Skip to content

Fix unsoundness in git2::diff::DiffBinaryFile::data() for empty data#1279

Merged
weihanglo merged 2 commits into
rust-lang:mainfrom
DanielEScherzer:empty-binary-data
Jun 13, 2026
Merged

Fix unsoundness in git2::diff::DiffBinaryFile::data() for empty data#1279
weihanglo merged 2 commits into
rust-lang:mainfrom
DanielEScherzer:empty-binary-data

Conversation

@DanielEScherzer

@DanielEScherzer DanielEScherzer commented Jun 12, 2026

Copy link
Copy Markdown
Contributor

Fixes #1278

@DanielEScherzer
Add regression tests for DiffBinaryFile::data() with missing data
5986e51 
When a `Diff` is created without the information of *how* a binary file
changed, the data is empty and the pointer to it is NULL; this violates the
preconditions of `slice::from_raw_parts()`, which requires that the provided
pointer be non-null.

The new test is currently failing and exists to show the error - it could not
be split up and marked with `#[should_panic]`, which does not appear to work
here. This may be because the error message is that "thread caused
non-unwinding panic. aborting." after the problematic `slice::from_raw_parts()`
call, and the attribute only works with unwinding panics, I'm not sure.

Also add a test for a binary diff where the data is not missing to confirm that
in that case `DiffBinaryFile::data()` works properly.
@DanielEScherzer
Fix unsoundness with DiffBinaryFile::data() with missing data
c01c276 
When there is no data, rather than using `slice::from_raw_parts()` with a null
pointer (which is unsound), just return an empty slice directly.

Fixes rust-lang#1278
@rustbot rustbot added the S-waiting-on-review Status: Waiting on review label Jun 12, 2026
weihanglo
weihanglo approved these changes Jun 13, 2026
View reviewed changes

@weihanglo weihanglo left a comment
edited by rustbot
Loading

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

View changes since this review

@weihanglo weihanglo added this pull request to the merge queue Jun 13, 2026
Merged via the queue into rust-lang:main with commit 4938bfe Jun 13, 2026
7 checks passed
@rustbot rustbot removed the S-waiting-on-review Status: Waiting on review label Jun 13, 2026
@DanielEScherzer DanielEScherzer deleted the empty-binary-data branch June 13, 2026 17:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@weihanglo weihanglo weihanglo approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Unsound slice::from_raw_parts() in git2::diff::DiffBinaryFile::data()

3 participants

@DanielEScherzer @weihanglo @rustbot