Mercurial > hg

diff mercurial/cext/dirs.c @ 43494:5d40317d42b7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
dirs: reject consecutive slashes in paths We shouldn't ever see those, and the fuzzer go really excited that if it gives us a 65k string with 55k slashes in it we use a lot of RAM. This is a better fix than what I tried in D7105. It was suggested by Yuya, and I verified it does in fact cause the fuzzer to not OOM. This is a revision of D7234, but with the missing set of an error added. I added a unit test of the dirs behavior because I needed to reason more carefully about the failure modes around consecutive slashes. Differential Revision: https://phab.mercurial-scm.org/D7252
author Augie Fackler <augie@google.com>
date Thu, 17 Oct 2019 19:29:22 -0400
parents ea62d7b06c12
children 0796e266d26b
line wrap: on
line diff
--- a/mercurial/cext/dirs.c	Tue Nov 05 22:56:12 2019 -0500
+++ b/mercurial/cext/dirs.c	Thu Oct 17 19:29:22 2019 -0400
@@ -66,6 +66,14 @@
 	while ((pos = _finddir(cpath, pos - 1)) != -1) {
 		PyObject *val;
 
+		/* Sniff for trailing slashes, a marker of an invalid input. */
+		if (pos > 0 && cpath[pos - 1] == '/') {
+			PyErr_SetString(
+			    PyExc_ValueError,
+			    "found invalid consecutive slashes in path");
+			goto bail;
+		}
+
 		key = PyBytes_FromStringAndSize(cpath, pos);
 		if (key == NULL)
 			goto bail;