Andrew's git / gitweb.git / diff
?
Fix potentially dangerous use of git_path in ref.c
authorAlex Riesen <raa.lkml@gmail.com>
Mon, 27 Oct 2008 10:11:40 +0000 (11:11 +0100)
committerJunio C Hamano <gitster@pobox.com>
Fri, 31 Oct 2008 00:18:29 +0000 (17:18 -0700)
Signed-off-by: Junio C Hamano <gitster@pobox.com>
refs.c patch | blob | history
diff --git a/refs.c b/refs.c
index 39a3b23804d2da715c564459bf320be23d41c1bf..71443cdf85279933132266c8fdfc5d3dbcf043ca 100644 (file)
--- a/refs.c
+++ b/refs.c
@@ -401,7 +401,7 @@ const char *resolve_ref(const char *ref, unsigned char *sha1, int reading, int *
                *flag = 0;
 
        for (;;) {
                *flag = 0;
 
        for (;;) {
-               const char *path = git_path("%s", ref);
+               char path[PATH_MAX];
                struct stat st;
                char *buf;
                int fd;
                struct stat st;
                char *buf;
                int fd;
@@ -409,6 +409,7 @@ const char *resolve_ref(const char *ref, unsigned char *sha1, int reading, int *
                if (--depth < 0)
                        return NULL;
 
                if (--depth < 0)
                        return NULL;
 
+               git_snpath(path, sizeof(path), "%s", ref);
                /* Special case: non-existing file.
                 * Not having the refs/heads/new-branch is OK
                 * if we are writing into it, so is .git/HEAD
                /* Special case: non-existing file.
                 * Not having the refs/heads/new-branch is OK
                 * if we are writing into it, so is .git/HEAD
@@ -1121,13 +1122,14 @@ static int log_ref_write(const char *ref_name, const unsigned char *old_sha1,
        int logfd, written, oflags = O_APPEND | O_WRONLY;
        unsigned maxlen, len;
        int msglen;
        int logfd, written, oflags = O_APPEND | O_WRONLY;
        unsigned maxlen, len;
        int msglen;
-       char *log_file, *logrec;
+       char log_file[PATH_MAX];
+       char *logrec;
        const char *committer;
 
        if (log_all_ref_updates < 0)
                log_all_ref_updates = !is_bare_repository();
 
        const char *committer;
 
        if (log_all_ref_updates < 0)
                log_all_ref_updates = !is_bare_repository();
 
-       log_file = git_path("logs/%s", ref_name);
+       git_snpath(log_file, sizeof(log_file), "logs/%s", ref_name);
 
        if (log_all_ref_updates &&
            (!prefixcmp(ref_name, "refs/heads/") ||
 
        if (log_all_ref_updates &&
            (!prefixcmp(ref_name, "refs/heads/") ||