commit be33dff7fa389c620154dc06efbeae69bd002950
from: Omar Polo <op@omarpolo.com>
date: Fri May 13 15:28:04 2022 UTC

got patch: fail when reading empty hunks

commit - 6d9c73d72e43db5dfe560cade0a61eed638b45d0
commit + be33dff7fa389c620154dc06efbeae69bd002950
blob - 9a66825918efbd6b934add0ed0636e397fb31edd
blob + d7d7afe8b98daec948e859725cc2686ec675b8f5
--- lib/patch.c
+++ lib/patch.c
@@ -215,9 +215,12 @@ recv_patch(struct imsgbuf *ibuf, int *done, struct got
 
 		switch (imsg.hdr.type) {
 		case GOT_IMSG_PATCH_DONE:
+			if (h != NULL && h->len == 0)
+				err = got_error(GOT_ERR_PATCH_MALFORMED);
 			goto done;
 		case GOT_IMSG_PATCH_HUNK:
-			if (h != NULL && (h->old_nonl || h->new_nonl)) {
+			if (h != NULL &&
+			    (h->len == 0 || h->old_nonl || h->new_nonl)) {
 				err = got_error(GOT_ERR_PATCH_MALFORMED);
 				goto done;
 			}
@@ -470,9 +473,6 @@ patch_file(struct got_patch *p, const char *path, FILE
 
 	copypos = 0;
 	STAILQ_FOREACH(h, &p->head, entries) {
-		if (h->lines == NULL)
-			break;
-
 	tryagain:
 		err = locate_hunk(orig, h, &pos, &lineno);
 		if (err != NULL && err->code == GOT_ERR_HUNK_FAILED)
blob - 074b5cb8fcd2962ea86e2b829b0b0817f69b8835
blob + 96d97895737dd64fc733a5a4dcbcc4b195ffe58e
--- libexec/got-read-patch/got-read-patch.c
+++ libexec/got-read-patch/got-read-patch.c
@@ -267,7 +267,8 @@ parse_hdr(char *s, int *done, struct got_imsg_patch_hu
 	if (hdr->oldfrom >= LONG_MAX - hdr->oldlines ||
 	    hdr->newfrom >= LONG_MAX - hdr->newlines ||
 	    /* not so sure about this one */
-	    hdr->oldlines >= LONG_MAX - hdr->newlines - 1)
+	    hdr->oldlines >= LONG_MAX - hdr->newlines - 1 ||
+	    (hdr->oldlines == 0 && hdr->newlines == 0))
 		return got_error(GOT_ERR_PATCH_MALFORMED);
 
 	if (hdr->oldlines == 0) {
blob - b30e9e02052c205e40d442f72d8988369b6eea06
blob + 155c33f0173f68f8c1375feaf38ffc73113b0b7e
--- regress/cmdline/patch.sh
+++ regress/cmdline/patch.sh
@@ -509,6 +509,40 @@ EOF
 @@ -1 +1,2 @@
 +hatsuseno
 alpha
+EOF
+
+	(cd $testroot/wt && got patch patch) \
+		 > $testroot/stdout \
+		2> $testroot/stderr
+	ret=$?
+	if [ $ret -eq 0 ]; then
+		echo "got managed to apply an invalid patch"
+		test_done $testroot 1
+		return 1
+	fi
+
+	cmp -s $testroot/stdout.expected $testroot/stdout
+	ret=$?
+	if [ $ret -ne 0 ]; then
+		diff -u $testroot/stdout.expected $testroot/stdout
+		test_done $testroot $ret
+		return 1
+	fi
+
+	cmp -s $testroot/stderr.expected $testroot/stderr
+	ret=$?
+	if [ $ret -ne 0 ]; then
+		diff -u $testroot/stderr.expected $testroot/stderr
+		test_done $testroot $ret
+		return 1
+	fi
+
+	# empty hunk
+	cat <<EOF > $testroot/wt/patch
+diff --git a/alpha b/iota
+--- a/alpha
++++ b/iota
+@@ -0,0 +0,0 @@
 EOF
 
 	(cd $testroot/wt && got patch patch) \