diff options
author | Nicolas Pitre <nico@cam.org> | 2007-04-09 07:06:30 +0200 |
---|---|---|
committer | Junio C Hamano <junkio@cox.net> | 2007-04-10 21:48:14 +0200 |
commit | d7dd02231f75604e388afb905f7bf8afd1bf4b24 (patch) | |
tree | 6325b2d2941ae62713c30b7cf0b6c7b9d259a835 /index-pack.c | |
parent | make overflow test on delta base offset work regardless of variable size (diff) | |
download | git-d7dd02231f75604e388afb905f7bf8afd1bf4b24.tar.xz git-d7dd02231f75604e388afb905f7bf8afd1bf4b24.zip |
add overflow tests on pack offset variables
Change a few size and offset variables to more appropriate type, then
add overflow tests on those offsets. This prevents any bad data to be
generated/processed if off_t happens to not be large enough to handle
some big packs.
Better be safe than sorry.
Signed-off-by: Nicolas Pitre <nico@cam.org>
Signed-off-by: Junio C Hamano <junkio@cox.net>
Diffstat (limited to 'index-pack.c')
-rw-r--r-- | index-pack.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/index-pack.c b/index-pack.c index 0e54aa6844..66fb0bcedf 100644 --- a/index-pack.c +++ b/index-pack.c @@ -12,7 +12,7 @@ static const char index_pack_usage[] = struct object_entry { - unsigned long offset; + off_t offset; unsigned long size; unsigned int hdr_size; enum object_type type; @@ -22,7 +22,7 @@ struct object_entry union delta_base { unsigned char sha1[20]; - unsigned long offset; + off_t offset; }; /* @@ -83,7 +83,8 @@ static unsigned display_progress(unsigned n, unsigned total, unsigned last_pc) /* We always read in 4kB chunks. */ static unsigned char input_buffer[4096]; -static unsigned long input_offset, input_len, consumed_bytes; +static unsigned int input_offset, input_len; +static off_t consumed_bytes; static SHA_CTX input_ctx; static int input_fd, output_fd, pack_fd; @@ -129,6 +130,10 @@ static void use(int bytes) die("used more bytes than were available"); input_len -= bytes; input_offset += bytes; + + /* make sure off_t is sufficiently large not to wrap */ + if (consumed_bytes > consumed_bytes + bytes) + die("pack too large for current definition of off_t"); consumed_bytes += bytes; } @@ -216,7 +221,8 @@ static void *unpack_entry_data(unsigned long offset, unsigned long size) static void *unpack_raw_entry(struct object_entry *obj, union delta_base *delta_base) { unsigned char *p, c; - unsigned long size, base_offset; + unsigned long size; + off_t base_offset; unsigned shift; obj->offset = consumed_bytes; |