Be more careful with user-supplied buffersrb/fix-2333

This adds in missing calls to `git_buf_sanitize` and fixes a number of places where `git_buf` APIs could inadvertently write NUL terminator bytes into invalid buffers. This also changes the behavior of `git_buf_sanitize` to NUL terminate a buffer if it can and of `git_buf_shorten` to do nothing if it can. Adds tests of filtering code with zeroed (i.e. unsanitized) buffer which was previously triggering a segfault.
author: Russell Belfer <rb@github.com> 2014-05-08 10:17:14 -0700
committer: Russell Belfer <rb@github.com> 2014-05-08 10:17:14 -0700
commit: 1e4976cb015bd10a2a8c377e02801306473afc26 (patch)
tree: 73cde51de2a436cdffa825b155c6888df41671bd /src/config.c
parent: ed476c236b8328c31acb150ee69eaf00c821b9e3 (diff)
download: libgit2-1e4976cb015bd10a2a8c377e02801306473afc26.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/src/config.c b/src/config.c
index f9d697197..4dddab6df 100644
--- a/src/config.c
+++ b/src/config.c
@@ -967,16 +967,19 @@ void git_config_iterator_free(git_config_iterator *iter)
 
 int git_config_find_global(git_buf *path)
 {
+	git_buf_sanitize(path);
 	return git_sysdir_find_global_file(path, GIT_CONFIG_FILENAME_GLOBAL);
 }
 
 int git_config_find_xdg(git_buf *path)
 {
+	git_buf_sanitize(path);
 	return git_sysdir_find_xdg_file(path, GIT_CONFIG_FILENAME_XDG);
 }
 
 int git_config_find_system(git_buf *path)
 {
+	git_buf_sanitize(path);
 	return git_sysdir_find_system_file(path, GIT_CONFIG_FILENAME_SYSTEM);
 }
author	Russell Belfer <rb@github.com>	2014-05-08 10:17:14 -0700
committer	Russell Belfer <rb@github.com>	2014-05-08 10:17:14 -0700
commit	1e4976cb015bd10a2a8c377e02801306473afc26 (patch)
tree	73cde51de2a436cdffa825b155c6888df41671bd /src/config.c
parent	ed476c236b8328c31acb150ee69eaf00c821b9e3 (diff)
download	libgit2-1e4976cb015bd10a2a8c377e02801306473afc26.tar.gz