We shouldn't ever see those, and the fuzzer go really excited that if
it gives us a 65k string with 55k slashes in it we use a lot of RAM.
Details
Details
- Reviewers
indygreg - Group Reviewers
hg-reviewers - Commits
- rHG1f04c51d52ea: dirs: reject consecutive slashes in paths
Diff Detail
Diff Detail
- Repository
- rHG Mercurial
- Lint
Automatic diff as part of commit; lint not applicable. - Unit
Automatic diff as part of commit; unit tests not applicable.
Event Timeline
Comment Actions
This seems strictly correct, since the dirs type should be internal and should be well-formed.
Comment Actions
diff --git a/mercurial/cext/dirs.c b/mercurial/cext/dirs.c
- a/mercurial/cext/dirs.c
+++ b/mercurial/cext/dirs.c
@@ -52,6 +52,7 @@
{const char *cpath = PyBytes_AS_STRING(path); Py_ssize_t pos = PyBytes_GET_SIZE(path);+ Py_ssize_t prev_pos = -1;
PyObject *key = NULL; int ret = -1;@@ -64,6 +65,13 @@
- locations, the references are known so these violations should go
- unnoticed. */ while ((pos = _finddir(cpath, pos - 1)) != -1) {
+ if (pos && prev_pos == pos + 1) {
Maybe it's better to reject leading "/" and trailing "/".
+ PyErr_SetString(
+ PyExc_ValueError,
+ "invalid empty directory name in dirs.c _addpath");
+ return -1;
goto bail; is the way to error out from this function, though it doesn't
matter here.
Comment Actions
I dropped this from committed because of discussion on this review and because Windows was not happy with the change:
mercurial/cext/dirs.c(75) : error C2275: 'PyObject' : illegal use of this type as an expression
c:\dev\python27-64\include\object.h(108) : see declaration of 'PyObject'
mercurial/cext/dirs.c(75) : error C2065: 'val' : undeclared identifier
mercurial/cext/dirs.c(81) : error C2065: 'val' : undeclared identifier
mercurial/cext/dirs.c(81) : warning C4047: '=' : 'int' differs in levels of indirection from 'PyObject *'
mercurial/cext/dirs.c(82) : error C2065: 'val' : undeclared identifier
mercurial/cext/dirs.c(82) : warning C4047: '!=' : 'int' differs in levels of indirection from 'void *'
mercurial/cext/dirs.c(83) : error C2065: 'val' : undeclared identifier
mercurial/cext/dirs.c(92) : error C2065: 'val' : undeclared identifier
mercurial/cext/dirs.c(92) : warning C4047: '=' : 'int' differs in levels of indirection from 'PyObject *'
mercurial/cext/dirs.c(95) : error C2065: 'val' : undeclared identifier
mercurial/cext/dirs.c(95) : warning C4047: '==' : 'int' differs in levels of indirection from 'void *'
mercurial/cext/dirs.c(98) : error C2065: 'val' : undeclared identifier
mercurial/cext/dirs.c(99) : error C2065: 'val' : undeclared identifier
mercurial/cext/dirs.c(99) : warning C4047: 'function' : 'PyObject *' differs in levels of indirection from 'int'
mercurial/cext/dirs.c(99) : warning C4024: 'PyDict_SetItem' : different types for formal and actual parameter 3
mercurial/cext/dirs.c(100) : error C2065: 'val' : undeclared identifier
mercurial/cext/dirs.c(100) : error C2065: 'val' : undeclared identifier
mercurial/cext/dirs.c(100) : error C2065: 'val' : undeclared identifier
error: command 'C:\\Users\\gps\\AppData\\Local\\Programs\\Common\\Microsoft\\Visual C++ for Python\\9.0\\VC\\Bin\\amd64\\cl.exe' failed with exit status 2TBH I'm not sure what's going on there. Perhaps a bad byte/newline sequence in the file?
1f04c51d52eadb12bfbb6fba8eca27e742ea88d4 is the node that was dropped.
Comment Actions
TBH I'm not sure what's going on there. Perhaps a bad byte/newline sequence in the file?
It's a C89 thing. Declarations must come first.