From: Phillip Wood <phillip.wood@xxxxxxxxxxxxx>
On a 64 bit system the calculation
p->pack_size * pack_info[i].referenced_objects
could overflow. If a pack file contains 2^28 objects with an average
compressed size of 1KB then the pack size will be 2^38B. If all of the
objects are referenced by the multi-pack index the sum above will
overflow. Avoid this by using shifted integer arithmetic and changing
the order of the calculation so that the pack size is divided by the
total number of objects in the pack before multiplying by the number of
objects referenced by the multi-pack index. Using a shift of 14 bits
should give reasonable accuracy while avoiding overflow for pack sizes
less that 1PB.
Signed-off-by: Phillip Wood <phillip.wood@xxxxxxxxxxxxx>
---
midx-write.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/midx-write.c b/midx-write.c
index 105014a2792..8121e96f4fd 100644
--- a/midx-write.c
+++ b/midx-write.c
@@ -1704,9 +1704,15 @@ static void fill_included_packs_batch(struct repository *r,
if (!want_included_pack(r, m, pack_kept_objects, pack_int_id))
continue;
- expected_size = uint64_mult(p->pack_size,
- pack_info[i].referenced_objects);
+ /*
+ * Use shifted integer arithmetic to calculate the
+ * expected pack size to ~4 significant digits without
+ * overflow for packsizes less that 1PB.
+ */
+ expected_size = (uint64_t)pack_info[i].referenced_objects << 14;
expected_size /= p->num_objects;
+ expected_size = u64_mult(expected_size, p->pack_size);
+ expected_size = u64_add(expected_size, 1u << 13) >> 14;
if (expected_size >= batch_size)
continue;
--
2.49.0.897.gfad3eb7d210
