public inbox for git@vger.kernel.org 
 help / color / mirror / Atom feed

From: Thomas Rast <trast@inf•ethz.ch>
To: "Nguyễn Thái Ngọc Duy" <pclouds@gmail•com>
Cc: <git@vger•kernel.org>, Junio C Hamano <gitster@pobox•com>,
	Jens Lehmann <Jens.Lehmann@web•de>
Subject: Re: [PATCH v2 0/8] Some object db protection when add_submodule_odb is used
Date: Tue, 30 Apr 2013 10:43:18 +0200	[thread overview]
Message-ID: <87ehdsxvbt.fsf@linux-k42r.v.cablecom.net> (raw)
In-Reply-To: <1367293372-1958-1-git-send-email-pclouds@gmail.com> ("Nguyễn	Thái Ngọc Duy"'s message of "Tue, 30 Apr 2013 10:42:44 +0700")

Nguyễn Thái Ngọc Duy <pclouds@gmail•com> writes:

> The idea behind this series is, after add_submodule_odb, odb may have
> new temporary objects that only appear after the call. These temporary
> objects may lead to repo corruption (e.g. some new objects are created
> and point to these temporary objects). This series attempts to catch
> those cases. It would make it safer to dig deeper into submodule's odb,
> e.g. to implement unified git-diff.
>
> Previous approach [1] is record the odb source, then check if the
> source is from submodule's odb. But that means we rely on the
> lookup order in sha1_file.c. This approach instead allows the caller
> to select what odb sources it wants to look up from.
>
> The checks are also less drastic than before. Checks are now done at
> higher level, e.g. commit_tree(), instead of at write_sha1_file,
> because we do allow to write objects that point to nowhere.
>
> Another new thing from previous round is I completely forbid the use
> of add_submodule_odb in security sensitive commands like index-pack or
> rev-list. We could loosen up later if we need to.
>
> For fun, I set object_database_contaminated to 1 by default and ran
> the test suite. It passed :)

How does this interact with alternates set up by the user?  It's not
immediately obvious from the commit messages (hint hint) or the comments
near ODB_LOCAL etc.

-- 
Thomas Rast
trast@{inf,student}.ethz.ch

next prev parent reply	other threads:[~2013-04-30  8:43 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-04-30  3:42 [PATCH v2 0/8] Some object db protection when add_submodule_odb is used Nguyễn Thái Ngọc Duy
2013-04-30  3:42 ` [PATCH v2 1/8] sha1_file: allow to select pack origin when looking up an object Nguyễn Thái Ngọc Duy
2013-04-30  6:01   ` Eric Sunshine
2013-04-30  3:42 ` [PATCH v2 2/8] sha1_file: keep track of alternate source of objects Nguyễn Thái Ngọc Duy
2013-04-30  3:42 ` [PATCH v2 3/8] sha1_file: mark alt object database from add_submodule_odb() Nguyễn Thái Ngọc Duy
2013-04-30  6:03   ` Eric Sunshine
2013-04-30  3:42 ` [PATCH v2 4/8] sha1_file: new object source for submodule's alt object database Nguyễn Thái Ngọc Duy
2013-04-30  6:07   ` Eric Sunshine
2013-04-30  3:42 ` [PATCH v2 5/8] commit.c: refuse to write commits referring to external objects Nguyễn Thái Ngọc Duy
2013-04-30  3:42 ` [PATCH v2 6/8] cache-tree.c: refuse to write trees " Nguyễn Thái Ngọc Duy
2013-04-30  3:42 ` [PATCH v2 7/8] mktag: refuse to write tags " Nguyễn Thái Ngọc Duy
2013-04-30  3:42 ` [PATCH v2 8/8] sha1_file: do write objects even if found in ODB_EXTALT database Nguyễn Thái Ngọc Duy
2013-04-30  8:43 ` Thomas Rast [this message]
2013-04-30 10:32   ` [PATCH v2 0/8] Some object db protection when add_submodule_odb is used Duy Nguyen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87ehdsxvbt.fsf@linux-k42r.v.cablecom.net \
    --to=trast@inf$(echo .)ethz.ch \
    --cc=Jens.Lehmann@web$(echo .)de \
    --cc=git@vger$(echo .)kernel.org \
    --cc=gitster@pobox$(echo .)com \
    --cc=pclouds@gmail$(echo .)com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox