Mercurial > hg

diff tests/test-linelog.py @ 38935:27a54096c92e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
linelog: fix infinite loop vulnerability Checking `len(lines)` is not a great way of detecting infinite loops, as demonstrated in the added test. Therefore check instruction count instead. The original C implementation does not have this problem. There are a few other places where the C implementation enforces more strictly, like `a1 <= a2`, `b1 <= b2`, `rev > 0`. But they are optional. Test Plan: Add a test. The old code forces the test to time out. Differential Revision: https://phab.mercurial-scm.org/D4151
author Jun Wu <quark@fb.com>
date Mon, 06 Aug 2018 22:24:00 -0700
parents 6fed8b323651
children 876494fd967d
line wrap: on
line diff
--- a/tests/test-linelog.py	Mon Aug 06 17:19:33 2018 -0400
+++ b/tests/test-linelog.py	Mon Aug 06 22:24:00 2018 -0700
@@ -179,6 +179,15 @@
             ar = ll.annotate(rev)
             self.assertEqual([(l.rev, l.linenum) for l in ar], lines)
 
+    def testinfinitebadprogram(self):
+        ll = linelog.linelog.fromdata(
+            b'\x00\x00\x00\x00\x00\x00\x00\x02'  # header
+            b'\x00\x00\x00\x00\x00\x00\x00\x01'  # JUMP to self
+        )
+        with self.assertRaises(linelog.LineLogError):
+            # should not be an infinite loop and raise
+            ll.annotate(1)
+
 if __name__ == '__main__':
     import silenttestrunner
     silenttestrunner.main(__name__)