Re: [PATCH 1/3] t5313: test bounds-checks of corrupted/malicious pack/idx files

On Thu, Feb 25, 2016 at 12:31:12PM -0800, Junio C Hamano wrote: > Johannes Sixt writes: > > > Am 25.02.2016 um 15:21 schrieb Jeff King: > >> +munge () { > >> + printf "$3" | dd of="$1" bs=1 conv=notrunc seek=$2 > >> +} > > > > Instead of adding another call of dd, would it be an

Re: [PATCH 1/3] t5313: test bounds-checks of corrupted/malicious pack/idx files

Johannes Sixt writes: > Am 25.02.2016 um 15:21 schrieb Jeff King: >> +munge () { >> +printf "$3" | dd of="$1" bs=1 conv=notrunc seek=$2 >> +} > > Instead of adding another call of dd, would it be an option to insert > the following patch at the front of this series and then

Re: [PATCH 1/3] t5313: test bounds-checks of corrupted/malicious pack/idx files

Am 25.02.2016 um 15:21 schrieb Jeff King: > +munge () { > + printf "$3" | dd of="$1" bs=1 conv=notrunc seek=$2 > +} Instead of adding another call of dd, would it be an option to insert the following patch at the front of this series and then use test_overwrite_bytes? 8< From:

[PATCH 1/3] t5313: test bounds-checks of corrupted/malicious pack/idx files

Our on-disk .pack and .idx files may reference other data by offset. We should make sure that we are not fooled by corrupt data into accessing memory outside of our mmap'd boundaries. This patch adds a series of tests for offsets found in .pack and .idx files. For the most part we get this right,