Andrew's git / gitweb.git / diff
?
Merge branch 'js/regexec-buf'
authorJunio C Hamano <gitster@pobox.com>
Fri, 24 Mar 2017 20:07:35 +0000 (13:07 -0700)
committerJunio C Hamano <gitster@pobox.com>
Fri, 24 Mar 2017 20:07:35 +0000 (13:07 -0700)
Fix for potential segv introduced in v2.11.0 and later (also
v2.10.2).

* js/regexec-buf:
pickaxe: fix segfault with '-S<...> --pickaxe-regex'

diffcore-pickaxe.c patch | blob | history
t/t4062-diff-pickaxe.sh patch | blob | history
diff --git a/diffcore-pickaxe.c b/diffcore-pickaxe.c
index 9795ca1c159a5177b1b7031a87c8f8bd5e5be3d5..341529b5a865ae6460f50d8593d52497059f2408 100644 (file)
--- a/diffcore-pickaxe.c
+++ b/diffcore-pickaxe.c
@@ -81,12 +81,15 @@ static unsigned int contains(mmfile_t *mf, regex_t *regexp, kwset_t kws)
                regmatch_t regmatch;
                int flags = 0;
 
-               while (*data &&
+               while (sz && *data &&
                       !regexec_buf(regexp, data, sz, 1, &regmatch, flags)) {
                        flags |= REG_NOTBOL;
                        data += regmatch.rm_eo;
-                       if (*data && regmatch.rm_so == regmatch.rm_eo)
+                       sz -= regmatch.rm_eo;
+                       if (sz && *data && regmatch.rm_so == regmatch.rm_eo) {
                                data++;
+                               sz--;
+                       }
                        cnt++;
                }
 
diff --git a/t/t4062-diff-pickaxe.sh b/t/t4062-diff-pickaxe.sh
index f0bf50bda780f04f9f2ffc2c1f39e354f69ae193..7c4903f49713a22d7fba28a608acf07f1330110b 100755 (executable)
--- a/t/t4062-diff-pickaxe.sh
+++ b/t/t4062-diff-pickaxe.sh
@@ -19,4 +19,9 @@ test_expect_success '-G matches' '
        test 4096-zeroes.txt = "$(cat out)"
 '
 
+test_expect_success '-S --pickaxe-regex' '
+       git diff --name-only -S0 --pickaxe-regex HEAD^ >out &&
+       verbose test 4096-zeroes.txt = "$(cat out)"
+'
+
 test_done