From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Tue, 10 Apr 2007 04:13:58 +0000 (-0700)
Subject: Avoid overflowing name buffer in deep directory structures
X-Git-Tag: v1.5.2-rc0~19^2~15
X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=5d5cea67af386cfd53428f1eb404841eca8e9062;p=git.git

Avoid overflowing name buffer in deep directory structures

This just makes sure that when we do a read_directory(), we check
that the filename fits in the buffer we allocated (with a bit of
slop)

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Junio C Hamano <junkio@cox.net>
---

diff --git a/dir.c b/dir.c
index 7426fde33..4f5a2241e 100644
--- a/dir.c
+++ b/dir.c
@@ -353,6 +353,9 @@ static int read_directory_recursive(struct dir_struct *dir, const char *path, co
 			     !strcmp(de->d_name + 1, "git")))
 				continue;
 			len = strlen(de->d_name);
+			/* Ignore overly long pathnames! */
+			if (len + baselen + 8 > sizeof(fullname))
+				continue;
 			memcpy(fullname + baselen, de->d_name, len+1);
 			if (simplify_away(fullname, baselen + len, simplify))
 				continue;