packed_object_info(): convert to new revindex API

Convert another call of 'find_pack_revindex()' to its replacement
'pack_pos_to_offset()'. Likewise:

  - Avoid manipulating `struct packed_git`'s `revindex` pointer directly
    by removing the pointer-as-array indexing.

  - Add an additional guard to check that the offset 'obj_offset()'
    points to a real object. This should be the case with well-behaved
    callers to 'packed_object_info()', but isn't guarenteed.

    Other blocks that fill in various other values from the 'struct
    object_info' request handle bad inputs by setting the type to
    'OBJ_BAD' and jumping to 'out'. Do the same when given a bad offset
    here.

    The previous code would have segfaulted when given a bad
    'obj_offset' value, since 'find_pack_revindex()' would return
    'NULL', and then the line that fills 'oi->disk_sizep' would try to
    access 'NULL[1]' with a stride of 16 bytes (the width of 'struct
    revindex_entry)'.

Signed-off-by: Taylor Blau <me@ttaylorr.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/packfile.c b/packfile.c
index 7c37f9ec5cbbe3f258e09cf6484251854ac58d6e..bb4bb146712d4f7eb0fb9e30b0ff933b1659f749 100644 (file)
--- a/packfile.c
+++ b/packfile.c
@@ -1537,8 +1537,15 @@ int packed_object_info(struct repository *r, struct packed_git *p,
        }
 
        if (oi->disk_sizep) {
-               struct revindex_entry *revidx = find_pack_revindex(p, obj_offset);
-               *oi->disk_sizep = revidx[1].offset - obj_offset;
+               uint32_t pos;
+               if (offset_to_pack_pos(p, obj_offset, &pos) < 0) {
+                       error("could not find object at offset %"PRIuMAX" "
+                             "in pack %s", (uintmax_t)obj_offset, p->pack_name);
+                       type = OBJ_BAD;
+                       goto out;
+               }
+
+               *oi->disk_sizep = pack_pos_to_offset(p, pos + 1) - obj_offset;
        }
 
        if (oi->typep || oi->type_name) {