path: root/index-pack.c
diff options
authorNicolas Pitre <>2007-04-09 05:06:30 (GMT)
committerJunio C Hamano <>2007-04-10 19:48:14 (GMT)
commitd7dd02231f75604e388afb905f7bf8afd1bf4b24 (patch)
tree6325b2d2941ae62713c30b7cf0b6c7b9d259a835 /index-pack.c
parent8723f216263ba4a0f06be7b93fada863c0931e09 (diff)
add overflow tests on pack offset variables
Change a few size and offset variables to more appropriate type, then add overflow tests on those offsets. This prevents any bad data to be generated/processed if off_t happens to not be large enough to handle some big packs. Better be safe than sorry. Signed-off-by: Nicolas Pitre <> Signed-off-by: Junio C Hamano <>
Diffstat (limited to 'index-pack.c')
1 files changed, 10 insertions, 4 deletions
diff --git a/index-pack.c b/index-pack.c
index 0e54aa6..66fb0bc 100644
--- a/index-pack.c
+++ b/index-pack.c
@@ -12,7 +12,7 @@ static const char index_pack_usage[] =
struct object_entry
- unsigned long offset;
+ off_t offset;
unsigned long size;
unsigned int hdr_size;
enum object_type type;
@@ -22,7 +22,7 @@ struct object_entry
union delta_base {
unsigned char sha1[20];
- unsigned long offset;
+ off_t offset;
@@ -83,7 +83,8 @@ static unsigned display_progress(unsigned n, unsigned total, unsigned last_pc)
/* We always read in 4kB chunks. */
static unsigned char input_buffer[4096];
-static unsigned long input_offset, input_len, consumed_bytes;
+static unsigned int input_offset, input_len;
+static off_t consumed_bytes;
static SHA_CTX input_ctx;
static int input_fd, output_fd, pack_fd;
@@ -129,6 +130,10 @@ static void use(int bytes)
die("used more bytes than were available");
input_len -= bytes;
input_offset += bytes;
+ /* make sure off_t is sufficiently large not to wrap */
+ if (consumed_bytes > consumed_bytes + bytes)
+ die("pack too large for current definition of off_t");
consumed_bytes += bytes;
@@ -216,7 +221,8 @@ static void *unpack_entry_data(unsigned long offset, unsigned long size)
static void *unpack_raw_entry(struct object_entry *obj, union delta_base *delta_base)
unsigned char *p, c;
- unsigned long size, base_offset;
+ unsigned long size;
+ off_t base_offset;
unsigned shift;
obj->offset = consumed_bytes;