From: Pavel Roskin <proski@gnu.org>
Date: Wed, 21 Dec 2005 20:35:48 +0000 (-0500)
Subject: An off-by-one bug found by valgrind
X-Git-Tag: v1.0.0a~1
X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=6689f08735d08a057f8d6f91af98b04960afa517;p=git.git

An off-by-one bug found by valgrind

Insufficient memory is allocated in index-pack.c to hold the *.idx name.
One more byte should be allocated to hold the terminating 0.

Signed-off-by: Pavel Roskin <proski@gnu.org>
Signed-off-by: Junio C Hamano <junkio@cox.net>
---

diff --git a/index-pack.c b/index-pack.c
index 785fe71a6..d4ce3af58 100644
--- a/index-pack.c
+++ b/index-pack.c
@@ -440,7 +440,7 @@ int main(int argc, char **argv)
 		if (len < 5 || strcmp(pack_name + len - 5, ".pack"))
 			die("packfile name '%s' does not end with '.pack'",
 			    pack_name);
-		index_name_buf = xmalloc(len - 1);
+		index_name_buf = xmalloc(len);
 		memcpy(index_name_buf, pack_name, len - 5);
 		strcpy(index_name_buf + len - 5, ".idx");
 		index_name = index_name_buf;