From 8ed51b066681adc88723dbe07b878904c348fdf6 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Tue, 14 May 2019 08:04:31 -0400 Subject: help_unknown_ref(): duplicate collected refnames When "git merge" sees an unknown refname, we iterate through the refs to try to suggest some possible alternates. We do so with for_each_ref(), and in the callback we add some of the refnames we get to a string_list that is declared with NODUP, directly adding a pointer into the refname string our callback received. But the for_each_ref() machinery does not promise that the refname string will remain valid, and as a result we may print garbage memory. The code in question dates back to its inception in e56181060e (help: add help_unknown_ref(), 2013-05-04). But back then, the refname strings generally did remain stable, at least immediately after the for_each_ref() call. Later, in d1cf15516f (packed_ref_iterator_begin(): iterate using `mmapped_ref_iterator`, 2017-09-25), we started consistently re-using a separate buffer for packed refs. The fix is simple: duplicate the strings we intend to collect. We already call string_list_clear(), so the memory is correctly freed. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- help.c | 2 +- t/t7600-merge.sh | 14 ++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/help.c b/help.c index 520c9080e8..5583f6cded 100644 --- a/help.c +++ b/help.c @@ -773,7 +773,7 @@ static int append_similar_ref(const char *refname, const struct object_id *oid, static struct string_list guess_refs(const char *ref) { struct similar_ref_cb ref_cb; - struct string_list similar_refs = STRING_LIST_INIT_NODUP; + struct string_list similar_refs = STRING_LIST_INIT_DUP; ref_cb.base_ref = ref; ref_cb.similar_refs = &similar_refs; diff --git a/t/t7600-merge.sh b/t/t7600-merge.sh index 106148254d..592850cef7 100755 --- a/t/t7600-merge.sh +++ b/t/t7600-merge.sh @@ -822,4 +822,18 @@ test_expect_success EXECKEEPSPID 'killed merge can be completed with --continue' verify_parents $c0 $c1 ' +test_expect_success 'merge suggests matching remote refname' ' + git commit --allow-empty -m not-local && + git update-ref refs/remotes/origin/not-local HEAD && + git reset --hard HEAD^ && + + # This is white-box testing hackery; we happen to know + # that reading packed refs is more picky about the memory + # ownership of strings we pass to for_each_ref() callbacks. + git pack-refs --all --prune && + + test_must_fail git merge not-local 2>stderr && + grep origin/not-local stderr +' + test_done -- cgit v1.2.3 From 2ed2e19958f2bcf59cac18a69b27f74ba7079a2f Mon Sep 17 00:00:00 2001 From: Jeff King Date: Tue, 14 May 2019 08:05:05 -0400 Subject: help_unknown_ref(): check for refname ambiguity When the user asks to merge "foo" and we suggest "origin/foo" instead, we do so by simply chopping off "refs/remotes/" from the front of the suggested ref. This is usually fine, but it's possible that the resulting name is ambiguous (e.g., you have "refs/heads/origin/foo", too). Let's use shorten_unambiguous_ref() to do this the right way, which should usually yield the same "origin/foo", but "remotes/origin/foo" if necessary. Note that in this situation there may be other options (e.g., we could suggest "heads/origin/foo" as well). I'll leave that up for debate; the focus here is just to avoid giving advice that does not actually do what we expect. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- help.c | 6 +++--- t/t7600-merge.sh | 6 ++++++ 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/help.c b/help.c index 5583f6cded..602d9fa201 100644 --- a/help.c +++ b/help.c @@ -761,12 +761,12 @@ static int append_similar_ref(const char *refname, const struct object_id *oid, { struct similar_ref_cb *cb = (struct similar_ref_cb *)(cb_data); char *branch = strrchr(refname, '/') + 1; - const char *remote; /* A remote branch of the same name is deemed similar */ - if (skip_prefix(refname, "refs/remotes/", &remote) && + if (starts_with(refname, "refs/remotes/") && !strcmp(branch, cb->base_ref)) - string_list_append(cb->similar_refs, remote); + string_list_append_nodup(cb->similar_refs, + shorten_unambiguous_ref(refname, 1)); return 0; } diff --git a/t/t7600-merge.sh b/t/t7600-merge.sh index 592850cef7..36b2c8c91f 100755 --- a/t/t7600-merge.sh +++ b/t/t7600-merge.sh @@ -836,4 +836,10 @@ test_expect_success 'merge suggests matching remote refname' ' grep origin/not-local stderr ' +test_expect_success 'suggested names are not ambiguous' ' + git update-ref refs/heads/origin/not-local HEAD && + test_must_fail git merge not-local 2>stderr && + grep remotes/origin/not-local stderr +' + test_done -- cgit v1.2.3