From: Junio C Hamano <gitster@pobox•com>
To: Tsahi Elkayam <Tsahi.Elkayam@protonmail•com>
Cc: "git@vger•kernel.org" <git@vger•kernel.org>, "ps@pks•im" <ps@pks•im>
Subject: Re: [PATCH] reftable/iter: fix undefined behavior in indexed_table_ref_iter_next
Date: Sun, 04 Jan 2026 11:49:32 +0900 [thread overview]
Message-ID: <xmqqy0menlc3.fsf@gitster.g> (raw)
In-Reply-To: <Q0zfHYp-_TO2h_5PXPG9KjHwpMKIf2o2u2dsaoAjIsScmA3W6t7IvqIEeLfM7auEFIQyazlNnA3MGAuS4AANF0yfEBJAjkU1bWp-NH9m89U=@protonmail.com> (Tsahi Elkayam's message of "Fri, 02 Jan 2026 19:16:49 +0000")
Tsahi Elkayam <Tsahi.Elkayam@protonmail•com> writes:
> The indexed_table_ref_iter_next() function accesses ref->value.val2
> without first checking the ref's value_type. This is undefined behavior
> when the ref is not of type REFTABLE_REF_VAL2.
>
> The correct pattern is already used in filtering_ref_iterator_next()
> which checks value_type before accessing the appropriate union member.
> Apply the same pattern here:
>
> - Check for REFTABLE_REF_VAL2 before accessing val2 members
> - Add missing check for REFTABLE_REF_VAL1 to handle single-value refs
>
> This was marked with a "/* BUG */" comment indicating the issue was
> known but not yet fixed.
>
> Signed-off-by: Tsahi Elkayam <Tsahi.Elkayam@protonmail•com>
> ---
> reftable/iter.c | 13 ++++++++-----
> 1 file changed, 8 insertions(+), 5 deletions(-)
>
> diff --git a/reftable/iter.c b/reftable/iter.c
> index 2ecc52b336..2eee65bb1e 100644
> --- a/reftable/iter.c
> +++ b/reftable/iter.c
What are these lines with two-whitespace indent about? When sending
a patch purely for discussion (because the actual change may be iffy
or dangerous), we sometimes deliberately corrupt the patch not to
apply mechanically, but this patch does not seem to be such a
"request for discussion" patch.
next prev parent reply other threads:[~2026-01-04 2:49 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-02 19:16 [PATCH] reftable/iter: fix undefined behavior in indexed_table_ref_iter_next Tsahi Elkayam
2026-01-03 7:35 ` Pushkar Singh
2026-01-04 10:13 ` Tsahi Elkayam
2026-01-04 2:49 ` Junio C Hamano [this message]
2026-01-04 10:22 ` Tsahi Elkayam
2026-01-04 10:33 ` Tsahi Elkayam
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqy0menlc3.fsf@gitster.g \
--to=gitster@pobox$(echo .)com \
--cc=Tsahi.Elkayam@protonmail$(echo .)com \
--cc=git@vger$(echo .)kernel.org \
--cc=ps@pks$(echo .)im \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox