Mercurial > hg
view tests/test-diff-hashes.t @ 38935:27a54096c92e
linelog: fix infinite loop vulnerability
Checking `len(lines)` is not a great way of detecting infinite loops, as
demonstrated in the added test. Therefore check instruction count instead.
The original C implementation does not have this problem. There are a few
other places where the C implementation enforces more strictly, like
`a1 <= a2`, `b1 <= b2`, `rev > 0`. But they are optional.
Test Plan:
Add a test. The old code forces the test to time out.
Differential Revision: https://phab.mercurial-scm.org/D4151
author | Jun Wu <quark@fb.com> |
---|---|
date | Mon, 06 Aug 2018 22:24:00 -0700 |
parents | f2719b387380 |
children | 251332dbf33d |
line wrap: on
line source
$ hg init a $ cd a $ hg diff inexistent1 inexistent2 inexistent1: * (glob) inexistent2: * (glob) $ echo bar > foo $ hg add foo $ hg ci -m 'add foo' $ echo foobar > foo $ hg ci -m 'change foo' $ hg --quiet diff -r 0 -r 1 --- a/foo Thu Jan 01 00:00:00 1970 +0000 +++ b/foo Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +1,1 @@ -bar +foobar $ hg diff -r 0 -r 1 diff -r a99fb63adac3 -r 9b8568d3af2f foo --- a/foo Thu Jan 01 00:00:00 1970 +0000 +++ b/foo Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +1,1 @@ -bar +foobar $ hg --verbose diff -r 0 -r 1 diff -r a99fb63adac3 -r 9b8568d3af2f foo --- a/foo Thu Jan 01 00:00:00 1970 +0000 +++ b/foo Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +1,1 @@ -bar +foobar $ hg --debug diff -r 0 -r 1 diff -r a99fb63adac3f31816a22f665bc3b7a7655b30f4 -r 9b8568d3af2f1749445eef03aede868a6f39f210 foo --- a/foo Thu Jan 01 00:00:00 1970 +0000 +++ b/foo Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +1,1 @@ -bar +foobar $ cd ..