From: Jeff King <peff@peff.net>
Date: Sat, 12 Jan 2008 09:04:32 +0000 (-0500)
Subject: git-clean: fix off-by-one memory access when given no arguments
X-Git-Tag: v1.5.4-rc4~45
X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=a8db80c22494396a81d2b4b7f4082c369fc0f78d;p=git.git

git-clean: fix off-by-one memory access when given no arguments

The "seen" variable is used by match_pathspec, and must have
as many elements as there are in the given pathspec. We
create the pathspec either from the command line arguments
_or_ from just the current prefix.

Thus allocating "seen" based upon just argc is wrong, since
if argc == 0, then we still have one pathspec, the prefix,
but we don't allocate any space in "seen".

Signed-off-by: Jeff King <peff@peff.net>
Tested-by: İsmail Dönmez <ismail@pardus.org.tr>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---

diff --git a/builtin-clean.c b/builtin-clean.c
index 6cad8eaf2..eb853a37c 100644
--- a/builtin-clean.c
+++ b/builtin-clean.c
@@ -90,7 +90,7 @@ int cmd_clean(int argc, const char **argv, const char *prefix)
 	strbuf_init(&directory, 0);
 
 	if (pathspec)
-		seen = xmalloc(argc);
+		seen = xmalloc(argc > 0 ? argc : 1);
 
 	for (i = 0; i < dir.nr; i++) {
 		struct dir_entry *ent = dir.entries[i];
@@ -125,7 +125,7 @@ int cmd_clean(int argc, const char **argv, const char *prefix)
 			continue;
 
 		if (pathspec) {
-			memset(seen, 0, argc);
+			memset(seen, 0, argc > 0 ? argc : 1);
 			matches = match_pathspec(pathspec, ent->name, ent->len,
 						 baselen, seen);
 		} else {