Code

[PATCH] Fix buffer overflow in ce_flush().
authorQingning Huo <qhuo@mayhq.co.uk>
Sun, 11 Sep 2005 13:27:47 +0000 (14:27 +0100)
committerJunio C Hamano <junkio@cox.net>
Sun, 11 Sep 2005 17:51:13 +0000 (10:51 -0700)
Add a check before appending SHA1 signature to write_buffer,
flush it first if necessary.

Signed-off-by: Junio C Hamano <junkio@cox.net>
read-cache.c

index ced597318e783ab08b73c88f8b724be51f3b3dec..6eff4c8401b820b001a3ed48e8086c4cf1cd8f5c 100644 (file)
@@ -462,6 +462,13 @@ static int ce_flush(SHA_CTX *context, int fd)
                SHA1_Update(context, write_buffer, left);
        }
 
+       /* Flush first if not enough space for SHA1 signature */
+       if (left + 20 > WRITE_BUFFER_SIZE) {
+               if (write(fd, write_buffer, left) != left)
+                       return -1;
+               left = 0;
+       }
+
        /* Append the SHA1 signature at the end */
        SHA1_Final(write_buffer + left, context);
        left += 20;