Mercurial > hg
view mercurial/txnutil.py @ 43658:0796e266d26b
dirs: resolve fuzzer OOM situation by disallowing deep directory hierarchies
It seems like 2048 directories ought to be enough for any reasonable
use of Mercurial?
A previous version of this patch scanned for slashes before any allocations
occurred. That approach is slower than this in the happy path, but much faster
than this in the case that too many slashes are encountered. We may want to
revisit it in the future using memchr() so it'll be well-optimized by the libc
we're using.
.. bc:
Mercurial will now defend against OOMs by refusing to operate on
paths with 2048 or more components. This means that _extremely_
deep path hierarchies will be rejected, but we anticipate nobody
is using hierarchies this deep.
Differential Revision: https://phab.mercurial-scm.org/D7411
| author | Augie Fackler <augie@google.com> |
|---|---|
| date | Tue, 12 Nov 2019 10:17:59 -0500 |
| parents | 687b865b95ad |
| children | 89a2afe31e82 |
line wrap: on
line source
# txnutil.py - transaction related utilities # # Copyright FUJIWARA Katsunori <foozy@lares.dti.ne.jp> and others # # This software may be used and distributed according to the terms of the # GNU General Public License version 2 or any later version. from __future__ import absolute_import import errno from . import encoding def mayhavepending(root): '''return whether 'root' may have pending changes, which are visible to this process. ''' return root == encoding.environ.get(b'HG_PENDING') def trypending(root, vfs, filename, **kwargs): '''Open file to be read according to HG_PENDING environment variable This opens '.pending' of specified 'filename' only when HG_PENDING is equal to 'root'. This returns '(fp, is_pending_opened)' tuple. ''' if mayhavepending(root): try: return (vfs(b'%s.pending' % filename, **kwargs), True) except IOError as inst: if inst.errno != errno.ENOENT: raise return (vfs(filename, **kwargs), False)