commit a85917112992dbff7d0827f6cf65c6b5a3fb7bd2
from: Stefan Sperling <stsp@stsp.name>
date: Fri Jun 18 13:52:26 2021 UTC

raw object size should not include the length of the object's header

This way, the size of a raw object is the same regardless of whether
the object was found in a loose object file or in a pack file.

commit - 9ca9aafb026269aef00e469133fb7d1e3c224952
commit + a85917112992dbff7d0827f6cf65c6b5a3fb7bd2
blob - 52d8dac526f9596a3b372685396afc74d8eeea47
blob + 7ebffb4ae32b0d4e6842a6fa0787caa8ad38dfcb
--- lib/object.c
+++ lib/object.c
@@ -569,11 +569,6 @@ got_object_raw_open(struct got_raw_object **obj, struc
 		    repo, fd);
 	}
 
-	if (hdrlen > size) {
-		err = got_error(GOT_ERR_BAD_OBJ_HDR);
-		goto done;
-	}
-
 	*obj = calloc(1, sizeof(**obj));
 	if (*obj == NULL) {
 		err = got_error_from_errno("calloc");
@@ -605,7 +600,7 @@ got_object_raw_open(struct got_raw_object **obj, struc
 			goto done;
 		}
 
-		if (sb.st_size != size) {
+		if (sb.st_size != hdrlen + size) {
 			err = got_error(GOT_ERR_PRIVSEP_LEN);
 			goto done;
 		}
blob - 61891c554c130e0e597d44f689d9d93fec69b64d
blob + ebbe86bd40a3407e2166b0cfbe3a8490c353f30c
--- lib/privsep.c
+++ lib/privsep.c
@@ -296,8 +296,8 @@ got_privsep_send_raw_obj(struct imsgbuf *ibuf, off_t s
 	iobj.hdrlen = hdrlen;
 	iobj.size = size;
 
-	if (data && size <= GOT_PRIVSEP_INLINE_OBJECT_DATA_MAX)
-		len += (size_t)size;
+	if (data && size + hdrlen <= GOT_PRIVSEP_INLINE_OBJECT_DATA_MAX)
+		len += (size_t)size + hdrlen;
 
 	wbuf = imsg_create(ibuf, GOT_IMSG_RAW_OBJECT, 0, 0, len);
 	if (wbuf == NULL) {
@@ -311,8 +311,8 @@ got_privsep_send_raw_obj(struct imsgbuf *ibuf, off_t s
 		return err;
 	}
 
-	if (data && size <= GOT_PRIVSEP_INLINE_OBJECT_DATA_MAX) {
-		if (imsg_add(wbuf, data, size) == -1) {
+	if (data && size + hdrlen <= GOT_PRIVSEP_INLINE_OBJECT_DATA_MAX) {
+		if (imsg_add(wbuf, data, size + hdrlen) == -1) {
 			err = got_error_from_errno("imsg_add RAW_OBJECT");
 			ibuf_free(wbuf);
 			return err;
@@ -357,17 +357,17 @@ got_privsep_recv_raw_obj(uint8_t **outbuf, off_t *size
 			break;
 		}
 
-		if (*size > GOT_PRIVSEP_INLINE_OBJECT_DATA_MAX) {
+		if (*size + *hdrlen > GOT_PRIVSEP_INLINE_OBJECT_DATA_MAX) {
 			err = got_error(GOT_ERR_PRIVSEP_LEN);
 			break;
 		}
 
-		*outbuf = malloc(*size);
+		*outbuf = malloc(*size + *hdrlen);
 		if (*outbuf == NULL) {
 			err = got_error_from_errno("malloc");
 			break;
 		}
-		memcpy(*outbuf, imsg.data + sizeof(*iobj), *size);
+		memcpy(*outbuf, imsg.data + sizeof(*iobj), *size + *hdrlen);
 		break;
 	default:
 		err = got_error(GOT_ERR_PRIVSEP_MSG);
blob - 42395bad277f640b4fc012757d30a1695d7b5f4a
blob + 8cb2bc37152c96e55501d1e2f7927e159f2ca29f
--- libexec/got-read-object/got-read-object.c
+++ libexec/got-read-object/got-read-object.c
@@ -77,7 +77,7 @@ send_raw_obj(struct imsgbuf *ibuf, struct got_object *
 		return err;
 	}
 
-	if (obj->size <= GOT_PRIVSEP_INLINE_OBJECT_DATA_MAX)
+	if (obj->size + obj->hdrlen <= GOT_PRIVSEP_INLINE_OBJECT_DATA_MAX)
 		err = got_inflate_to_mem(&data, &len, &consumed, f);
 	else
 		err = got_inflate_to_fd(&len, f, outfd);
@@ -89,7 +89,8 @@ send_raw_obj(struct imsgbuf *ibuf, struct got_object *
 		goto done;
 	}
 
-	err = got_privsep_send_raw_obj(ibuf, len, obj->hdrlen, data);
+	err = got_privsep_send_raw_obj(ibuf, obj->size, obj->hdrlen, data);
+
 done:
 	free(data);
 	if (fclose(f) == EOF && err == NULL)