diff options
author | Nguyễn Thái Ngọc Duy <pclouds@gmail.com> | 2016-07-13 17:44:03 +0200 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2016-07-13 09:15:17 -0700 |
commit | af92a645d30b9ac775cdfe5dd56ea1d66fb6e492 (patch) | |
tree | 9d05f4e5817eaf429e596bb1966014012ff9732a /imap-send.c | |
parent | index-pack: correct "offset" type in unpack_entry_data() (diff) | |
download | tgif-af92a645d30b9ac775cdfe5dd56ea1d66fb6e492.tar.xz |
pack-objects: do not truncate result in-pack object size on 32-bit systems
A typical diff will not show what's going on and you need to see full
functions. The core code is like this, at the end of of write_one()
e->idx.offset = *offset;
size = write_object(f, e, *offset);
if (!size) {
e->idx.offset = recursing;
return WRITE_ONE_BREAK;
}
written_list[nr_written++] = &e->idx;
/* make sure off_t is sufficiently large not to wrap */
if (signed_add_overflows(*offset, size))
die("pack too large for current definition of off_t");
*offset += size;
Here we can see that the in-pack object size is returned by
write_object (or indirectly by write_reuse_object). And it's used to
calculate object offsets, which end up in the pack index file,
generated at the end.
If "size" overflows (on 32-bit sytems, unsigned long is 32-bit while
off_t can be 64-bit), we got wrong offsets and produce incorrect .idx
file, which may make it look like the .pack file is corrupted.
Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'imap-send.c')
0 files changed, 0 insertions, 0 deletions