summaryrefslogtreecommitdiffstats
path: root/builtin-pack-objects.c
diff options
context:
space:
mode:
authorNicolas Pitre <nico@cam.org>2007-04-09 07:06:30 +0200
committerJunio C Hamano <junkio@cox.net>2007-04-10 21:48:14 +0200
commitd7dd02231f75604e388afb905f7bf8afd1bf4b24 (patch)
tree6325b2d2941ae62713c30b7cf0b6c7b9d259a835 /builtin-pack-objects.c
parentmake overflow test on delta base offset work regardless of variable size (diff)
downloadgit-d7dd02231f75604e388afb905f7bf8afd1bf4b24.tar.xz
git-d7dd02231f75604e388afb905f7bf8afd1bf4b24.zip
add overflow tests on pack offset variables
Change a few size and offset variables to more appropriate type, then add overflow tests on those offsets. This prevents any bad data to be generated/processed if off_t happens to not be large enough to handle some big packs. Better be safe than sorry. Signed-off-by: Nicolas Pitre <nico@cam.org> Signed-off-by: Junio C Hamano <junkio@cox.net>
Diffstat (limited to 'builtin-pack-objects.c')
-rw-r--r--builtin-pack-objects.c19
1 files changed, 13 insertions, 6 deletions
diff --git a/builtin-pack-objects.c b/builtin-pack-objects.c
index ee607a0d2c..d0be879443 100644
--- a/builtin-pack-objects.c
+++ b/builtin-pack-objects.c
@@ -369,7 +369,7 @@ static int revalidate_loose_object(struct object_entry *entry,
return check_loose_inflate(map, mapsize, size);
}
-static off_t write_object(struct sha1file *f,
+static unsigned long write_object(struct sha1file *f,
struct object_entry *entry)
{
unsigned long size;
@@ -503,16 +503,23 @@ static off_t write_one(struct sha1file *f,
struct object_entry *e,
off_t offset)
{
+ unsigned long size;
+
+ /* offset is non zero if object is written already. */
if (e->offset || e->preferred_base)
- /* offset starts from header size and cannot be zero
- * if it is written already.
- */
return offset;
- /* if we are deltified, write out its base object first. */
+
+ /* if we are deltified, write out base object first. */
if (e->delta)
offset = write_one(f, e->delta, offset);
+
e->offset = offset;
- return offset + write_object(f, e);
+ size = write_object(f, e);
+
+ /* make sure off_t is sufficiently large not to wrap */
+ if (offset > offset + size)
+ die("pack too large for current definition of off_t");
+ return offset + size;
}
static void write_pack_file(void)