git.ipfire.org Git - thirdparty/git.git/commit

author	Victoria Dye <vdye@github.com>
	Wed, 28 Sep 2022 17:19:00 +0000 (17:19 +0000)
committer	Junio C Hamano <gitster@pobox.com>
	Wed, 28 Sep 2022 17:32:18 +0000 (10:32 -0700)
commit	4a6ed30f96c0313dc55fc052707b33d4d3518912
tree	360d015c9f2a48e69ac2b68d9204683fd961aecd	tree \| snapshot
parent	a0feb8611d4c0b2b5d954efe4e98207f62223436	commit \| diff

read-cache: avoid misaligned reads in index v4

The process for reading the index into memory from disk is to first read its
contents into a single memory-mapped file buffer (type 'char *'), then
sequentially convert each on-disk index entry into a corresponding incore
'cache_entry'. To access the contents of the on-disk entry for processing, a
moving pointer within the memory-mapped file is cast to type 'struct
ondisk_cache_entry *'.

In index v4, the entries in the on-disk index file are written *without*
aligning their first byte to a 4-byte boundary; entries are a variable
length (depending on the entry name and whether or not extended flags are
used). As a result, casting the 'char *' buffer pointer to 'struct
ondisk_cache_entry *' then accessing its contents in a 'SANITIZE=undefined'
build can trigger the following error:

  read-cache.c:1886:46: runtime error: member access within misaligned
  address <address> for type 'struct ondisk_cache_entry', which requires 4
  byte alignment

Avoid this error by reading fields directly from the 'char *' buffer, using
the 'offsetof' individual fields in 'struct ondisk_cache_entry'.
Additionally, add documentation describing why the new approach avoids the
misaligned address error, as well as advice on how to improve the
implementation in the future.

Reported-by: Jeff King <peff@peff.net>
Signed-off-by: Victoria Dye <vdye@github.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>