![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 844c11a)
raw | patch | inline | side by side (parent: 844c11a)
| author | Linus Torvalds <torvalds@linux-foundation.org> | |
| Tue, 10 Apr 2007 04:13:58 +0000 (21:13 -0700) | ||
| committer | Junio C Hamano <junkio@cox.net> | |
| Tue, 10 Apr 2007 05:30:05 +0000 (22:30 -0700) |
This just makes sure that when we do a read_directory(), we check
that the filename fits in the buffer we allocated (with a bit of
slop)
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Junio C Hamano <junkio@cox.net>
that the filename fits in the buffer we allocated (with a bit of
slop)
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Junio C Hamano <junkio@cox.net>
| dir.c | patch | blob | history |
index 7426fde330a200e3137e722c4b9adbc5ce6bdd90..4f5a2241e6db2c973ea14a58fd25582fcbddee75 100644 (file)
--- a/dir.c
+++ b/dir.c
@@ -353,6 +353,9 @@ static int read_directory_recursive(struct dir_struct *dir, const char *path, co
!strcmp(de->d_name + 1, "git")))
continue;
len = strlen(de->d_name);
+ /* Ignore overly long pathnames! */
+ if (len + baselen + 8 > sizeof(fullname))
+ continue;
memcpy(fullname + baselen, de->d_name, len+1);
if (simplify_away(fullname, baselen + len, simplify))
continue;