a replacement iteration. Yeah, I was a little surprised to see it merged down so quickly ;-). It's fine with me if you want to hold it in 'next' while I send a replacement. Otherwise, if you want to revert it out of 'next', that's fine with me too. I doubt it should take that long to reroll and address the concerns in this thread. Thanks, Taylor
