From: john at keeping.me.uk (John Keeping)
Subject: [PATCH 00/19] Fixed-size buffer removal
Date: Sun, 7 Apr 2013 10:29:51 +0100 [thread overview]
Message-ID: <cover.1365326321.git.john@keeping.me.uk> (raw)
This series replaces use of fixed-size buffers for any user-supplied
input or data from the repository with Git's struct strbuf. It is based
on wip.
After this series, the only remaining uses of html.c::fmt produce
strings with a known bound on their length and there are no uses of
snprintf.
The first patch was sent before but appears to have been lost in the
noise; I'm resending it as part of this series to avoid textual
conflicts with later patches.
While working on this, I learned about the "module-link" configuration
option, which currently takes a printf format string which is passed to
printf as the format string. I'd like to change this to use the
strbuf_expand format so that administrators of CGit installations can't
shoot themselves in the foot with invalid format strings but I'd like
some feedback on how we can do that and maintain backwards
compatibility. Perhaps we could introduce "submodule-link" with the new
syntax and deprecate "module-link"?
John Keeping (19):
Fix out-of-bounds memory accesses with virtual_root=""
Remove redundant calls to fmt("%s", ...)
cache.c: don't use statically sized buffers for filenames
html: introduce html_txtf and html_vtxtf functions
Convert cgit_print_error to a variadic function
scan-tree: use struct strbuf instead of static buffers
ui-log.c: use a strbuf for refs
ui-log.c: use a strbuf for grep arguments
ui-plain.c: use struct strbuf instead of fmt()
ui-refs.c: use struct strbuf instead of fixed-size buffers
ui-repolist.c: use struct strbuf for repository paths
ui-snapshot.c: tidy up memory management in write_archive_type
ui-snapshot: use a struct strbuf instead of fixed-size buffers
ui-summary.c: use struct strbuf instead of fixed-size buffers
ui-tag.c: use struct strbuf for user-supplied data
ui-tree.c: use struct strbuf instead of fmt()
cgit.c: use struct strbuf instead of fmt()
html: add html_attrf to output an attribute value from a format string
ui-shared.c: use struct strbuf instead of fmt()
cache.c | 56 ++++++++---------------
cgit.c | 105 +++++++++++++++++++++---------------------
cgit.h | 3 +-
html.c | 41 +++++++++++++++--
html.h | 11 ++++-
scan-tree.c | 145 ++++++++++++++++++++++++++++++++--------------------------
shared.c | 15 ++++++
ui-blob.c | 8 ++--
ui-commit.c | 4 +-
ui-diff.c | 8 ++--
ui-log.c | 32 ++++++++-----
ui-patch.c | 4 +-
ui-plain.c | 10 ++--
ui-refs.c | 11 +++--
ui-repolist.c | 28 +++++++-----
ui-shared.c | 66 +++++++++++++++-----------
ui-shared.h | 5 +-
ui-snapshot.c | 65 ++++++++++++++++----------
ui-stats.c | 5 +-
ui-summary.c | 16 +++++--
ui-tag.c | 20 ++++----
ui-tree.c | 46 +++++++++----------
22 files changed, 410 insertions(+), 294 deletions(-)
--
1.8.2.692.g17a9715
next reply other threads:[~2013-04-07 9:29 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-07 9:29 john [this message]
2013-04-07 9:29 ` [PATCH 01/19] Fix out-of-bounds memory accesses with virtual_root="" john
2013-04-07 9:29 ` [PATCH 02/19] Remove redundant calls to fmt("%s", ...) john
2013-04-07 11:05 ` Jason
2013-04-07 11:25 ` john
2013-04-07 11:30 ` Jason
2013-04-07 9:29 ` [PATCH 03/19] cache.c: don't use statically sized buffers for filenames john
2013-04-07 11:11 ` Jason
2013-04-07 11:30 ` john
2013-04-07 9:29 ` [PATCH 04/19] html: introduce html_txtf and html_vtxtf functions john
2013-04-07 9:29 ` [PATCH 05/19] Convert cgit_print_error to a variadic function john
2013-04-07 9:29 ` [PATCH 06/19] scan-tree: use struct strbuf instead of static buffers john
2013-04-07 11:29 ` Jason
2013-04-07 11:33 ` john
2013-04-07 9:29 ` [PATCH 07/19] ui-log.c: use a strbuf for refs john
2013-04-07 9:29 ` [PATCH 08/19] ui-log.c: use a strbuf for grep arguments john
2013-04-07 9:30 ` [PATCH 09/19] ui-plain.c: use struct strbuf instead of fmt() john
2013-04-07 9:30 ` [PATCH 10/19] ui-refs.c: use struct strbuf instead of fixed-size buffers john
2013-04-07 13:08 ` Jason
2013-04-07 9:30 ` [PATCH 11/19] ui-repolist.c: use struct strbuf for repository paths john
2013-04-07 9:30 ` [PATCH 12/19] ui-snapshot.c: tidy up memory management in write_archive_type john
2013-04-07 9:30 ` [PATCH 13/19] ui-snapshot: use a struct strbuf instead of fixed-size buffers john
2013-04-07 13:25 ` Jason
2013-04-07 13:37 ` john
2013-04-07 13:39 ` Jason
2013-04-07 13:33 ` Jason
2013-04-07 9:30 ` [PATCH 14/19] ui-summary.c: use " john
2013-04-07 12:20 ` Jason
2013-04-07 12:36 ` john
2013-04-07 12:41 ` Jason
2013-04-07 12:43 ` Jason
2013-04-07 9:30 ` [PATCH 15/19] ui-tag.c: use struct strbuf for user-supplied data john
2013-04-07 9:30 ` [PATCH 16/19] ui-tree.c: use struct strbuf instead of fmt() john
2013-04-07 9:30 ` [PATCH 17/19] cgit.c: " john
2013-04-07 9:30 ` [PATCH 18/19] html: add html_attrf to output an attribute value from a format string john
2013-04-07 9:30 ` [PATCH 19/19] ui-shared.c: use struct strbuf instead of fmt() john
2013-04-07 12:37 ` Jason
2013-04-07 12:44 ` john
2013-04-07 12:49 ` cgit
2013-04-07 13:08 ` [PATCH 00/19] Fixed-size buffer removal Jason
2013-04-07 13:14 ` john
2013-04-08 15:31 ` Jason
2013-04-08 17:38 ` john
2013-04-08 18:28 ` Jason
2013-04-07 14:26 ` [PATCH v2 00/22] " john
2013-04-07 14:26 ` [PATCH v2 01/22] Fix out-of-bounds memory accesses with virtual_root="" john
2013-04-07 14:26 ` [PATCH v2 02/22] Mark char* fields in struct cgit_page as const john
2013-04-07 14:26 ` [PATCH v2 03/22] Remove redundant calls to fmt("%s", ...) john
2013-04-07 14:26 ` [PATCH v2 04/22] html.c: add fmtalloc helper john
2013-04-07 14:26 ` [PATCH v2 05/22] shared.c: add strbuf_ensure_end john
2013-04-07 14:26 ` [PATCH v2 06/22] cache.c: don't use statically sized buffers for filenames john
2013-04-07 14:26 ` [PATCH v2 07/22] html: introduce html_txtf and html_vtxtf functions john
2013-04-07 14:26 ` [PATCH v2 08/22] Convert cgit_print_error to a variadic function john
2013-04-07 15:01 ` [PATCH 08/22 v3] " john
2013-04-07 14:26 ` [PATCH v2 09/22] scan-tree: use struct strbuf instead of static buffers john
2013-04-07 14:26 ` [PATCH v2 10/22] ui-log.c: use a strbuf for refs john
2013-04-07 14:26 ` [PATCH v2 11/22] ui-log.c: use a strbuf for grep arguments john
2013-04-07 14:26 ` [PATCH v2 12/22] ui-plain.c: use struct strbuf instead of fmt() john
2013-04-07 14:26 ` [PATCH v2 13/22] ui-refs.c: use struct strbuf instead of fixed-size buffers john
2013-04-07 14:26 ` [PATCH v2 14/22] ui-repolist.c: use struct strbuf for repository paths john
2013-04-07 14:26 ` [PATCH v2 15/22] ui-snapshot.c: tidy up memory management in write_archive_type john
2013-04-07 14:26 ` [PATCH v2 16/22] ui-snapshot: use a struct strbuf instead of fixed-size buffers john
2013-04-07 14:26 ` [PATCH v2 17/22] ui-summary.c: use " john
2013-04-07 14:26 ` [PATCH v2 18/22] ui-tag.c: use struct strbuf for user-supplied data john
2013-04-07 14:26 ` [PATCH v2 19/22] ui-tree.c: use struct strbuf instead of fmt() john
2013-04-07 14:26 ` [PATCH v2 20/22] cgit.c: " john
2013-04-07 14:26 ` [PATCH v2 21/22] html: add html_attrf to output an attribute value from a format string john
2013-04-07 14:26 ` [PATCH v2 22/22] ui-shared.c: use struct strbuf instead of fmt() john
2013-04-07 15:21 ` Jason
2013-04-07 15:43 ` john
2013-04-07 15:46 ` Jason
2013-04-08 10:22 ` cgit
2013-04-08 14:04 ` Jason
2013-04-08 17:40 ` john
2013-04-08 14:23 ` [PATCH 00/19] Fixed-size buffer removal Jason
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1365326321.git.john@keeping.me.uk \
--to=cgit@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).