Merge branch 'il/maint-xmallocz'

* il/maint-xmallocz:
  Fix integer overflow in unpack_compressed_entry()
  Fix integer overflow in unpack_sha1_rest()
  Fix integer overflow in patch_delta()
  Add xmallocz()

diff --git a/git-compat-util.h b/git-compat-util.h
index 620a7c6371d34671986622a9fa7b89ae9cb1f467..a3c45373669cd8482c04d5815862ed36a153572d 100644 (file)
--- a/git-compat-util.h
+++ b/git-compat-util.h
@@ -348,6 +348,7 @@ extern void release_pack_memory(size_t, int);
 
 extern char *xstrdup(const char *str);
 extern void *xmalloc(size_t size);
+extern void *xmallocz(size_t size);
 extern void *xmemdupz(const void *data, size_t len);
 extern char *xstrndup(const char *str, size_t len);
 extern void *xrealloc(void *ptr, size_t size);

diff --git a/patch-delta.c b/patch-delta.c
index e02e13bd4eb2a92626c2d6f9cbf264abb15de9c5..d218faa02bd12b0e6a0df298a6a0e5787e46d93f 100644 (file)
--- a/patch-delta.c
+++ b/patch-delta.c
@@ -33,8 +33,7 @@ void *patch_delta(const void *src_buf, unsigned long src_size,
 
        /* now the result size */
        size = get_delta_hdr_size(&data, top);
-       dst_buf = xmalloc(size + 1);
-       dst_buf[size] = 0;
+       dst_buf = xmallocz(size);
 
        out = dst_buf;
        while (data < top) {

diff --git a/sha1_file.c b/sha1_file.c
index 12478a3652cfbdcbe4b0199641320c94b7f3dfa5..657825e14ef78c19649779fe89e1d09ae672901a 100644 (file)
--- a/sha1_file.c
+++ b/sha1_file.c
@@ -1166,7 +1166,7 @@ static int unpack_sha1_header(z_stream *stream, unsigned char *map, unsigned lon
 static void *unpack_sha1_rest(z_stream *stream, void *buffer, unsigned long size, const unsigned char *sha1)
 {
        int bytes = strlen(buffer) + 1;
-       unsigned char *buf = xmalloc(1+size);
+       unsigned char *buf = xmallocz(size);
        unsigned long n;
        int status = Z_OK;
 
@@ -1194,7 +1194,6 @@ static void *unpack_sha1_rest(z_stream *stream, void *buffer, unsigned long size
                while (status == Z_OK)
                        status = git_inflate(stream, Z_FINISH);
        }
-       buf[size] = 0;
        if (status == Z_STREAM_END && !stream->avail_in) {
                git_inflate_end(stream);
                return buf;
@@ -1517,8 +1516,7 @@ static void *unpack_compressed_entry(struct packed_git *p,
        z_stream stream;
        unsigned char *buffer, *in;
 
-       buffer = xmalloc(size + 1);
-       buffer[size] = 0;
+       buffer = xmallocz(size);
        memset(&stream, 0, sizeof(stream));
        stream.next_out = buffer;
        stream.avail_out = size + 1;

diff --git a/wrapper.c b/wrapper.c
index c9be1400c005e25b003acecc0cb037dd2f07e56f..0e3e20a3fd38f6f99da44483ee0bb9753f2b217a 100644 (file)
--- a/wrapper.c
+++ b/wrapper.c
@@ -34,6 +34,16 @@ void *xmalloc(size_t size)
        return ret;
 }
 
+void *xmallocz(size_t size)
+{
+       void *ret;
+       if (size + 1 < size)
+               die("Data too large to fit into virtual memory space.");
+       ret = xmalloc(size + 1);
+       ((char*)ret)[size] = 0;
+       return ret;
+}
+
 /*
  * xmemdupz() allocates (len + 1) bytes of memory, duplicates "len" bytes of
  * "data" to the allocated memory, zero terminates the allocated memory,
@@ -42,10 +52,7 @@ void *xmalloc(size_t size)
  */
 void *xmemdupz(const void *data, size_t len)
 {
-       char *p = xmalloc(len + 1);
-       memcpy(p, data, len);
-       p[len] = '\0';
-       return p;
+       return memcpy(xmallocz(len), data, len);
 }
 
 char *xstrndup(const char *str, size_t len)