From 8564a0224abe09beaacb2d2e7a54b16f8fcea7d1 Mon Sep 17 00:00:00 2001 From: Russell Belfer Date: Mon, 29 Apr 2013 08:51:24 -0700 Subject: Fix fragile git_oid_ncmp git_oid_ncmp was making some assumptions about the length of the data - this shifts the check to the top of the loop so it will work more robustly, limits the max, and adds some tests to verify the functionality. --- src/oid.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'src/oid.c') diff --git a/src/oid.c b/src/oid.c index 59c1546d7..4b6699009 100644 --- a/src/oid.c +++ b/src/oid.c @@ -176,13 +176,16 @@ int git_oid_ncmp(const git_oid *oid_a, const git_oid *oid_b, size_t len) const unsigned char *a = oid_a->id; const unsigned char *b = oid_b->id; - do { + if (len > GIT_OID_HEXSZ) + len = GIT_OID_HEXSZ; + + while (len > 1) { if (*a != *b) return 1; a++; b++; len -= 2; - } while (len > 1); + }; if (len) if ((*a ^ *b) & 0xf0) -- cgit v1.2.1