# HG changeset patch
# User Yuya Nishihara <y...@tcha.org>
# Date 1523275606 -32400
#      Mon Apr 09 21:06:46 2018 +0900
# Node ID 6265e0c7a7ab727f253fdc915caa2339fbe65728
# Parent  62ebfa7e5a3388c1761830d788b53dd46d0a9ad4
patch: error out if reached to EOF while reading hunk

This was where out-of-bounds read occurred in old C extension.

diff --git a/mercurial/diffhelpers.py b/mercurial/diffhelpers.py
--- a/mercurial/diffhelpers.py
+++ b/mercurial/diffhelpers.py
@@ -7,6 +7,12 @@
 
 from __future__ import absolute_import
 
+from .i18n import _
+
+from . import (
+    error,
+)
+
 def addlines(fp, hunk, lena, lenb, a, b):
     """Read lines from fp into the hunk
 
@@ -22,6 +28,8 @@ def addlines(fp, hunk, lena, lenb, a, b)
             break
         for i in xrange(num):
             s = fp.readline()
+            if not s:
+                raise error.ParseError(_('incomplete hunk'))
             if s == "\\ No newline at end of file\n":
                 fixnewline(hunk, a, b)
                 continue
diff --git a/mercurial/patch.py b/mercurial/patch.py
--- a/mercurial/patch.py
+++ b/mercurial/patch.py
@@ -1254,8 +1254,11 @@ class hunk(object):
             self.lenb = int(self.lenb)
         self.starta = int(self.starta)
         self.startb = int(self.startb)
-        diffhelpers.addlines(lr, self.hunk, self.lena, self.lenb, self.a,
-                             self.b)
+        try:
+            diffhelpers.addlines(lr, self.hunk, self.lena, self.lenb,
+                                 self.a, self.b)
+        except error.ParseError as e:
+            raise PatchError(_("bad hunk #%d: %s") % (self.number, e))
         # if we hit eof before finishing out the hunk, the last line will
         # be zero length.  Lets try to fix it up.
         while len(self.hunk[-1]) == 0:
diff --git a/tests/test-import.t b/tests/test-import.t
--- a/tests/test-import.t
+++ b/tests/test-import.t
@@ -1917,3 +1917,26 @@ test import crash (issue5375)
   a not tracked!
   abort: source file 'a' does not exist
   [255]
+
+test immature end of hunk
+
+  $ hg import - <<'EOF'
+  > diff --git a/foo b/foo
+  > --- a/foo
+  > --- b/foo
+  > @@ -0,0 +1,1 @@
+  > EOF
+  applying patch from stdin
+  abort: bad hunk #1: incomplete hunk
+  [255]
+
+  $ hg import - <<'EOF'
+  > diff --git a/foo b/foo
+  > --- a/foo
+  > --- b/foo
+  > @@ -0,0 +1,1 @@
+  > \ No newline at end of file
+  > EOF
+  applying patch from stdin
+  abort: bad hunk #1: incomplete hunk
+  [255]
_______________________________________________
Mercurial-devel mailing list
Mercurial-devel@mercurial-scm.org
https://www.mercurial-scm.org/mailman/listinfo/mercurial-devel

Reply via email to