author | Brandon Casey <drafnel@gmail.com> | |
Thu, 6 Oct 2011 18:22:21 +0000 (13:22 -0500) | ||
committer | Junio C Hamano <gitster@pobox.com> | |
Thu, 6 Oct 2011 20:54:31 +0000 (13:54 -0700) | ||
commit | 97410b27e91593c4096bb16abbace783895a1f62 | |
tree | 4dcdd6e582aed512c291be7a1b13dd68bc6a3098 | tree | snapshot |
parent | 5738c9c21e53356ab5020912116e7f82fd2d428f | commit | diff |
attr.c: avoid inappropriate access to strbuf "buf" member
This code sequence performs a strcpy into the buf member of a strbuf
struct. The strcpy may move the position of the terminating nul of the
string and effectively change the length of string so that it does not
match the len member of the strbuf struct.
Currently, this sequence works since the strbuf was given a hint when it
was initialized to allocate enough space to accomodate the string that will
be strcpy'ed, but this is an implementation detail of strbufs, not a
guarantee.
So, lets rework this sequence so that the strbuf is only manipulated by
strbuf functions, and direct modification of its "buf" member is not
necessary.
Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This code sequence performs a strcpy into the buf member of a strbuf
struct. The strcpy may move the position of the terminating nul of the
string and effectively change the length of string so that it does not
match the len member of the strbuf struct.
Currently, this sequence works since the strbuf was given a hint when it
was initialized to allocate enough space to accomodate the string that will
be strcpy'ed, but this is an implementation detail of strbufs, not a
guarantee.
So, lets rework this sequence so that the strbuf is only manipulated by
strbuf functions, and direct modification of its "buf" member is not
necessary.
Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
attr.c | diff | blob | history |