Fix array overflow bug in bdiff
I ran into a bug while importing a large repository into mercurial.
The diff algorithm does not allocate a big enough array of hunks
for some test cases. This results in memory corruption, and possibly,
as in my case, a seg fault.
You should be able to reproduce this problem with any case of more
than a few lines that follows this pattern:
a b
= =
1 1
2
2 3
4
3 5
.
4 .
.
5
.
.
.
I.e., "a" has blank lines on every other line that have been removed in
"b". In this case, the number of matching hunks is equal to the number
of lines in "b". This is more than ((an + bn)/4 + 2). I'm not sure what
motivates this formula, but when I changed it to the smaller of an or
bn (+ 1), it works.
[comment added by mpm]
#!/bin/sh
#
# hgmerge - default merge helper for Mercurial
#
# This tries to find a way to do three-way merge on the current system.
# The result ought to end up in $1.
set -e # bail out quickly on failure
LOCAL="$1"
BASE="$2"
OTHER="$3"
if [ -z "$EDITOR" ]; then
EDITOR="vi"
fi
# Back up our file
cp "$LOCAL" "$LOCAL.orig"
# Attempt to do a non-interactive merge
if type merge > /dev/null ; then
if merge "$LOCAL" "$BASE" "$OTHER" 2> /dev/null; then
# success!
exit 0
fi
cp "$LOCAL.orig" "$LOCAL"
elif type diff3 > /dev/null ; then
if diff3 -m "$LOCAL.orig" "$BASE" "$OTHER" > "$LOCAL" ; then
# success
exit 0
fi
cp "$LOCAL.orig" "$LOCAL"
fi
if [ -n "$DISPLAY" ]; then
# try using kdiff3, which is fairly nice
if type kdiff3 > /dev/null ; then
if kdiff3 --auto "$BASE" "$LOCAL" "$OTHER" -o "$LOCAL" ; then
exit 0
else
exit 1
fi
fi
# try using tkdiff, which is a bit less sophisticated
if type tkdiff > /dev/null ; then
if tkdiff "$LOCAL" "$OTHER" -a "$BASE" -o "$LOCAL" ; then
exit 0
else
exit 1
fi
fi
fi
# Attempt to do a merge with $EDITOR
if type merge > /dev/null ; then
echo "conflicts detected in $LOCAL"
merge "$LOCAL" "$BASE" "$OTHER" 2>/dev/null || $EDITOR "$LOCAL"
exit 0
fi
if type diff3 > /dev/null ; then
echo "conflicts detected in $LOCAL"
diff3 -m "$LOCAL.orig" "$BASE" "$OTHER" > "$LOCAL" || $EDITOR "$LOCAL"
exit 0
fi
HGTMP=""
cleanup_exit() {
rm -rf "$HGTMP"
exit $1
}
# attempt to manually merge with diff and patch
if type diff > /dev/null ; then
if type patch > /dev/null ; then
# Remove temporary files even if we get interrupted
trap "cleanup_exit 1" TERM KILL INT QUIT ABRT
HGTMP="${TMPDIR-/tmp}/hgmerge.$RANDOM.$RANDOM.$RANDOM.$$"
(umask 077 && mkdir "$HGTMP") || {
echo "Could not create temporary directory! Exiting." 1>&2
exit 1
}
diff -u "$BASE" "$OTHER" > "$HGTMP/diff"
if patch "$LOCAL" < "$HGTMP/diff" ; then
cleanup_exit 0
else
$EDITOR "$LOCAL" "$LOCAL.rej"
fi
cleanup_exit 1
fi
fi
echo "hgmerge: unable to find merge, tkdiff, kdiff3, or diff+patch!"
exit 1