diff options
author | René Scharfe <l.s.r@web.de> | 2023-07-07 21:47:55 (GMT) |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2023-07-07 22:30:16 (GMT) |
commit | 3e81b896f769dfdb479363acb00bdc6b076cfd55 (patch) | |
tree | 97313f778c6f5c790f27df7f467a3c2a6c50a209 /pkt-line.c | |
parent | fb7d80edcae482f4fa5d4be0227dc3054734e5f3 (diff) | |
download | git-3e81b896f769dfdb479363acb00bdc6b076cfd55.zip git-3e81b896f769dfdb479363acb00bdc6b076cfd55.tar.gz git-3e81b896f769dfdb479363acb00bdc6b076cfd55.tar.bz2 |
pkt-line: add size parameter to packet_length()
hex2chr() takes care not to run over the end of a NUL-terminated string.
It's used in packet_length(), but both callers of that function pass a
four-byte buffer, making NUL-checks unnecessary. packet_length() could
accidentally be used with a pointer to a buffer of unknown size at new
call-sites, though, and the compiler wouldn't complain.
Add a size parameter plus check, and remove the NUL-checks by calling
hexval() directly. This trades three NUL checks against one size check
and the ability to report the use of a short buffer at runtime.
If any of the four bytes is NUL or -- more generally -- not a
hexadecimal digit, then packet_length() still returns a negative value.
Signed-off-by: René Scharfe <l.s.r@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'pkt-line.c')
-rw-r--r-- | pkt-line.c | 12 |
1 files changed, 8 insertions, 4 deletions
@@ -373,10 +373,14 @@ static int get_packet_data(int fd, char **src_buf, size_t *src_size, return ret; } -int packet_length(const char lenbuf_hex[4]) +int packet_length(const char lenbuf_hex[4], size_t size) { - int val = hex2chr(lenbuf_hex); - return (val < 0) ? val : (val << 8) | hex2chr(lenbuf_hex + 2); + if (size < 4) + BUG("buffer too small"); + return hexval(lenbuf_hex[0]) << 12 | + hexval(lenbuf_hex[1]) << 8 | + hexval(lenbuf_hex[2]) << 4 | + hexval(lenbuf_hex[3]); } static char *find_packfile_uri_path(const char *buffer) @@ -419,7 +423,7 @@ enum packet_read_status packet_read_with_status(int fd, char **src_buffer, return PACKET_READ_EOF; } - len = packet_length(linelen); + len = packet_length(linelen, sizeof(linelen)); if (len < 0) { if (options & PACKET_READ_GENTLE_ON_READ_ERROR) |