Re: [PATCH v3 0/3] limit the size of the packs we receive

2016-08-24 Thread Junio C Hamano
Christian Couder  writes:

> Diff with previous v2 version
> ~
>
> diff --git a/Documentation/config.txt b/Documentation/config.txt
> index f5b6061..8a115b3 100644
> --- a/Documentation/config.txt
> +++ b/Documentation/config.txt
> @@ -2517,10 +2517,11 @@ receive.unpackLimit::
>   especially on slow filesystems.  If not set, the value of
>   `transfer.unpackLimit` is used instead.
>  
> -receive.maxsize::
> - If the size of a pack file is larger than this limit, then
> - git-receive-pack will error out, instead of accepting the pack
> - file. If not set or set to 0, then the size is unlimited.
> +receive.maxInputSize::
> + If the size of the incoming pack stream is larger than this
> + limit, then git-receive-pack will error out, instead of
> + accepting the pack file. If not set or set to 0, then the size
> + is unlimited.
>  
>  receive.denyDeletes::
>   If set to true, git-receive-pack will deny a ref update that deletes
> diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c
> ...
> diff --git a/t/t5546-receive-limits.sh b/t/t5546-receive-limits.sh
> new file mode 100755
> index 000..10cb0be
> --- /dev/null
> +++ b/t/t5546-receive-limits.sh
> @@ -0,0 +1,55 @@
> +#!/bin/sh
> + ...
> +test_done
> ---
>
> Christian Couder (1):
>   unpack-objects: add --max-input-size= option
>
> Jeff King (2):
>   index-pack: add --max-input-size= option
>   receive-pack: allow a maximum input size to be specified

This was a pleasant read.  All looked sensible.

Thanks.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[PATCH v3 0/3] limit the size of the packs we receive

2016-08-24 Thread Christian Couder
Goal


In https://public-inbox.org/git/20150612182045.GA23698%40peff.net/,
Peff sent a patch that is used by GitHub to abort `git receive-pack`
when the size of the pack we receive is bigger than a configured
limit.

GitLab is interested in using the same approach and in standardizing
the error messages the user could get back.

Comments


I kept Peff as the author of the patches that are made mostly from his
patch, but I added my Signed-off-by to them.

Changes from previous v2 version


All these changes have been suggested by Junio and are in patch 3/3,
the other 2 patches are the same as v2:

  - renamed "receive.maxsize" to "receive.maxInputSize",
  - improved commit message,
  - renamed test script from "t5546-push-limits.sh" to
"t5546-receive-limits.sh",
  - improved the tests in the last patch by adding a
test_pack_input_limit() function and deleting the destination repo
at the beginning of this function.

Links
~

This patch series is available here:

https://github.com/chriscool/git/commits/max-receive

The previous versions are here on GitHub:

RFC: https://github.com/chriscool/git/commits/max-receive2
v1: https://github.com/chriscool/git/commits/max-receive6
v2: https://github.com/chriscool/git/commits/max-receive7

and here on the list:

RFC: 
https://public-inbox.org/git/20160815195729.16826-1-chrisc...@tuxfamily.org/
v1: https://public-inbox.org/git/20160816081701.29949-1-chrisc...@tuxfamily.org/
v2: https://public-inbox.org/git/20160818131553.22580-1-chrisc...@tuxfamily.org/

Peff's initial patch is:

https://public-inbox.org/git/20150612182045.GA23698%40peff.net/

Diff with previous v2 version
~

diff --git a/Documentation/config.txt b/Documentation/config.txt
index f5b6061..8a115b3 100644
--- a/Documentation/config.txt
+++ b/Documentation/config.txt
@@ -2517,10 +2517,11 @@ receive.unpackLimit::
especially on slow filesystems.  If not set, the value of
`transfer.unpackLimit` is used instead.
 
-receive.maxsize::
-   If the size of a pack file is larger than this limit, then
-   git-receive-pack will error out, instead of accepting the pack
-   file. If not set or set to 0, then the size is unlimited.
+receive.maxInputSize::
+   If the size of the incoming pack stream is larger than this
+   limit, then git-receive-pack will error out, instead of
+   accepting the pack file. If not set or set to 0, then the size
+   is unlimited.
 
 receive.denyDeletes::
If set to true, git-receive-pack will deny a ref update that deletes
diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c
index 4b0379b..f1ce05c 100644
--- a/builtin/receive-pack.c
+++ b/builtin/receive-pack.c
@@ -213,7 +213,7 @@ static int receive_pack_config(const char *var, const char 
*value, void *cb)
return 0;
}
 
-   if (strcmp(var, "receive.maxsize") == 0) {
+   if (strcmp(var, "receive.maxinputsize") == 0) {
max_input_size = git_config_int64(var, value);
return 0;
}
diff --git a/t/t5546-push-limits.sh b/t/t5546-push-limits.sh
deleted file mode 100755
index 09e958f..000
--- a/t/t5546-push-limits.sh
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/sh
-
-test_description='check input limits for pushing'
-. ./test-lib.sh
-
-test_expect_success 'create remote repository' '
-   git init --bare dest
-'
-
-# Let's run tests with different unpack limits: 1 and 10
-# When the limit is 1, `git receive-pack` will call `git index-pack`.
-# When the limit is 10, `git receive-pack` will call `git unpack-objects`.
-
-while read unpacklimit filesize filename seed
-do
-
-   test_expect_success "create known-size ($filesize bytes) commit 
'$filename'" '
-   test-genrandom "$seed" "$filesize" >"$filename" &&
-   git add "$filename" &&
-   test_commit "$filename"
-   '
-
-   test_expect_success "set unpacklimit to $unpacklimit" '
-   git --git-dir=dest config receive.unpacklimit "$unpacklimit"
-   '
-
-   test_expect_success 'setting receive.maxsize to 512 rejects push' '
-   git --git-dir=dest config receive.maxsize 512 &&
-   test_must_fail git push dest HEAD
-   '
-
-   test_expect_success 'bumping limit to 4k allows push' '
-   git --git-dir=dest config receive.maxsize 4k &&
-   git push dest HEAD
-   '
-
-done <<\EOF
-1 1024 one-k-file foo
-10 1024 other-one-k-file bar
-EOF
-
-test_done
diff --git a/t/t5546-receive-limits.sh b/t/t5546-receive-limits.sh
new file mode 100755
index 000..10cb0be
--- /dev/null
+++ b/t/t5546-receive-limits.sh
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+test_description='check receive input limits'
+. ./test-lib.sh
+
+# Let's run tests with different unpack limits: 1 and 1
+# When the limit is 1, `git receive-pack` will call `git index-pack`.
+# When the limit is 1, `git