thodg/libgit2/src/mwindow.h
-
Show log
Commit
-
Hash : 322c15ee
Author :
Date : 2020-08-01T18:24:41
Make the pack and mwindow implementations data-race-free This change fixes a packfile heap corruption that can happen when interacting with multiple packfiles concurrently across multiple threads. This is exacerbated by setting a lower mwindow open file limit. This change: * Renames most of the internal methods in pack.c to clearly indicate that they expect to be called with a certain lock held, making reasoning about the state of locks a bit easier. * Splits the `git_pack_file` lock in two: the one in `git_pack_file` only protects the `index_map`. The protection to `git_mwindow_file` is now in that struct. * Explicitly checks for freshness of the `git_pack_file` in `git_packfile_unpack_header`: this allows the mwindow implementation to close files whenever there is enough cache pressure, and `git_packfile_unpack_header` will reopen the packfile if needed. * After a call to `p_munmap()`, the `data` and `len` fields are poisoned with `NULL` to make use-after-frees more evident and crash rather than being open to the possibility of heap corruption. * Adds a test case to prevent this from regressing in the future. Fixes: #5591
-
src/mwindow.h
-
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54
/* * Copyright (C) the libgit2 contributors. All rights reserved. * * This file is part of libgit2, distributed under the GNU GPL v2 with * a Linking Exception. For full terms see the included COPYING file. */ #ifndef INCLUDE_mwindow__ #define INCLUDE_mwindow__ #include "common.h" #include "map.h" #include "vector.h" typedef struct git_mwindow { struct git_mwindow *next; git_map window_map; off64_t offset; size_t last_used; size_t inuse_cnt; } git_mwindow; typedef struct git_mwindow_file { git_mutex lock; /* protects updates to fd */ git_mwindow *windows; int fd; off64_t size; } git_mwindow_file; typedef struct git_mwindow_ctl { size_t mapped; unsigned int open_windows; unsigned int mmap_calls; unsigned int peak_open_windows; size_t peak_mapped; size_t used_ctr; git_vector windowfiles; } git_mwindow_ctl; int git_mwindow_contains(git_mwindow *win, off64_t offset); int git_mwindow_free_all(git_mwindow_file *mwf); /* locks */ unsigned char *git_mwindow_open(git_mwindow_file *mwf, git_mwindow **cursor, off64_t offset, size_t extra, unsigned int *left); int git_mwindow_file_register(git_mwindow_file *mwf); void git_mwindow_file_deregister(git_mwindow_file *mwf); void git_mwindow_close(git_mwindow **w_cursor); extern int git_mwindow_global_init(void); struct git_pack_file; /* just declaration to avoid cyclical includes */ int git_mwindow_get_pack(struct git_pack_file **out, const char *path); int git_mwindow_put_pack(struct git_pack_file *pack); #endif