MirrorHub/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2024-11-05 05:39:14 +01:00
Code Issues Releases Wiki Activity
gitea/modules
History
KN4CK3R c0b97d0485
Prevent double use of git cat-file session. (#29298) (#29301) 
Backport #29298
Fixes the reason why #29101 is hard to replicate.
Related #29297

Create a repo with a file with minimum size 4097 bytes (I use 10000) and
execute the following code:
```go
gitRepo, err := gitrepo.OpenRepository(db.DefaultContext, <repo>)
assert.NoError(t, err)

commit, err := gitRepo.GetCommit(<sha>)
assert.NoError(t, err)

entry, err := commit.GetTreeEntryByPath(<file>)
assert.NoError(t, err)

b := entry.Blob()

// Create a reader
r, err := b.DataAsync()
assert.NoError(t, err)
defer r.Close()

// Create a second reader
r2, err := b.DataAsync()
assert.NoError(t, err) // Should be no error but is ErrNotExist
defer r2.Close()
```

The problem is the check in `CatFileBatch`:


79217ea63c/modules/git/repo_base_nogogit.go (L81-L87)
`Buffered() > 0` is used to check if there is a "operation" in progress
at the moment. This is a problem because we can't control the internal
buffer in the `bufio.Reader`. The code above demonstrates a sequence
which initiates an operation for which the code thinks there is no
active processing. The second call to `DataAsync()` therefore reuses the
existing instances instead of creating a new batch reader.
2024-02-22 03:20:20 +00:00
..
actions Fix an actions schedule bug (#28942) (#28999) 2024-01-31 15:52:31 +00:00
activitypub More refactoring of db.DefaultContext (#27083) 2023-09-15 06:13:19 +00:00
analyze Rename code_langauge.go to code_language.go (#26377) 2023-08-07 15:00:53 -04:00
assetfs Use Set[Type] instead of map[Type]bool/struct{}. (#26804) 2023-08-30 06:55:25 +00:00
auth Next round of db.DefaultContext refactor (#27089) 2023-09-16 14:39:12 +00:00
avatar Remove nfnt/resize and oliamb/cutter (#25999) 2023-07-20 19:52:42 +08:00
base
cache improve unit test for caching (#26185) 2023-07-27 22:24:40 +02:00
charset Preserve BOM in web editor (#28935) (#28959) 2024-01-27 23:23:31 +01:00
container
context Prevent anonymous container access if RequireSignInView is enabled (#28877) (#28882) 2024-01-22 01:44:38 +08:00
contexttest Improve user experience for outdated comments (#29050) (#29086) 2024-02-08 10:29:54 +08:00
csv
doctor Initalize stroage for orphaned repository doctor (#28487) (#28490) 2023-12-16 22:06:37 +08:00
emoji
eventsource More db.DefaultContext refactor (#27265) (#27347) 2023-09-29 13:35:01 +00:00
generate Handle base64 decoding correctly to avoid panic (#26483) 2023-08-14 10:30:16 +00:00
git Prevent double use of git cat-file session. (#29298) (#29301) 2024-02-22 03:20:20 +00:00
gitgraph More db.DefaultContext refactor (#27265) (#27347) 2023-09-29 13:35:01 +00:00
graceful Allow the use of alternative net.Listener implementations by downstreams (#25855) 2023-07-24 07:18:17 +00:00
hcaptcha
highlight Add option to disable ambiguous unicode characters detection (#28454) (#28499) 2023-12-18 12:20:37 +08:00
hostmatcher Support allowed hosts for webhook to work with proxy (#27655) (#27675) 2023-10-18 15:07:52 +02:00
html Refactor backend SVG package and add tests (#26335) 2023-08-05 04:34:59 +00:00
httpcache
httplib
indexer fix: Elasticsearch: Request Entity Too Large #28117 (#29062) (#29075) 2024-02-07 17:21:28 +08:00
issue/template
json
label
lfs Refactor lfs requests (#26783) 2023-09-18 08:40:50 +00:00
log Reduce some allocations in type conversion (#26772) 2023-08-29 00:43:16 +08:00
markup Fix orgmode link resolving (#29024) (#29076) 2024-02-07 17:24:28 +00:00
mcaptcha
metrics Reduce usage of db.DefaultContext (#27073) 2023-09-14 17:09:32 +00:00
migration
nosql
options
packages Close all hashed buffers (#27787) (#27790) 2023-10-25 22:24:25 +02:00
paginator
pprof
private Use correct has error check for internal responses (#28796) (#28798) 2024-01-15 13:13:35 +01:00
process
proxy
proxyprotocol
public Refactor CORS handler (#28587) (#28611) 2023-12-25 21:01:24 +08:00
queue Increase queue length (#27555) (#27562) 2023-10-10 20:22:26 +08:00
recaptcha
references Replace 'userxx' with 'orgxx' in all test files when the user type is org (#27052) 2023-09-14 02:59:53 +00:00
regexplru Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
repository Always write proc-receive hook for all git versions (#29287) (#29291) 2024-02-21 12:08:34 +01:00
secret
session Next round of db.DefaultContext refactor (#27089) 2023-09-16 14:39:12 +00:00
setting Fix incorrect PostgreSQL connection string for Unix sockets (#28865) (#28870) 2024-01-21 16:06:34 +00:00
sitemap
ssh restrict certificate type for builtin SSH server (#26789) 2023-09-01 13:45:22 +00:00
storage Fix object storage path handling (#27024) 2023-09-13 01:18:52 +00:00
structs chore(api): support ignore password if login source type is LDAP for creating user API (#28491) (#28525) 2023-12-19 11:14:06 +08:00
svg Refactor backend SVG package and add tests (#26335) 2023-08-05 04:34:59 +00:00
sync
system
templates Rework markup link rendering (#26745) (#28803) 2024-01-16 02:13:29 +00:00
test Move web/api context related testing function into a separate package (#26859) 2023-09-01 11:26:07 +00:00
testlogger
timeutil Make template DateTime show proper tooltip (#28677) (#28683) 2024-01-03 18:41:03 +08:00
translation
turnstile
typesniffer Detect ogg mime-type as audio or video (#26494) 2023-08-15 10:31:25 +08:00
updatechecker
upload
uri
user
util Add option to disable ambiguous unicode characters detection (#28454) (#28499) 2023-12-18 12:20:37 +08:00
validation Check blocklist for emails when adding them to account (#26812) 2023-08-30 10:46:49 -05:00
web Refactor CORS handler (#28587) (#28611) 2023-12-25 21:01:24 +08:00
webhook Fix schedule tasks bugs (#28691) (#28780) 2024-01-14 23:54:22 +01:00