git/setup-don-t-fail-if-commondir-reference-is-deleted.patch
Dirk Mueller 5792d0456b - Add CVE-2024-24577.patch
* CVE-2024-24577: arbitrary code execution due to heap corruption
    in git_index_add (boo#1219660)

OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/git?expand=0&rev=650
2024-07-19 09:14:49 +00:00

68 lines
2.1 KiB
Diff

From 37df7fd81c3dee990bd7723f18c94713a0d842b6 Mon Sep 17 00:00:00 2001
From: Michal Suchanek <msuchanek@suse.de>
Date: Fri, 15 Feb 2019 18:46:20 +0100
Subject: [PATCH] setup: don't fail if commondir reference is deleted.
Apparently it can happen that stat() claims there is a commondir file but when
trying to open the file it is missing.
Another even rarer issue is that the file might be zero size because another
process initializing a worktree opened the file but has not written is content
yet.
When any of this happnes git aborts failing to perform perfectly valid
command because unrelated worktree is not yet fully initialized.
Rather than testing if the file exists before reading it handle ENOENT
and ENOTDIR.
Signed-off-by: Michal Suchanek <msuchanek@suse.de>
---
v2:
- do not test file existence first, just read it and handle ENOENT.
- handle zero size file correctly
v3:
- handle ENOTDIR as well
- add more details to commit message
---
setup.c | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
Index: git-2.43.1/setup.c
===================================================================
--- git-2.43.1.orig/setup.c
+++ git-2.43.1/setup.c
@@ -316,12 +316,20 @@ int get_common_dir_noenv(struct strbuf *
{
struct strbuf data = STRBUF_INIT;
struct strbuf path = STRBUF_INIT;
- int ret = 0;
+ int ret;
strbuf_addf(&path, "%s/commondir", gitdir);
- if (file_exists(path.buf)) {
- if (strbuf_read_file(&data, path.buf, 0) <= 0)
+ ret = strbuf_read_file(&data, path.buf, 0);
+ if (ret <= 0) {
+ /*
+ * if file is missing or zero size (just being written)
+ * assume default, bail otherwise
+ */
+ if (ret && errno != ENOENT && errno != ENOTDIR)
die_errno(_("failed to read %s"), path.buf);
+ strbuf_addstr(sb, gitdir);
+ ret = 0;
+ } else {
while (data.len && (data.buf[data.len - 1] == '\n' ||
data.buf[data.len - 1] == '\r'))
data.len--;
@@ -332,8 +340,6 @@ int get_common_dir_noenv(struct strbuf *
strbuf_addbuf(&path, &data);
strbuf_add_real_path(sb, path.buf);
ret = 1;
- } else {
- strbuf_addstr(sb, gitdir);
}
strbuf_release(&data);