diff options
author | Greg Brockman <gdb@MIT.EDU> | 2010-07-20 06:46:21 +0200 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2010-07-25 19:33:47 +0200 |
commit | 1b0b962d771fb734cbf273f216b487bb58dec7b9 (patch) | |
tree | d64781b85c89766bece6a4811dda57db71cafb82 | |
parent | rev-parse: fix --parse-opt --keep-dashdash --stop-at-non-option (diff) | |
download | git-1b0b962d771fb734cbf273f216b487bb58dec7b9.tar.xz git-1b0b962d771fb734cbf273f216b487bb58dec7b9.zip |
Check size of path buffer before writing into it
This prevents a buffer overrun that could otherwise be triggered by
creating a file called '.git' with contents
gitdir: (something really long)
Signed-off-by: Greg Brockman <gdb@mit.edu>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to '')
-rw-r--r-- | setup.c | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -153,6 +153,8 @@ static int is_git_directory(const char *suspect) char path[PATH_MAX]; size_t len = strlen(suspect); + if (PATH_MAX <= len + strlen("/objects")) + die("Too long path: %.*s", 60, suspect); strcpy(path, suspect); if (getenv(DB_ENVIRONMENT)) { if (access(getenv(DB_ENVIRONMENT), X_OK)) |