From 5cf8e316f12ae5b096384692e1c8d35445cdf1ac Mon Sep 17 00:00:00 2001 From: Todd Zullinger Date: Wed, 13 Jun 2018 18:36:50 -0400 Subject: [PATCH] Apply upstream zlib buffer handling patch (#1582555) With the patch accepted upstream, apply it to all architectures. --- ...ackfile-Correct-zlib-buffer-handling.patch | 50 ------------------- ...ackfile-correct-zlib-buffer-handling.patch | 38 ++++++++++++++ git.spec | 15 ++---- 3 files changed, 43 insertions(+), 60 deletions(-) delete mode 100644 0001-packfile-Correct-zlib-buffer-handling.patch create mode 100644 0001-packfile-correct-zlib-buffer-handling.patch diff --git a/0001-packfile-Correct-zlib-buffer-handling.patch b/0001-packfile-Correct-zlib-buffer-handling.patch deleted file mode 100644 index 7de2b9a..0000000 --- a/0001-packfile-Correct-zlib-buffer-handling.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 0255347aed203301302e3f8e39fa87349e178019 Mon Sep 17 00:00:00 2001 -From: Jeremy Linton -Date: Fri, 25 May 2018 17:56:01 -0500 -Subject: [PATCH] packfile: Correct zlib buffer handling - -The buffer being passed to zlib includes a null terminator that -git needs to keep in place. unpack_compressed_entry() attempts to -detect the case that the source buffer hasn't been fully consumed -by checking to see if the destination buffer has been over consumed. - -This yields two problems, first a single byte overrun won't be detected -properly because the Z_STREAM_END will then be set, but the null -terminator will have been overwritten. The other problem is that -more recent zlib patches have been poisoning the unconsumed portions -of the buffers which also overwrites the null, while correctly -returning length and status. - -Lets rely on the fact that the source buffer will only be fully -consumed when the when the destination buffer is inflated to the -correct size. We can do this by passing zlib the correct buffer size -and properly checking the return status. The latter check actually -already exists if the buffer size is correct. - -Signed-off-by: Jeremy Linton ---- - packfile.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/packfile.c b/packfile.c -index 7c1a2519fc..245eb32041 100644 ---- a/packfile.c -+++ b/packfile.c -@@ -1416,7 +1416,7 @@ static void *unpack_compressed_entry(struct packed_git *p, - return NULL; - memset(&stream, 0, sizeof(stream)); - stream.next_out = buffer; -- stream.avail_out = size + 1; -+ stream.avail_out = size; - - git_inflate_init(&stream); - do { -@@ -1424,7 +1424,7 @@ static void *unpack_compressed_entry(struct packed_git *p, - stream.next_in = in; - st = git_inflate(&stream, Z_FINISH); - if (!stream.avail_out) -- break; /* the payload is larger than it should be */ -+ break; /* done, st indicates if source fully consumed */ - curpos += stream.next_in - in; - } while (st == Z_OK || st == Z_BUF_ERROR); - git_inflate_end(&stream); diff --git a/0001-packfile-correct-zlib-buffer-handling.patch b/0001-packfile-correct-zlib-buffer-handling.patch new file mode 100644 index 0000000..94b646e --- /dev/null +++ b/0001-packfile-correct-zlib-buffer-handling.patch @@ -0,0 +1,38 @@ +From b611396e97cba09c7e1cf900190cf1a9e922546e Mon Sep 17 00:00:00 2001 +From: Jeremy Linton +Date: Wed, 13 Jun 2018 09:22:07 -0500 +Subject: [PATCH] packfile: correct zlib buffer handling + +The buffer being passed to zlib includes a NUL terminator that git +needs to keep in place. unpack_compressed_entry() attempts to detect +the case that the source buffer hasn't been fully consumed by +checking to see if the destination buffer has been over consumed. + +This causes a problem, that more recent zlib patches have been +poisoning the unconsumed portions of the buffer which overwrites +the NUL byte, while correctly returning length and status. + +Let's place the NUL at the end of the buffer after inflate returns +to assure that it doesn't result in problems for git even if its +been overwritten by zlib. + +Signed-off-by: Jeremy Linton +Signed-off-by: Junio C Hamano +--- + packfile.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/packfile.c b/packfile.c +index 4a5fe7ab18838..d55569921793e 100644 +--- a/packfile.c ++++ b/packfile.c +@@ -1422,6 +1422,9 @@ static void *unpack_compressed_entry(struct packed_git *p, + return NULL; + } + ++ /* versions of zlib can clobber unconsumed portion of outbuf */ ++ buffer[size] = '\0'; ++ + return buffer; + } + diff --git a/git.spec b/git.spec index 99c50be..9b4bf9d 100644 --- a/git.spec +++ b/git.spec @@ -109,11 +109,6 @@ Source14: gitweb.conf.in Source15: git@.service.in Source16: git.socket -# https://bugzilla.redhat.com/1582555 -# https://public-inbox.org/git/20180525231713.23047-1-lintonrjeremy@gmail.com/ -# This patch is applied manually on aarch64 only, until it is accepted # upstream -Source20: 0001-packfile-Correct-zlib-buffer-handling.patch - # Script to print test failure output (used in %%check) Source99: print-failed-test-output @@ -123,6 +118,10 @@ Patch1: git-cvsimport-Ignore-cvsps-2.2b1-Branches-output.patch # https://github.com/gitster/git/commit/f2cb01d35 # https://public-inbox.org/git/20180601174644.13055-1-phillip.wood@talktalk.net/ Patch2: 0001-add-p-fix-counting-empty-context-lines-in-edited-pat.patch +# https://bugzilla.redhat.com/1582555 +# https://github.com/gitster/git/commit/b611396e97.patch +# https://public-inbox.org/git/20180525231713.23047-1-lintonrjeremy@gmail.com/ +Patch3: 0001-packfile-correct-zlib-buffer-handling.patch %if %{with docs} BuildRequires: asciidoc >= 8.4.1 @@ -418,11 +417,6 @@ rm -rf "$tar" "$gpghome" # Cleanup tar files and tmp gpg home dir # https://bugzilla.redhat.com/1310704 %autosetup -p1 -n %{name}-%{version}%{?rcrev} -# Apply aarch64 zlib patch (https://bugzilla.redhat.com/1582555) -%ifarch aarch64 -%apply_patch %{SOURCE20} -%endif - # Install print-failed-test-output script install -p -m 755 %{SOURCE99} print-failed-test-output @@ -876,6 +870,7 @@ make test || ./print-failed-test-output %changelog * Wed Jun 13 2018 Todd Zullinger - 2.18.0-0.2.rc2 - Update to 2.18.0-rc2 +- Apply upstream zlib buffer handling patch (#1582555) * Wed Jun 06 2018 Todd Zullinger - Include git-contacts, SubmittingPatches suggests it to users