Merge branch 'mk/diff-delta-avoid-large-offset'

The delta format used in the packfile cannot reference data at
offset larger than what can be expressed in 4-byte, but the
generator for the data failed to make sure the offset does not
overflow.  This has been corrected.

* mk/diff-delta-avoid-large-offset:
diff-delta: do not allow delta offset truncation

diff --git a/diff-delta.c b/diff-delta.c
index cd238c8ed8fbbd61984b72d1d8018e7ab2a9d29e..e49643353bf56807b3d4ac4011784b5d8dd6f7a4 100644 (file)
--- a/diff-delta.c
+++ b/diff-delta.c
@@ -454,6 +454,9 @@ create_delta(const struct delta_index *index,
                        moff += msize;
                        msize = left;
 
+                       if (moff > 0xffffffff)
+                               msize = 0;
+
                        if (msize < 4096) {
                                int j;
                                val = 0;