Message ID | 137f0fc1-fbd9-a62c-bd52-cffd26c364bf@theori.io (mailing list archive) |
---|---|
State | Superseded |
Headers | show |
Series | [v4] diff: make diff_free_filespec_data accept NULL | expand |
Hi Jinoh, On Tue, 10 Nov 2020, Jinoh Kang wrote: > Today, diff_free_filespec_data crashes when passed a NULL pointer. > Commit 3aef54e8b8 ("diff: munmap() file contents before running external > diff") introduced calls to diff_free_filespec_data in run_external_diff, > which may pass NULL pointers. > > Git uses NULL filespecs to indicate unmerged files when merge conflict > resolution is in progress. Fortunately, other code paths bail out early > even before NULL can reach diff_free_filespec_data(); however, difftool > is expected to do a full-blown diff anyway regardless of conflict > status. > > Fix this and prevent any similar bugs in the future by making > `diff_free_filespec_data(NULL)` a no-op. > > Also, add a test case that confirms that running difftool --cached with > unmerged files does not SIGSEGV. > > Signed-off-by: Jinoh Kang <luke1337@theori.io> > --- > diff.c | 3 +++ > t/t7800-difftool.sh | 23 +++++++++++++++++++++++ > 2 files changed, 26 insertions(+) > > diff --git a/diff.c b/diff.c > index d24f47df99..ace4a1d387 100644 > --- a/diff.c > +++ b/diff.c > @@ -4115,6 +4115,9 @@ void diff_free_filespec_blob(struct diff_filespec *s) > > void diff_free_filespec_data(struct diff_filespec *s) > { > + if (!s) > + return; > + I had suggested an improvement for this hunk as well as for the test case. Fell through the cracks? Ciao, Dscho > diff_free_filespec_blob(s); > FREE_AND_NULL(s->cnt_data); > } > diff --git a/t/t7800-difftool.sh b/t/t7800-difftool.sh > index 524f30f7dc..e9391abb54 100755 > --- a/t/t7800-difftool.sh > +++ b/t/t7800-difftool.sh > @@ -728,6 +728,29 @@ test_expect_success 'add -N and difftool -d' ' > git difftool --dir-diff --extcmd ls > ' > > +test_expect_success 'difftool --cached with unmerged files' ' > + test_when_finished git reset --hard && > + echo base >file && > + git add file && > + git commit -m base && > + git checkout -B conflict-a && > + git checkout -B conflict-b && > + git checkout conflict-a && > + echo conflict-a >>file && > + git add file && > + git commit -m conflict-a && > + git checkout conflict-b && > + echo conflict-b >>file && > + git add file && > + git commit -m conflict-b && > + git checkout master && > + git merge conflict-a && > + test_must_fail git merge conflict-b && > + : >expect && > + git difftool --cached --no-prompt >actual && > + test_cmp expect actual > +' > + > test_expect_success 'outside worktree' ' > echo 1 >1 && > echo 2 >2 && > -- > 2.26.2 >
Jinoh Kang <luke1337@theori.io> writes: > Today, diff_free_filespec_data crashes when passed a NULL pointer. No need to say "Today". We state how things are in the current codebase in the present tense, make observations on the way things can break (i.e. identify a bug), and outline an approach to correct it. > Commit 3aef54e8b8 ("diff: munmap() file contents before running external > diff") introduced calls to diff_free_filespec_data in run_external_diff, > which may pass NULL pointers. > > Git uses NULL filespecs to indicate unmerged files when merge conflict > resolution is in progress. Fortunately, other code paths bail out early > even before NULL can reach diff_free_filespec_data(); however, difftool > is expected to do a full-blown diff anyway regardless of conflict > status. > > Fix this and prevent any similar bugs in the future by making > `diff_free_filespec_data(NULL)` a no-op. Nicely described. > Also, add a test case that confirms that running difftool --cached with > unmerged files does not SIGSEGV. > +test_expect_success 'difftool --cached with unmerged files' ' > + test_when_finished git reset --hard && > + echo base >file && > + git add file && > + git commit -m base && > + git checkout -B conflict-a && > + git checkout -B conflict-b && The above two are not wrong per-se, but would conceptually be cleaner to use "git branch -f", because the next thing you do immediately after preparing two branches is to start working on the 'A' side, below. You could alternatively drop the above two lines and then instead turn this > + git checkout conflict-a && into "git checkout -B conflict-a master" (and similarly on the 'B' side below), which would reduce the test by two lines. That would be what I would recommend to do under normal circumstances, but since there is a separate topic that wages war on the 'master' branch, I wouldn't recommend it. > + echo conflict-a >>file && > + git add file && > + git commit -m conflict-a && > + git checkout conflict-b && > + echo conflict-b >>file && > + git add file && > + git commit -m conflict-b && > + git checkout master && > + git merge conflict-a && > + test_must_fail git merge conflict-b && > + : >expect && > + git difftool --cached --no-prompt >actual && > + test_cmp expect actual Shouldn't we omit 'expect' and use test_must_be_empty helper instead? git difftool --cached --no-prompt >actual && test_must_be_empty actual > +' > + > test_expect_success 'outside worktree' ' > echo 1 >1 && > echo 2 >2 &&
On 11/10/20 3:38 PM, Johannes Schindelin wrote: > I had suggested an improvement for this hunk as well as for the test case. > Fell through the cracks? You guessed it right. My apologies. > +test_expect_success 'difftool --cached with unmerged files' ' > + test_when_finished git reset --hard && > + echo base >file && > + git add file && > + git commit -m base && > > This does not advance the committer date. Let's just use the helper > function we invented to make this much easier: > > test_commit base > > This has also the advantage of already tagging the outcome. > >> + git checkout -B conflict-a && >> + git checkout -B conflict-b && >> + git checkout conflict-a && >> + echo conflict-a >>file && >> + git add file && >> + git commit -m conflict-a && >> + git checkout conflict-b && >> + echo conflict-b >>file && >> + git add file && >> + git commit -m conflict-b && >> + git checkout master && >> + git merge conflict-a && >> + test_must_fail git merge conflict-b && >> + : >expect && >> + git difftool --cached --no-prompt >actual && >> + test_cmp expect actual > > Shouldn't this use the `test_must_be_empty` function instead? > > How about writing the test case this way: > > test_expect_success 'difftool --cached with unmerged files' ' > test_when_finished git reset --hard && > > test_commit conflicting && > test_commit conflict-a a conflicting.t && > git reset --hard conflicting && > test_commit conflict-b b conflicting.t && > test_must_fail git merge conflict-a && > > git difftool --cached --no-prompt >out && > test_must_be_empty out > ' The original test code was copied from the "difftool --dir-diff with unmerged files" case above. It might be worth cleaning it up too, but let's leave it for another time. I'm keeping the return-early code as per Junio's request.
Hi Jinoh, On Wed, 11 Nov 2020, Jinoh Kang wrote: > On 11/10/20 3:38 PM, Johannes Schindelin wrote: > > > >> + git checkout -B conflict-a && > >> + git checkout -B conflict-b && > >> + git checkout conflict-a && > >> + echo conflict-a >>file && > >> + git add file && > >> + git commit -m conflict-a && > >> + git checkout conflict-b && > >> + echo conflict-b >>file && > >> + git add file && > >> + git commit -m conflict-b && > >> + git checkout master && > >> + git merge conflict-a && > >> + test_must_fail git merge conflict-b && > >> + : >expect && > >> + git difftool --cached --no-prompt >actual && > >> + test_cmp expect actual > > > > Shouldn't this use the `test_must_be_empty` function instead? > > > > How about writing the test case this way: > > > > test_expect_success 'difftool --cached with unmerged files' ' > > test_when_finished git reset --hard && > > > > test_commit conflicting && > > test_commit conflict-a a conflicting.t && > > git reset --hard conflicting && > > test_commit conflict-b b conflicting.t && > > test_must_fail git merge conflict-a && > > > > git difftool --cached --no-prompt >out && > > test_must_be_empty out > > ' > > The original test code was copied from the "difftool --dir-diff with > unmerged files" case above. > > It might be worth cleaning it up too, but let's leave it for another > time. Indeed. #leftoverbits Thanks, Dscho
diff --git a/diff.c b/diff.c index d24f47df99..ace4a1d387 100644 --- a/diff.c +++ b/diff.c @@ -4115,6 +4115,9 @@ void diff_free_filespec_blob(struct diff_filespec *s) void diff_free_filespec_data(struct diff_filespec *s) { + if (!s) + return; + diff_free_filespec_blob(s); FREE_AND_NULL(s->cnt_data); } diff --git a/t/t7800-difftool.sh b/t/t7800-difftool.sh index 524f30f7dc..e9391abb54 100755 --- a/t/t7800-difftool.sh +++ b/t/t7800-difftool.sh @@ -728,6 +728,29 @@ test_expect_success 'add -N and difftool -d' ' git difftool --dir-diff --extcmd ls ' +test_expect_success 'difftool --cached with unmerged files' ' + test_when_finished git reset --hard && + echo base >file && + git add file && + git commit -m base && + git checkout -B conflict-a && + git checkout -B conflict-b && + git checkout conflict-a && + echo conflict-a >>file && + git add file && + git commit -m conflict-a && + git checkout conflict-b && + echo conflict-b >>file && + git add file && + git commit -m conflict-b && + git checkout master && + git merge conflict-a && + test_must_fail git merge conflict-b && + : >expect && + git difftool --cached --no-prompt >actual && + test_cmp expect actual +' + test_expect_success 'outside worktree' ' echo 1 >1 && echo 2 >2 &&
Today, diff_free_filespec_data crashes when passed a NULL pointer. Commit 3aef54e8b8 ("diff: munmap() file contents before running external diff") introduced calls to diff_free_filespec_data in run_external_diff, which may pass NULL pointers. Git uses NULL filespecs to indicate unmerged files when merge conflict resolution is in progress. Fortunately, other code paths bail out early even before NULL can reach diff_free_filespec_data(); however, difftool is expected to do a full-blown diff anyway regardless of conflict status. Fix this and prevent any similar bugs in the future by making `diff_free_filespec_data(NULL)` a no-op. Also, add a test case that confirms that running difftool --cached with unmerged files does not SIGSEGV. Signed-off-by: Jinoh Kang <luke1337@theori.io> --- diff.c | 3 +++ t/t7800-difftool.sh | 23 +++++++++++++++++++++++ 2 files changed, 26 insertions(+)