diff options
| author | Martin Koegler <mkoegler@auto.tuwien.ac.at> | 2008-01-06 17:21:10 (GMT) |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2008-01-07 02:41:44 (GMT) |
| commit | 64cc1c0909949fa2866ad71ad2d1ab7ccaa673d9 (patch) | |
| tree | 38dc3d651f1edfacaff677744056e9870b8f27ea /git-merge-one-file.sh | |
| parent | 47ee06f1224cc355d0d5fffb0a65b831790b2845 (diff) | |
| download | git-64cc1c0909949fa2866ad71ad2d1ab7ccaa673d9.zip git-64cc1c0909949fa2866ad71ad2d1ab7ccaa673d9.tar.gz git-64cc1c0909949fa2866ad71ad2d1ab7ccaa673d9.tar.bz2 | |
tree-walk: don't parse incorrect entries
The current code can access memory outside of the tree buffer in the
case of malformed tree entries.
This patch prevents this by:
* The rest of the buffer must be at least 24 bytes (at least 1 byte
mode, 1 blank, at least one byte path name, 1 NUL, 20 bytes sha1).
* Check that the last NUL (21 bytes before the end) is present.
This ensures that strlen() and get_mode() calls stay within the
buffer.
* The mode may not be empty. We have only to reject a blank at the
begin, as the rest is handled by if (c < '0' || c > '7').
* The blank is ensured by get_mode().
* The path must contain at least one character.
Signed-off-by: Martin Koegler <mkoegler@auto.tuwien.ac.at>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'git-merge-one-file.sh')
0 files changed, 0 insertions, 0 deletions