Andrew's git
/
gitweb.git
/ diff
summary
|
log
|
commit
| diff |
tree
commit
grep
author
committer
pickaxe
?
re
git-verify-pack: buffer overrun paranoia
author
Rene Scharfe
<rene.scharfe@lsrfire.ath.cx>
Thu, 10 Aug 2006 15:02:36 +0000
(17:02 +0200)
committer
Junio C Hamano
<junkio@cox.net>
Thu, 10 Aug 2006 21:15:55 +0000
(14:15 -0700)
Signed-off-by: Rene Scharfe <rene.scharfe@lsrfire.ath.cx>
Signed-off-by: Junio C Hamano <junkio@cox.net>
verify-pack.c
patch
|
blob
|
history
raw
|
patch
| inline |
side by side
(parent:
d0d619c
)
diff --git
a/verify-pack.c
b/verify-pack.c
index 78d789c62d9f80c21f701d65594f8b7c994e2e8b..99c352ee3a48b03c724d7abcbe60e7136083bf71 100644
(file)
--- a/
verify-pack.c
+++ b/
verify-pack.c
@@
-26,6
+26,15
@@
static int verify_one_pack(const char *path, int verbose)
len += 4;
}
+ /*
+ * add_packed_git() uses our buffer (containing "foo.idx") to
+ * build the pack filename ("foo.pack"). Make sure it fits.
+ */
+ if (len + 1 >= PATH_MAX) {
+ arg[len - 4] = '\0';
+ return error("name too long: %s.pack", arg);
+ }
+
pack = add_packed_git(arg, len, 1);
if (!pack)
return error("packfile %s not found.", arg);