fix: prevent newline amplification

A fuzzer found input sized 780kb, but the output becomes
180MB in size, ultimately taking 48s to parse on M1 Pro.

Note that the parsing itself is fast, but we seem to modify
the input in such a way that parsing takes way longer than it
should. That might be another issue which it will probably find
next, let's wait for it.

Author: Byron

gix-config/src/file/write.rs

@@ -83,10 +83,19 @@ pub(crate) fn ends_with_newline(e: &[crate::parse::Event<'_>], nl: impl AsRef<[u
 }
 
 pub(crate) fn extract_newline<'a>(e: &'a Event<'_>) -> Option<&'a BStr> {
-    match e {
-        Event::Newline(b) => b.as_ref().into(),
-        _ => None,
-    }
+    Some(match e {
+        Event::Newline(b) => {
+            let nl = b.as_ref();
+
+            // Newlines are parsed consecutively, be sure we only take the smallest possible variant
+            if nl.contains(&b'\r') {
+                "\r\n".into()
+            } else {
+                "\n".into()
+            }
+        }
+        _ => return None,
+    })
 }
 
 pub(crate) fn platform_newline() -> &'static BStr {

gix-config/src/parse/mod.rs

@@ -59,7 +59,7 @@ pub enum Event<'a> {
     Value(Cow<'a, BStr>),
     /// Represents any token used to signify a newline character. On Unix
     /// platforms, this is typically just `\n`, but can be any valid newline
-    /// sequence. Multiple newlines (such as `\n\n`) will be merged as a single
+    /// *sequence*. Multiple newlines (such as `\n\n`) will be merged as a single
     /// newline event containing a string of multiple newline characters.
     Newline(Cow<'a, BStr>),
     /// Any value that isn't completed. This occurs when the value is continued

gix-config/tests/file/mod.rs

@@ -49,7 +49,7 @@ fn fuzzed_long_runtime() -> crate::Result {
     let config = std::fs::read(fixture_path_standalone("fuzzed/long-parsetime.config"))?;
     let file = File::from_bytes_no_includes(&config, gix_config::file::Metadata::default(), Default::default())?;
     assert_eq!(file.sections().count(), 52);
-    assert_eq!(file.to_bstring().len(), 180351853);
+    assert!(file.to_bstring().len() < 1200000);
     File::from_bytes_no_includes(
         &file.to_bstring(),
         gix_config::file::Metadata::default(),
@@ -60,7 +60,7 @@ fn fuzzed_long_runtime() -> crate::Result {
     mutated_file.append(file);
     assert_eq!(mutated_file.sections().count(), 52 * 2);
     let serialized = mutated_file.to_bstring();
-    assert_eq!(serialized.len(), 360703706);
+    assert!(serialized.len() < 2400000);
     File::from_bytes_no_includes(&serialized, gix_config::file::Metadata::default(), Default::default())?;
     Ok(())
 }

gix-config/tests/mem.rs

@@ -27,7 +27,7 @@ fn usage() {
         peak = ByteSize(ALLOCATOR.max_allocated() as u64),
     );
     assert!(
-        used < 60 * 1024 * 1024,
+        used < 80 * 1024 * 1024,
         "we should now start using more memory than anticipated, to keep mem-amplification low"
     );
 }