fix: reject invalid pack entry header metadata#2678
Draft
Sebastian Thiel (Byron) wants to merge 1 commit into
Draft
fix: reject invalid pack entry header metadata#2678Sebastian Thiel (Byron) wants to merge 1 commit into
Sebastian Thiel (Byron) wants to merge 1 commit into
Conversation
Issue #2676 reports an OSS-Fuzz finding in pack data handling. The pack entry decoder stored the consumed header length with an infallible u16 conversion and accepted ref-delta hash lengths through panic-capable slice and ObjectId conversions. Malformed or unsupported metadata should become decode errors instead of process panics. Add regression coverage for unsupported ref-delta hash lengths and oversized encoded header metadata. Route both byte-slice and streaming decoders through checked header-size conversion, and use fallible ObjectId construction for ref-delta base ids. Validation: - cargo test -p gix-pack data::entry::decode::tests - cargo test -p gix-pack - cargo clippy -p gix-pack --all-targets
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Tasks
This section is for Byron only. Models continuing this PR must not add, remove, check, uncheck, rename, or reorder checkboxes here.
Everything below this line was generated by Codex GPT-5.
Created by Codex on behalf of Byron. Byron will review before this is ready to merge.
Summary
Fixes #2676.
OSS-Fuzz reported malformed pack data handling in #2676. This changes the pack entry decoder so malformed or unsupported pack entry metadata is reported as an error instead of relying on panic-capable invariants.
Changes
consumed.try_into().expect("pack entry headers fit into u16")conversions ingix-packentry decoding with checked conversion and a decode error.Validation
cargo test -p gix-pack data::entry::decode::testscargo test -p gix-packcargo clippy -p gix-pack --all-targetscargo check -p gix-pack --no-default-features --features sha1(run during Codex review)cargo check -p gix-pack --no-default-features --features sha256(run during Codex review)cargo test -p gix-pack --no-default-features --features sha1 data::entry::decode::tests(run during Codex review)Review Status
Codex review completed for commit
6fb4bee6dce99f487cff3134d2e6fbf6deed7cdband did not find any discrete regression.