[PATCH 1 of 2] dirstate: fix parse_dirstate() to error out if NULL entry created
Yuya Nishihara
yuya at tcha.org
Thu Sep 23 08:27:33 UTC 2021
# HG changeset patch
# User Yuya Nishihara <yuya at tcha.org>
# Date 1632383057 -32400
# Thu Sep 23 16:44:17 2021 +0900
# Node ID 13efd8fdc55fe3ed8ab195fff0c52a249d4dcc73
# Parent 1b2ee68e85f93c0726db9f2f739bc6768db1f92f
dirstate: fix parse_dirstate() to error out if NULL entry created
Since 83f0e93ec34b "dirstate-item: move the C implementation to the same
logic", dirstate_item_from_v1_data() gets more likely to return NULL, and
the fuzzer crashes because of that.
diff --git a/mercurial/cext/parsers.c b/mercurial/cext/parsers.c
--- a/mercurial/cext/parsers.c
+++ b/mercurial/cext/parsers.c
@@ -770,6 +770,8 @@ static PyObject *parse_dirstate(PyObject
entry = (PyObject *)dirstate_item_from_v1_data(state, mode,
size, mtime);
+ if (!entry)
+ goto quit;
cpos = memchr(cur, 0, flen);
if (cpos) {
fname = PyBytes_FromStringAndSize(cur, cpos - cur);
More information about the Mercurial-devel
mailing list