Bug#907315: git: "git bundle verify" segfaults when out of repo

2018-12-19 Thread Cyril Brulebois 
Control: found -1 1:2.11.0-3+deb9u4
Control: found -1 1:2.20.1-1
Control: tag -1 upstream

Hi,

(Not the maintainer, just another user who found the failure mode a bit
harsh when learning a bit more about git bundles.)

Bernhard Übelacker  (2018-08-28):
> (gdb) list get_main_ref_store
> 1680
> 1681struct ref_store *get_main_ref_store(struct repository *r)
> 1682{
> 1683if (r->refs)
> 1684return r->refs;
> 1685
> 1686if (!r->gitdir)
> 1687BUG("attempting to get main_ref_store outside of 
> repository");
> 1688
> 1689r->refs = ref_store_init(r->gitdir, REF_STORE_ALL_CAPS);
> 1690return r->refs;
> 1691}
> 
> 
> I think a call to "BUG" is probably too much.
> Probably a call to "die" could be more appropriate.
> E.g. like "git diff" printing "Not a git repository".
> Attached patch does just replace the "BUG" by "die".
 
That seems reasonable to me, I suppose proposing that uptream would help
get that merged. With the control commands above, I'm confirming this
issue affects git versions currently in stretch and unstable.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#907315: git: "git bundle verify" segfaults when out of repo

2018-08-27 Thread Bernhard Übelacker 
Hello Samuel Hym,
I just tried to reproduce the segfault.


(gdb) bt
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1  0x7fc3d443e2f1 in __GI_abort () at abort.c:79
#2  0x55b095852436 in BUG_vfl (file=, line=, 
fmt=0x55b0958a9250 "attempting to get main_ref_store outside of repository", 
params=params@entry=0x7ffc469b4980) at usage.c:230
#3  0x55b095852bbf in BUG_fl (file=file@entry=0x55b0958a9536 "refs.c", 
line=line@entry=1687, fmt=fmt@entry=0x55b0958a9250 "attempting to get 
main_ref_store outside of repository") at usage.c:238
#4  0x55b0957f0a14 in get_main_ref_store (r=0x55b095b39fc0 ) at 
refs.c:1687
#5  0x55b09580e329 in handle_revision_pseudo_opt (argc=1, flags=, argv=0x7ffc469b4b98, revs=0x7ffc469b4bb0, submodule=0x0) at 
revision.c:2191
#6  setup_revisions (argc=, argc@entry=2, 
argv=argv@entry=0x7ffc469b4b90, revs=revs@entry=0x7ffc469b4bb0, 
opt=opt@entry=0x0) at revision.c:2341
#7  0x55b09576b5ac in verify_bundle (header=header@entry=0x7ffc469b54b0, 
verbose=verbose@entry=1) at bundle.c:157
#8  0x55b0956d6335 in cmd_bundle (argc=1, argv=0x7ffc469b58a0, 
prefix=) at builtin/bundle.c:43
#9  0x55b0956c7825 in run_builtin (argv=, argc=, p=) at git.c:417
#10 handle_builtin (argc=, argv=) at git.c:632
#11 0x55b0956c87c5 in run_argv (argv=0x7ffc469b5630, argcp=0x7ffc469b563c) 
at git.c:684
#12 cmd_main (argc=, argv=) at git.c:761
#13 0x55b0956c74ef in main (argc=4, argv=0x7ffc469b5888) at common-main.c:45

(gdb) list get_main_ref_store
1680
1681struct ref_store *get_main_ref_store(struct repository *r)
1682{
1683if (r->refs)
1684return r->refs;
1685
1686if (!r->gitdir)
1687BUG("attempting to get main_ref_store outside of 
repository");
1688
1689r->refs = ref_store_init(r->gitdir, REF_STORE_ALL_CAPS);
1690return r->refs;
1691}


I think a call to "BUG" is probably too much.
Probably a call to "die" could be more appropriate.
E.g. like "git diff" printing "Not a git repository".
Attached patch does just replace the "BUG" by "die".


Kind regards,
Bernhard
From a6cdb806c3540bf96b7dc8e876b4dcbe8d735eea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bernhard=20=C3=9Cbelacker?= 
Date: Tue, 28 Aug 2018 02:49:53 +0200
Subject: [PATCH] Replace bug by die to avoid segfault or writing a core dump.

Bug-Debian: https://bugs.debian.org/907315
---
 refs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/refs.c b/refs.c
index 0eb379f..512139a 100644
--- a/refs.c
+++ b/refs.c
@@ -1684,7 +1684,7 @@ struct ref_store *get_main_ref_store(struct repository *r)
 		return r->refs;
 
 	if (!r->gitdir)
-		BUG("attempting to get main_ref_store outside of repository");
+		die(_("attempting to get main_ref_store outside of repository"));
 
 	r->refs = ref_store_init(r->gitdir, REF_STORE_ALL_CAPS);
 	return r->refs;
-- 
2.18.0



apt update
apt install git git-dbgsym systemd-coredump gdb devscripts dpkg-dev mc
apt build-dep git


mkdir git/orig -p
cdgit/orig
apt source git
cd ../..


mkdir git-test1/git-test -p
cdgit-test1/git-test
git init
echo test > test
git add .
git config user.email "y...@example.com"
git config user.name "Your Name"
git commit -m "Initial commit."
cd ../..


mkdir git-test2
cdgit-test2
git clone /home/benutzer/git-test1/git-test
cd git-test/
echo test2 > test2
git add .
git config user.email "y...@example.com"
git config user.name "Your Name"
git commit -m "Commit 2."
git bundle create /home/benutzer/repo.bundle master
cd ../..


cdgit-test1/git-test

LANG=C git bundle verify /home/benutzer/repo.bundle
The bundle contains this ref:
4c1173045ccb4e3625cf333cbcbc5486c9dda8ce refs/heads/master
The bundle records a complete history.
/home/benutzer/repo.bundle is okay

cd ../..


LANG=C git bundle verify /home/benutzer/repo.bundle
BUG: refs.c:1687: attempting to get main_ref_store outside of repository
Abgebrochen (Speicherabzug geschrieben)


# rm git-test1/ git-test2/ repo.bundle  -rf




# coredumpctl gdb
   PID: 4420 (git)
   UID: 1000 (benutzer)
   GID: 1000 (benutzer)
Signal: 6 (ABRT)
 Timestamp: Tue 2018-08-28 02:24:52 CEST (7s ago)
  Command Line: git bundle verify /home/benutzer/repo.bundle
Executable: /usr/bin/git
 Control Group: /user.slice/user-1000.slice/session-3.scope
  Unit: session-3.scope
 Slice: user-1000.slice
   Session: 3
 Owner UID: 1000 (benutzer)
   Boot ID: 6368545921ab4b9f816f147460ff8390
Machine ID: 32f43b50ac8c4b21941bc0b02f8e7811
  Hostname: debian
   Storage: 
/var/lib/systemd/coredump/core.git.1000.6368545921ab4b9f816f147460ff8390.4420.153541589200.lz4
   Message: Process 4420 (git) of user 1000 dumped core.

Stack trace of thread 4420:
#0  0x7fc3d443cf3b __GI_raise (libc.so.6)
#1  0x7fc3d443e2f1 __GI_abort (libc.so.6)

Bug#907315: git: "git bundle verify" segfaults when out of repo

2018-08-26 Thread Samuel Hym 
Package: git
Version: 1:2.19.0~rc0+next.20180820-1
Severity: normal

Dear Maintainer,

Running "git bundle verify repo.bundle" (with any bundle) out of a
repository segfaults.

Best regards,
Samuel

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.17.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages git depends on:
ii  git-man  1:2.19.0~rc0+next.20180820-1
ii  libc62.27-5
ii  libcurl3-gnutls  7.61.0-1
ii  liberror-perl0.17026-1
ii  libexpat12.2.6-1
ii  libpcre2-8-0 10.31-3
ii  perl 5.26.2-7
ii  zlib1g   1:1.2.11.dfsg-1

Versions of packages git recommends:
ii  less 487-0.1+b1
ii  openssh-client [ssh-client]  1:7.7p1-4
ii  patch2.7.6-3

Versions of packages git suggests:
ii  gettext-base  0.19.8.1-7
pn  git-cvs   
pn  git-daemon-run | git-daemon-sysvinit  
pn  git-doc   
pn  git-el
ii  git-email 1:2.19.0~rc0+next.20180820-1
pn  git-gui   
pn  git-mediawiki 
pn  git-svn   
pn  gitk  
pn  gitweb

-- no debconf information