summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRené Scharfe <l.s.r@web.de>2016-10-23 17:57:30 (GMT)
committerJunio C Hamano <gitster@pobox.com>2016-10-26 17:54:11 (GMT)
commitbb84735c80dbae6408b79b56f574ae672d2232d4 (patch)
tree13277cde7f5aac48b6881025c5d0b240886a7b98
parent23415c26fef155f2fa9aebf8a48a6ae457b68c7b (diff)
downloadgit-bb84735c80dbae6408b79b56f574ae672d2232d4.zip
git-bb84735c80dbae6408b79b56f574ae672d2232d4.tar.gz
git-bb84735c80dbae6408b79b56f574ae672d2232d4.tar.bz2
hex: make wraparound of the index into ring-buffer explicit
Overflow is defined for unsigned integers, but not for signed ones. We could make the ring-buffer index in sha1_to_hex() and get_pathname() unsigned to be on the safe side to resolve this, but let's make it explicit that we are wrapping around at whatever the number of elements the ring-buffer has. The compiler is smart enough to turn modulus into bitmask for these codepaths that use ring-buffers of a size that is a power of 2. Signed-off-by: René Scharfe <l.s.r@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
-rw-r--r--hex.c3
-rw-r--r--path.c3
2 files changed, 4 insertions, 2 deletions
diff --git a/hex.c b/hex.c
index ab2610e..845b01a 100644
--- a/hex.c
+++ b/hex.c
@@ -78,7 +78,8 @@ char *sha1_to_hex(const unsigned char *sha1)
{
static int bufno;
static char hexbuffer[4][GIT_SHA1_HEXSZ + 1];
- return sha1_to_hex_r(hexbuffer[3 & ++bufno], sha1);
+ bufno = (bufno + 1) % ARRAY_SIZE(hexbuffer);
+ return sha1_to_hex_r(hexbuffer[bufno], sha1);
}
char *oid_to_hex(const struct object_id *oid)
diff --git a/path.c b/path.c
index fe3c4d9..9bfaeda 100644
--- a/path.c
+++ b/path.c
@@ -24,7 +24,8 @@ static struct strbuf *get_pathname(void)
STRBUF_INIT, STRBUF_INIT, STRBUF_INIT, STRBUF_INIT
};
static int index;
- struct strbuf *sb = &pathname_array[3 & ++index];
+ struct strbuf *sb = &pathname_array[index];
+ index = (index + 1) % ARRAY_SIZE(pathname_array);
strbuf_reset(sb);
return sb;
}