diff options
| author | René Scharfe <l.s.r@web.de> | 2017-06-24 14:09:39 (GMT) |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2017-06-24 18:09:52 (GMT) |
| commit | 70c49050d4a16a7e2990e4d3c91d9d12f62e631e (patch) | |
| tree | 0de8a7ca24f711dfe2f982eb94a5dbe346b2bbe2 /sha1_file.c | |
| parent | 0375f472d484041f9b1e5550b57d69286b3322e7 (diff) | |
| download | git-70c49050d4a16a7e2990e4d3c91d9d12f62e631e.zip git-70c49050d4a16a7e2990e4d3c91d9d12f62e631e.tar.gz git-70c49050d4a16a7e2990e4d3c91d9d12f62e631e.tar.bz2 | |
sha1_file: guard against invalid loose subdirectory numbers
Loose object subdirectories have hexadecimal names based on the first
byte of the hash of contained objects, thus their numerical
representation can range from 0 (0x00) to 255 (0xff). Change the type
of the corresponding variable in for_each_file_in_obj_subdir() and
associated callback functions to unsigned int and add a range check.
Suggested-by: Jeff King <peff@peff.net>
Signed-off-by: Rene Scharfe <l.s.r@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'sha1_file.c')
| -rw-r--r-- | sha1_file.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/sha1_file.c b/sha1_file.c index 98ce85a..77050a3 100644 --- a/sha1_file.c +++ b/sha1_file.c @@ -3735,7 +3735,7 @@ void assert_sha1_type(const unsigned char *sha1, enum object_type expect) typename(expect)); } -int for_each_file_in_obj_subdir(int subdir_nr, +int for_each_file_in_obj_subdir(unsigned int subdir_nr, struct strbuf *path, each_loose_object_fn obj_cb, each_loose_cruft_fn cruft_cb, @@ -3747,6 +3747,9 @@ int for_each_file_in_obj_subdir(int subdir_nr, struct dirent *de; int r = 0; + if (subdir_nr > 0xff) + BUG("invalid loose object subdirectory: %x", subdir_nr); + origlen = path->len; strbuf_complete(path, '/'); strbuf_addf(path, "%02x", subdir_nr); |