Mercurial Mercurial > mercurial / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
revlog: in addgroup, reject ill-formed deltas based on censored nodes
authorMike Edgar <adgar@google.com>
Fri, 06 Feb 2015 00:55:29 +0000
changeset 24120 a450e0a2ba0a
parent 24119 a5a06c9c7407
child 24121 9d0b6ef92eb2
revlog: in addgroup, reject ill-formed deltas based on censored nodes To ensure interoperability when clones disagree about which file nodes are censored, a restriction is made on deltas based on censored nodes. Any such delta must replace the full text of the base in a single patch. If the recipient of a delta considers the base to be censored and the delta is not in the expected form, the recipient must reject it, as it can't know if the source has also censored the base. For background and broader design of the censorship feature, see: http://mercurial.selenic.com/wiki/CensorPlan
mercurial/changegroup.py file | annotate | diff | comparison | revisions
mercurial/error.py file | annotate | diff | comparison | revisions
mercurial/revlog.py file | annotate | diff | comparison | revisions 
--- a/mercurial/changegroup.py	Wed Jan 21 16:35:09 2015 -0500
+++ b/mercurial/changegroup.py	Fri Feb 06 00:55:29 2015 +0000
@@ -659,8 +659,11 @@
         pr()
         fl = repo.file(f)
         o = len(fl)
-        if not fl.addgroup(source, revmap, trp):
-            raise util.Abort(_("received file revlog group is empty"))
+        try:
+            if not fl.addgroup(source, revmap, trp):
+                raise util.Abort(_("received file revlog group is empty"))
+        except error.CensoredBaseError, e:
+            raise util.Abort(_("received delta base is censored: %s") % e)
         revisions += len(fl) - o
         files += 1
         if f in needfiles:
--- a/mercurial/error.py	Wed Jan 21 16:35:09 2015 -0500
+++ b/mercurial/error.py	Fri Feb 06 00:55:29 2015 +0000
@@ -141,3 +141,11 @@
     def __init__(self, filename, node):
         from node import short
         RevlogError.__init__(self, '%s:%s' % (filename, short(node)))
+
+class CensoredBaseError(RevlogError):
+    """error raised when a delta is rejected because its base is censored
+
+    A delta based on a censored revision must be formed as single patch
+    operation which replaces the entire base with new content. This ensures
+    the delta may be applied by clones which have not censored the base.
+    """
--- a/mercurial/revlog.py	Wed Jan 21 16:35:09 2015 -0500
+++ b/mercurial/revlog.py	Fri Feb 06 00:55:29 2015 +0000
@@ -1403,6 +1403,17 @@
                                       _('unknown delta base'))
 
                 baserev = self.rev(deltabase)
+
+                if baserev != nullrev and self.iscensored(baserev):
+                    # if base is censored, delta must be full replacement in a
+                    # single patch operation
+                    hlen = struct.calcsize(">lll")
+                    oldlen = self.rawsize(baserev)
+                    newlen = len(delta) - hlen
+                    if delta[:hlen] != mdiff.replacediffheader(oldlen, newlen):
+                        raise error.CensoredBaseError(self.indexfile,
+                                                      self.node(baserev))
+
                 chain = self._addrevision(node, None, transaction, link,
                                           p1, p2, REVIDX_DEFAULT_FLAGS,
                                           (baserev, delta), ifh, dfh)
mercurial