From: Jiang Xin <worldhello.net@gmail.com>
Date: Mon, 21 Apr 2014 06:02:03 +0000 (+0800)
Subject: blame: fix broken time_buf paddings in relative timestamp
X-Git-Tag: v2.0.1~20^2~1
X-Git-Url: https://git.lorimer.id.au/gitweb.git/diff_plain/bccce0f8099fac6bcc80914726ddf43ca544b3c1?ds=inline;hp=bccce0f8099fac6bcc80914726ddf43ca544b3c1

blame: fix broken time_buf paddings in relative timestamp

Command `git blame --date relative` aligns the date field with a
fixed-width (defined by blame_date_width), and if time_str is shorter
than that, it adds spaces for padding.  But there are two bugs in the
following codes:

time_len = strlen(time_str);
...
memset(time_buf + time_len, ' ', blame_date_width - time_len);

1. The type of blame_date_width is size_t, which is unsigned.  If
time_len is greater than blame_date_width, the result of
"blame_date_width - time_len" will never be a negative number, but a
really big positive number, and will cause memory overwrite.

This bug can be triggered if either l10n message for function
show_date_relative() in date.c is longer than 30 characters, then
`git blame --date relative` may exit abnormally.

2. When show blame information with relative time, the UTF-8 characters
in time_str will break the alignment of columns after the date field.
This is because the time_buf padding with spaces should have a
constant display width, not a fixed strlen size.  So we should call
utf8_strwidth() instead of strlen() for width calibration.

Helped-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com>
Helped-by: Eric Sunshine <sunshine@sunshineco.com>
Signed-off-by: Jiang Xin <worldhello.net@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---