diff options
author | Edward Thomson <ethomson@edwardthomson.com> | 2019-01-20 22:40:38 +0000 |
---|---|---|
committer | Edward Thomson <ethomson@edwardthomson.com> | 2019-01-25 22:36:38 +0000 |
commit | c6cac733c147ff800f78e7dff81f90d93369ea68 (patch) | |
tree | 8defbbcee3413d3524a0a98b6aa3172811e6cf7e /src/odb.c | |
parent | 3aa6d96a230d15620df0c6ea2ecaae54f5b49941 (diff) | |
download | libgit2-c6cac733c147ff800f78e7dff81f90d93369ea68.tar.gz |
blob: validate that blob sizes fit in a size_t
Our blob size is a `git_off_t`, which is a signed 64 bit int. This may
be erroneously negative or larger than `SIZE_MAX`. Ensure that the blob
size fits into a `size_t` before casting.
Diffstat (limited to 'src/odb.c')
-rw-r--r-- | src/odb.c | 12 |
1 files changed, 6 insertions, 6 deletions
@@ -15,6 +15,7 @@ #include "delta.h" #include "filter.h" #include "repository.h" +#include "blob.h" #include "git2/odb_backend.h" #include "git2/oid.h" @@ -387,18 +388,17 @@ static void fake_wstream__free(git_odb_stream *_stream) static int init_fake_wstream(git_odb_stream **stream_p, git_odb_backend *backend, git_off_t size, git_object_t type) { fake_wstream *stream; + size_t blobsize; - if (!git__is_ssizet(size)) { - git_error_set(GIT_ERROR_ODB, "object size too large to keep in memory"); - return -1; - } + GIT_ERROR_CHECK_BLOBSIZE(size); + blobsize = (size_t)size; stream = git__calloc(1, sizeof(fake_wstream)); GIT_ERROR_CHECK_ALLOC(stream); - stream->size = size; + stream->size = blobsize; stream->type = type; - stream->buffer = git__malloc(size); + stream->buffer = git__malloc(blobsize); if (stream->buffer == NULL) { git__free(stream); return -1; |