Fixed GPF in fast-import caused by unterminated linked list.

fast-import was encounting a GPF when it ran out of free tree_entry
objects but didn't know this was the cause because the last
tree_entry wasn't terminated with a NULL pointer.  The missing NULL
pointer occurred when we allocated additional entries via xmalloc
but didn't set the last tree_entry's "next" pointer to NULL.

Signed-off-by: Shawn O. Pearce <spearce@spearce.org>

diff --git a/fast-import.c b/fast-import.c
index 8328e004bb2fad1c1a7a831fedf0ef2aab5c21f7..194116be6f7951df32d0770d0901533887a59025 100644 (file)
--- a/fast-import.c
+++ b/fast-import.c
@@ -520,10 +520,11 @@ static struct tree_entry* new_tree_entry()
                unsigned int n = tree_entry_alloc;
                total_allocd += n * sizeof(struct tree_entry);
                avail_tree_entry = e = xmalloc(n * sizeof(struct tree_entry));
                unsigned int n = tree_entry_alloc;
                total_allocd += n * sizeof(struct tree_entry);
                avail_tree_entry = e = xmalloc(n * sizeof(struct tree_entry));

-               while (n--) {
+               while (n-- > 1) {

                        *((void**)e) = e + 1;
                        e++;
                }
                        *((void**)e) = e + 1;
                        e++;
                }

+               *((void*)e) = NULL;

        }
 
        e = avail_tree_entry;
        }
 
        e = avail_tree_entry;