summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRene Scharfe <rene.scharfe@lsrfire.ath.cx>2006-08-10 17:02:36 +0200
committerJunio C Hamano <junkio@cox.net>2006-08-10 14:15:55 -0700
commitf711ab5470cd1da7fdafa3b7b5e39015dcfca5ce (patch)
tree6a337e124f81e7c5d2460e964de5d2614b05c71d
parentd0d619c8c50b90fbbd6a7e0994fde073341bf92b (diff)
downloadgit-f711ab5470cd1da7fdafa3b7b5e39015dcfca5ce.tar.gz
git-verify-pack: buffer overrun paranoia
Signed-off-by: Rene Scharfe <rene.scharfe@lsrfire.ath.cx> Signed-off-by: Junio C Hamano <junkio@cox.net>
-rw-r--r--verify-pack.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/verify-pack.c b/verify-pack.c
index 78d789c62d..99c352ee3a 100644
--- a/verify-pack.c
+++ b/verify-pack.c
@@ -26,6 +26,15 @@ static int verify_one_pack(const char *path, int verbose)
len += 4;
}
+ /*
+ * add_packed_git() uses our buffer (containing "foo.idx") to
+ * build the pack filename ("foo.pack"). Make sure it fits.
+ */
+ if (len + 1 >= PATH_MAX) {
+ arg[len - 4] = '\0';
+ return error("name too long: %s.pack", arg);
+ }
+
pack = add_packed_git(arg, len, 1);
if (!pack)
return error("packfile %s not found.", arg);