From f711ab5470cd1da7fdafa3b7b5e39015dcfca5ce Mon Sep 17 00:00:00 2001 From: Rene Scharfe Date: Thu, 10 Aug 2006 17:02:36 +0200 Subject: [PATCH] git-verify-pack: buffer overrun paranoia Signed-off-by: Rene Scharfe Signed-off-by: Junio C Hamano --- verify-pack.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/verify-pack.c b/verify-pack.c index 78d789c62..99c352ee3 100644 --- a/verify-pack.c +++ b/verify-pack.c @@ -26,6 +26,15 @@ static int verify_one_pack(const char *path, int verbose) len += 4; } + /* + * add_packed_git() uses our buffer (containing "foo.idx") to + * build the pack filename ("foo.pack"). Make sure it fits. + */ + if (len + 1 >= PATH_MAX) { + arg[len - 4] = '\0'; + return error("name too long: %s.pack", arg); + } + pack = add_packed_git(arg, len, 1); if (!pack) return error("packfile %s not found.", arg); -- 2.30.2