Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
mercurial
CVE-2017-1000116-0001.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2017-1000116-0001.patch of Package mercurial
# HG changeset patch # User Yuya Nishihara <yuya@tcha.org> # Date 1501074615 -32400 # Wed Jul 26 22:10:15 2017 +0900 # Branch stable # Node ID 20bac46f7744494507a0dde8dd606b440d9df439 # Parent 0134d839444b47a5fd297cced69e86fba7c81a16 pathauditor: disable cache of audited paths by default (issue5628) The initial attempt was to discard cache when appropriate, but it appears to be error prone. We had to carefully inspect all places where audit() is called e.g. without actually updating filesystem, before removing files and directories, etc. So, this patch disables the cache of audited paths by default, and enables it only for the following cases: - short-lived auditor objects - repo.vfs, repo.svfs, and repo.cachevfs, which are managed directories and considered sort of append-only (a file/directory would never be replaced with a symlink) There would be more cacheable vfs objects (e.g. mq.queue.opener), but I decided not to inspect all of them in this patch. We can make them cached later. Benchmark result: - using old clone of http://selenic.com/repo/linux-2.6/ (38319 files) - on tmpfs - run HGRCPATH=/dev/null hg up -q --time tip && hg up -q null - try 4 times and take the last three results original: real 7.480 secs (user 1.140+22.760 sys 0.150+1.690) real 8.010 secs (user 1.070+22.280 sys 0.170+2.120) real 7.470 secs (user 1.120+22.390 sys 0.120+1.910) clearcache (the other series): real 7.680 secs (user 1.120+23.420 sys 0.140+1.970) real 7.670 secs (user 1.110+23.620 sys 0.130+1.810) real 7.740 secs (user 1.090+23.510 sys 0.160+1.940) enable cache only for vfs and svfs (this series): real 8.730 secs (user 1.500+25.190 sys 0.260+2.260) real 8.750 secs (user 1.490+25.170 sys 0.250+2.340) real 9.010 secs (user 1.680+25.340 sys 0.280+2.540) remove cache function at all (for reference): real 9.620 secs (user 1.440+27.120 sys 0.250+2.980) real 9.420 secs (user 1.400+26.940 sys 0.320+3.130) real 9.760 secs (user 1.530+27.270 sys 0.250+2.970) --- mercurial/cmdutil.py | 2 +- mercurial/dirstate.py | 2 +- mercurial/localrepo.py | 6 ++++-- mercurial/scmutil.py | 28 ++++++++++++++++++++-------- 4 files changed, 26 insertions(+), 12 deletions(-) --- a/mercurial/cmdutil.py +++ b/mercurial/cmdutil.py @@ -2063,7 +2063,7 @@ def revert(ui, repo, ctx, parents, *pats fc = ctx[f] repo.wwrite(f, fc.data(), fc.flags()) - audit_path = scmutil.pathauditor(repo.root) + audit_path = scmutil.pathauditor(repo.root, cached=True) for f in remove[0]: if repo.dirstate[f] == 'a': repo.dirstate.drop(f) --- a/mercurial/dirstate.py +++ b/mercurial/dirstate.py @@ -736,7 +736,7 @@ class dirstate(object): # unknown == True means we walked the full directory tree above. # So if a file is not seen it was either a) not matching matchfn # b) ignored, c) missing, or d) under a symlink directory. - audit_path = scmutil.pathauditor(self._root) + audit_path = scmutil.pathauditor(self._root, cached=True) for nf in iter(visit): # Report ignored items in the dmap as long as they are not --- a/mercurial/localrepo.py +++ b/mercurial/localrepo.py @@ -167,7 +167,7 @@ class localrepository(object): self.path = self.wvfs.join(".hg") self.origroot = path self.auditor = scmutil.pathauditor(self.root, self._checknested) - self.vfs = scmutil.vfs(self.path) + self.vfs = scmutil.vfs(self.path, cacheaudited=True) self.opener = self.vfs self.baseui = baseui self.ui = baseui.copy() @@ -238,7 +238,9 @@ class localrepository(object): if inst.errno != errno.ENOENT: raise - self.store = store.store(requirements, self.sharedpath, scmutil.vfs) + self.store = store.store( + requirements, self.sharedpath, + lambda base: scmutil.vfs(base, cacheaudited=True)) self.spath = self.store.path self.svfs = self.store.vfs self.sopener = self.svfs --- a/mercurial/scmutil.py +++ b/mercurial/scmutil.py @@ -118,12 +118,17 @@ class pathauditor(object): - traverses a symlink (e.g. a/symlink_here/b) - inside a nested repository (a callback can be used to approve some nested repositories, e.g., subrepositories) + + If 'cached' is set to True, audited paths and sub-directories are cached. + Be careful to not keep the cache of unmanaged directories for long because + audited paths may be replaced with symlinks. ''' - def __init__(self, root, callback=None): + def __init__(self, root, callback=None, cached=False): self.audited = set() self.auditeddir = set() self.root = root + self._cached = cached self.callback = callback if os.path.lexists(root) and not util.checkcase(root): self.normcase = util.normcase @@ -189,10 +194,11 @@ class pathauditor(object): parts.pop() normparts.pop() - self.audited.add(normpath) - # only add prefixes to the cache after checking everything: we don't - # want to add "foo/bar/baz" before checking if there's a "foo/.hg" - self.auditeddir.update(prefixes) + if self._cached: + self.audited.add(normpath) + # only add prefixes to the cache after checking everything: we don't + # want to add "foo/bar/baz" before checking if there's a "foo/.hg" + self.auditeddir.update(prefixes) def check(self, path): try: @@ -292,13 +298,19 @@ class vfs(abstractvfs): This class is used to hide the details of COW semantics and remote file access from higher level code. + + 'cacheaudited' should be enabled only if (a) vfs object is short-lived, or + (b) the base directory is managed by hg and considered sort-of append-only. + See pathutil.pathauditor() for details. ''' - def __init__(self, base, audit=True, expandpath=False, realpath=False): + def __init__(self, base, audit=True, cacheaudited=False, expandpath=False, + realpath=False): if expandpath: base = util.expandpath(base) if realpath: base = os.path.realpath(base) self.base = base + self._cacheaudited = cacheaudited self._setmustaudit(audit) self.createmode = None self._trustnlink = None @@ -309,7 +321,7 @@ class vfs(abstractvfs): def _setmustaudit(self, onoff): self._audit = onoff if onoff: - self.audit = pathauditor(self.base) + self.audit = pathauditor(self.base, cached=self._cacheaudited) else: self.audit = util.always @@ -767,7 +779,7 @@ def _interestingfiles(repo, matcher): This is different from dirstate.status because it doesn't care about whether files are modified or clean.''' added, unknown, deleted, removed = [], [], [], [] - audit_path = pathauditor(repo.root) + audit_path = pathauditor(repo.root, cached=True) ctx = repo[None] dirstate = repo.dirstate
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor