From: Junio C Hamano <gitster@pobox.com>
Date: Sat, 18 Apr 2009 04:20:58 +0000 (-0700)
Subject: Merge branch 'maint-1.6.1' into maint
X-Git-Tag: v1.6.3-rc1~4^2~9
X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=f7446fc6bbe9c25f7064ba76b2db4dd67691f7d0;hp=ae57ec223b37556224010db93e71e3ceb2cf257b;p=git.git

Merge branch 'maint-1.6.1' into maint

* maint-1.6.1:
  Fix buffer overflow in config parser
---

diff --git a/config.c b/config.c
index 0c8c76f13..7a83c76f4 100644
--- a/config.c
+++ b/config.c
@@ -51,7 +51,7 @@ static char *parse_value(void)
 
 	for (;;) {
 		int c = get_next_char();
-		if (len >= sizeof(value))
+		if (len >= sizeof(value) - 1)
 			return NULL;
 		if (c == '\n') {
 			if (quote)
diff --git a/t/t1303-wacky-config.sh b/t/t1303-wacky-config.sh
index 1983076c7..080117c6b 100755
--- a/t/t1303-wacky-config.sh
+++ b/t/t1303-wacky-config.sh
@@ -10,7 +10,7 @@ setup() {
 
 check() {
 	echo "$2" >expected
-	git config --get "$1" >actual
+	git config --get "$1" >actual 2>&1
 	test_cmp actual expected
 }
 
@@ -40,4 +40,11 @@ test_expect_success 'make sure git config escapes section names properly' '
 	check "$SECTION" bar
 '
 
+LONG_VALUE=$(printf "x%01021dx a" 7)
+test_expect_success 'do not crash on special long config line' '
+	setup &&
+	git config section.key "$LONG_VALUE" &&
+	check section.key "fatal: bad config file line 2 in .git/config"
+'
+
 test_done