git/fuzz-commit-graph.c, branch v2.38.4

commit-graph: pass repo_settings instead of repository

2022-07-14T22:42:17Z

The parse_commit_graph() function takes a 'struct repository *' pointer, but it only ever accesses config settings (either directly or through the .settings field of the repo struct). Move all relevant config settings into the repo_settings struct, and update parse_commit_graph() and its existing callers so that it takes 'struct repo_settings *' instead. Callers of parse_commit_graph() will now need to call prepare_repo_settings() themselves, or initialize a 'struct repo_settings' directly. Prior to ab14d0676c (commit-graph: pass a 'struct repository *' in more places, 2020-09-09), parsing a commit-graph was a pure function depending only on the contents of the commit-graph itself. Commit ab14d0676c introduced a dependency on a `struct repository` pointer, and later commits such as b66d84756f (commit-graph: respect 'commitGraph.readChangedPaths', 2020-09-09) added dependencies on config settings, which were accessed through the `settings` field of the repository pointer. This field was initialized via a call to `prepare_repo_settings()`. Additionally, this fixes an issue in fuzz-commit-graph: In 44c7e62 (2021-12-06, repo-settings:prepare_repo_settings only in git repos), prepare_repo_settings was changed to issue a BUG() if it is called by a process whose CWD is not a Git repository. The combination of commits mentioned above broke fuzz-commit-graph, which attempts to parse arbitrary fuzzing-engine-provided bytes as a commit graph file. Prior to this change, parse_commit_graph() called prepare_repo_settings(), but since we run the fuzz tests without a valid repository, we are hitting the BUG() from 44c7e62 for every test case. Signed-off-by: Taylor Blau Signed-off-by: Josh Steadmon Signed-off-by: Junio C Hamano

commit-graph: pass a 'struct repository *' in more places

2020-09-09T19:51:48Z

In a future commit, some commit-graph internals will want access to 'r->settings', but we only have the 'struct object_directory *' corresponding to that repository. Add an additional parameter to pass the repository around in more places. Signed-off-by: Taylor Blau Signed-off-by: Junio C Hamano

fuzz-commit-graph: properly free graph struct

2020-06-08T17:02:29Z

Use the provided free_commit_graph() to properly free the commit graph in fuzz-commit-graph. Otherwise, the fuzzer itself leaks memory when the struct contains pointers to allocated memory. Signed-off-by: Josh Steadmon Reviewed-by: Jonathan Nieder Signed-off-by: Junio C Hamano

commit-graph: close descriptors after mmap

2020-04-25T05:25:50Z

We don't ever refer to the descriptor after mmap-ing it. And keeping it open means we can run out of descriptors in degenerate cases (e.g., thousands of split chain files). Let's close it as soon as possible. Signed-off-by: Jeff King Signed-off-by: Taylor Blau Signed-off-by: Junio C Hamano

fuzz-commit-graph: initialize repo object

2019-02-07T21:02:26Z

Various #DEFINE "constants" in commit-graph.c now depend on the_hash_algo->rawsz, but this object must be initialized before it can be used. Signed-off-by: Josh Steadmon Signed-off-by: Junio C Hamano

commit-graph, fuzz: add fuzzer for commit-graph

2019-01-16T04:31:49Z

Break load_commit_graph_one() into a new function, parse_commit_graph(). The latter function operates on arbitrary buffers, which makes it suitable as a fuzzing target. Since parse_commit_graph() is only called by load_commit_graph_one() (and the fuzzer described below), we omit error messages that would be duplicated by the caller. Adds fuzz-commit-graph.c, which provides a fuzzing entry point compatible with libFuzzer (and possibly other fuzzing engines). Signed-off-by: Josh Steadmon Signed-off-by: Junio C Hamano