summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Heidelberg <markus.heidelberg@web.de>2010-02-28 16:49:15 +0100
committerJunio C Hamano <gitster@pobox.com>2010-02-28 10:32:06 -0800
commit77e8466fb98b95ea07d386d64073d0bc6304b37f (patch)
tree12a70eb49e37550f5f059fa95e58a8351a6672b7
parent64da6e20de1f2246e2d8d9d85e53ca3cbf393212 (diff)
downloadgit-77e8466fb98b95ea07d386d64073d0bc6304b37f.tar.gz
sha1_name: fix segfault caused by invalid index access
The code to see if user input "git show :path" makes sense tried to access the index without properly checking the array bound. Signed-off-by: Markus Heidelberg <markus.heidelberg@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
-rw-r--r--sha1_name.c32
1 files changed, 18 insertions, 14 deletions
diff --git a/sha1_name.c b/sha1_name.c
index 43884c69b3..bf92417838 100644
--- a/sha1_name.c
+++ b/sha1_name.c
@@ -992,13 +992,15 @@ static void diagnose_invalid_index_path(int stage,
pos = cache_name_pos(filename, namelen);
if (pos < 0)
pos = -pos - 1;
- ce = active_cache[pos];
- if (ce_namelen(ce) == namelen &&
- !memcmp(ce->name, filename, namelen))
- die("Path '%s' is in the index, but not at stage %d.\n"
- "Did you mean ':%d:%s'?",
- filename, stage,
- ce_stage(ce), filename);
+ if (pos < active_nr) {
+ ce = active_cache[pos];
+ if (ce_namelen(ce) == namelen &&
+ !memcmp(ce->name, filename, namelen))
+ die("Path '%s' is in the index, but not at stage %d.\n"
+ "Did you mean ':%d:%s'?",
+ filename, stage,
+ ce_stage(ce), filename);
+ }
/* Confusion between relative and absolute filenames? */
fullnamelen = namelen + strlen(prefix);
@@ -1008,13 +1010,15 @@ static void diagnose_invalid_index_path(int stage,
pos = cache_name_pos(fullname, fullnamelen);
if (pos < 0)
pos = -pos - 1;
- ce = active_cache[pos];
- if (ce_namelen(ce) == fullnamelen &&
- !memcmp(ce->name, fullname, fullnamelen))
- die("Path '%s' is in the index, but not '%s'.\n"
- "Did you mean ':%d:%s'?",
- fullname, filename,
- ce_stage(ce), fullname);
+ if (pos < active_nr) {
+ ce = active_cache[pos];
+ if (ce_namelen(ce) == fullnamelen &&
+ !memcmp(ce->name, fullname, fullnamelen))
+ die("Path '%s' is in the index, but not '%s'.\n"
+ "Did you mean ':%d:%s'?",
+ fullname, filename,
+ ce_stage(ce), fullname);
+ }
if (!lstat(filename, &st))
die("Path '%s' exists on disk, but not in the index.", filename);