diff options
author | Jonathan Nieder <jrnieder@gmail.com> | 2010-10-13 04:48:07 -0500 |
---|---|---|
committer | Jonathan Nieder <jrnieder@gmail.com> | 2011-03-27 23:28:02 -0500 |
commit | 4c9b93ed7644a7a7c72bdd8105d88a9ebb8e3e74 (patch) | |
tree | 8f093101e2a800437287384876cef5335929eafc | |
parent | vcs-svn: implement copyfrom_data delta instruction (diff) | |
download | tgif-4c9b93ed7644a7a7c72bdd8105d88a9ebb8e3e74.tar.xz |
vcs-svn: verify that deltas consume all inline data
By constraining the format of deltas, we can more easily detect
corruption and other breakage.
Requiring deltas not to provide unconsumed data also opens the
possibility of ignoring the declared amount of novel data and simply
streaming the data as needed to fulfill copyfrom_data requests.
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Acked-by: Ramkumar Ramachandra <artagnon@gmail.com>
-rwxr-xr-x | t/t9011-svn-da.sh | 5 | ||||
-rw-r--r-- | vcs-svn/svndiff.c | 2 |
2 files changed, 4 insertions, 3 deletions
diff --git a/t/t9011-svn-da.sh b/t/t9011-svn-da.sh index ba8ce052aa..72691b9379 100755 --- a/t/t9011-svn-da.sh +++ b/t/t9011-svn-da.sh @@ -121,11 +121,10 @@ test_expect_success 'preimage view: reject truncated preimage' ' test_must_fail test-svn-fe -d preimage clear.longread 9 ' -test_expect_success 'inline data' ' +test_expect_success 'forbid unconsumed inline data' ' printf "SVNQ%b%s%b%s" "QQQQ\003" "bar" "QQQQ\001" "x" | q_to_nul >inline.clear && - test-svn-fe -d preimage inline.clear 18 >actual && - test_cmp empty actual + test_must_fail test-svn-fe -d preimage inline.clear 18 >actual ' test_expect_success 'reject truncated inline data' ' diff --git a/vcs-svn/svndiff.c b/vcs-svn/svndiff.c index ed1d4a08be..fb7dc22f92 100644 --- a/vcs-svn/svndiff.c +++ b/vcs-svn/svndiff.c @@ -208,6 +208,8 @@ static int apply_window_in_core(struct window *ctx) ) if (execute_one_instruction(ctx, &instructions, &data_pos)) return -1; + if (data_pos != ctx->data.len) + return error("invalid delta: does not copy all inline data"); return 0; } |