Git Mailing List Archive mirror
 help / color / mirror / Atom feed
From: Han Xin <hanxin.hx@bytedance.com>
To: git@vger.kernel.org
Cc: Han Xin <hanxin.hx@bytedance.com>,
	xingxin.xx@bytedance.com, jonathantanmy@google.com,
	Junio C Hamano <gitster@pobox.com>
Subject: [PATCH v1] negotiator/default.c: avoid stack overflow
Date: Mon, 24 Apr 2023 10:23:18 +0800	[thread overview]
Message-ID: <20230424022318.80469-1-hanxin.hx@bytedance.com> (raw)

mark_common() in negotiator/default.c may overflow the stack due to
recursive function calls. Avoid this by instead recursing using a
heap-allocated data structure.

This is the same case as [1].

1. https://lore.kernel.org/git/20221025232934.1504445-1-jonathantanmy@google.com/

Reported-by: Xin Xing <xingxin.xx@bytedance.com>
Signed-off-by: Han Xin <hanxin.hx@bytedance.com>
---
 negotiator/default.c  | 16 ++++++++++++----
 negotiator/skipping.c |  2 ++
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/negotiator/default.c b/negotiator/default.c
index f4b78eb47d..6ab7f11409 100644
--- a/negotiator/default.c
+++ b/negotiator/default.c
@@ -55,9 +55,15 @@ static int clear_marks(const char *refname, const struct object_id *oid,
 static void mark_common(struct negotiation_state *ns, struct commit *commit,
 		int ancestors_only, int dont_parse)
 {
-	if (commit != NULL && !(commit->object.flags & COMMON)) {
+	struct prio_queue queue = { NULL };
+
+	prio_queue_put(&queue, commit);
+	while ((commit = prio_queue_get(&queue))) {
 		struct object *o = (struct object *)commit;
 
+		if (commit == NULL || (commit->object.flags & COMMON))
+			continue;
+
 		if (!ancestors_only)
 			o->flags |= COMMON;
 
@@ -70,15 +76,17 @@ static void mark_common(struct negotiation_state *ns, struct commit *commit,
 				ns->non_common_revs--;
 			if (!o->parsed && !dont_parse)
 				if (repo_parse_commit(the_repository, commit))
-					return;
+					continue;
 
+			ancestors_only = 0;
 			for (parents = commit->parents;
 					parents;
 					parents = parents->next)
-				mark_common(ns, parents->item, 0,
-					    dont_parse);
+				prio_queue_put(&queue, parents->item);
 		}
 	}
+
+	clear_prio_queue(&queue);
 }
 
 /*
diff --git a/negotiator/skipping.c b/negotiator/skipping.c
index c7d6ab39bc..3d262b3533 100644
--- a/negotiator/skipping.c
+++ b/negotiator/skipping.c
@@ -108,6 +108,8 @@ static void mark_common(struct data *data, struct commit *seen_commit)
 				prio_queue_put(&queue, p->item);
 		}
 	}
+
+	clear_prio_queue(&queue);
 }
 
 /*
-- 
2.40.0


             reply	other threads:[~2023-04-24  2:23 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-04-24  2:23 Han Xin [this message]
2023-04-24 14:44 ` [PATCH v1] negotiator/default.c: avoid stack overflow Derrick Stolee
2023-04-25  3:02   ` [External] " Han Xin
2023-04-25 13:34     ` Derrick Stolee
2023-04-26  4:05 ` [PATCH v2 0/2] negotiator/default: " Han Xin
2023-04-26  4:05   ` [PATCH v2 1/2] " Han Xin
2023-04-26 11:13     ` Derrick Stolee
2023-04-26 11:40       ` [External] " Han Xin
2023-04-26  4:05   ` [PATCH v2 2/2] negotiator/skipping: fix some problems in mark_common() Han Xin
2023-04-26 11:08     ` Derrick Stolee
2023-04-26 11:55       ` [External] " Han Xin
2023-04-26 13:15   ` [PATCH v2 0/2] negotiator/default: avoid stack overflow Han Xin
2023-04-26 13:15     ` [PATCH v3 1/2] " Han Xin
2023-04-26 17:14       ` Junio C Hamano
2023-04-26 17:30         ` Derrick Stolee
2023-04-26 17:38           ` Junio C Hamano
2023-04-26 13:15     ` [PATCH v3 2/2] negotiator/skipping: fix some problems in mark_common() Han Xin
2023-05-01 22:11     ` [PATCH v2 0/2] negotiator/default: avoid stack overflow Junio C Hamano
2023-05-02  1:49       ` Derrick Stolee
2023-05-02 15:51         ` Junio C Hamano

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20230424022318.80469-1-hanxin.hx@bytedance.com \
    --to=hanxin.hx@bytedance.com \
    --cc=git@vger.kernel.org \
    --cc=gitster@pobox.com \
    --cc=jonathantanmy@google.com \
    --cc=xingxin.xx@bytedance.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).