From: Rene Scharfe Date: Thu, 10 Aug 2006 15:02:36 +0000 (+0200) Subject: git-verify-pack: buffer overrun paranoia X-Git-Tag: v1.4.2~14 X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=f711ab5470cd1da7fdafa3b7b5e39015dcfca5ce;p=git.git git-verify-pack: buffer overrun paranoia Signed-off-by: Rene Scharfe Signed-off-by: Junio C Hamano --- diff --git a/verify-pack.c b/verify-pack.c index 78d789c62..99c352ee3 100644 --- a/verify-pack.c +++ b/verify-pack.c @@ -26,6 +26,15 @@ static int verify_one_pack(const char *path, int verbose) len += 4; } + /* + * add_packed_git() uses our buffer (containing "foo.idx") to + * build the pack filename ("foo.pack"). Make sure it fits. + */ + if (len + 1 >= PATH_MAX) { + arg[len - 4] = '\0'; + return error("name too long: %s.pack", arg); + } + pack = add_packed_git(arg, len, 1); if (!pack) return error("packfile %s not found.", arg);