Merge branch 'jk/pack-idx-corruption-safety'

The code to read the pack data using the offsets stored in the pack
idx file has been made more carefully check the validity of the
data in the idx.

* jk/pack-idx-corruption-safety:
sha1_file.c: mark strings for translation
use_pack: handle signed off_t overflow
nth_packed_object_offset: bounds-check extended offset
t5313: test bounds-checks of corrupted/malicious pack/idx files

diff --cc builtin/index-pack.c
Simple merge

diff --cc cache.h
index d7ff46ec4a016c6ab7d233b9d4a196ecde623528,6c9aaa1ae63a2255a215c1287e38e75fcc5fc5d3..b829410f6da0afc14353b4621d2fdf874181a9f7
--- 1/cache.h
--- 2/cache.h
+++ b/cache.h
@@@ -1367,8 -1234,18 +1367,18 @@@ extern void close_all_packs(void)
  extern void unuse_pack(struct pack_window **);
  extern void free_pack_by_name(const char *);
  extern void clear_delta_base_cache(void);
 -extern struct packed_git *add_packed_git(const char *, int, int);
 +extern struct packed_git *add_packed_git(const char *path, size_t path_len, int local);
  
+ /*
+  * Make sure that a pointer access into an mmap'd index file is within bounds,
+  * and can provide at least 8 bytes of data.
+  *
+  * Note that this is only necessary for variable-length segments of the file
+  * (like the 64-bit extended offset table), as we compare the size to the
+  * fixed-length parts when we open the file.
+  */
+ extern void check_pack_index_ptr(const struct packed_git *p, const void *ptr);
+ 
  /*
   * Return the SHA-1 of the nth object within the specified packfile.
   * Open the index if it is not already open.  The return value points

diff --cc sha1_file.c
Simple merge