diff options
| author | Junio C Hamano <gitster@pobox.com> | 2025-01-10 18:19:33 +0100 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2025-01-10 18:19:34 +0100 |
| commit | b28fb93e51a94907eca9cc08eb1a2db51fe1ddc8 (patch) | |
| tree | b3a173008e3703b170d3b2cff2253b0e1ef7506e /builtin | |
| parent | Merge branch 'js/git-version-gen-update' (diff) | |
| parent | builtin/blame: fix out-of-bounds write with blank boundary commits (diff) | |
| download | git-b28fb93e51a94907eca9cc08eb1a2db51fe1ddc8.tar.xz git-b28fb93e51a94907eca9cc08eb1a2db51fe1ddc8.zip | |
Merge branch 'ps/build-sign-compare'
Last-minute fix for a regression in "git blame --abbrev=<length>"
when insane <length> is specified; we used to correctly cap it to
the hash output length but broke it during the cycle.
* ps/build-sign-compare:
builtin/blame: fix out-of-bounds write with blank boundary commits
builtin/blame: fix out-of-bounds read with excessive `--abbrev`
Diffstat (limited to 'builtin')
| -rw-r--r-- | builtin/blame.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/builtin/blame.c b/builtin/blame.c index 867032e4c1..7555c445ab 100644 --- a/builtin/blame.c +++ b/builtin/blame.c @@ -489,9 +489,9 @@ static void emit_other(struct blame_scoreboard *sb, struct blame_entry *ent, int fputs(color, stdout); if (suspect->commit->object.flags & UNINTERESTING) { - if (blank_boundary) - memset(hex, ' ', length); - else if (!(opt & OUTPUT_ANNOTATE_COMPAT)) { + if (blank_boundary) { + memset(hex, ' ', strlen(hex)); + } else if (!(opt & OUTPUT_ANNOTATE_COMPAT)) { length--; putchar('^'); } @@ -505,7 +505,8 @@ static void emit_other(struct blame_scoreboard *sb, struct blame_entry *ent, int length--; putchar('?'); } - fwrite(hex, 1, length, stdout); + + printf("%.*s", (int)(length < GIT_MAX_HEXSZ ? length : GIT_MAX_HEXSZ), hex); if (opt & OUTPUT_ANNOTATE_COMPAT) { const char *name; if (opt & OUTPUT_SHOW_EMAIL) |