summaryrefslogtreecommitdiffstats
path: root/notes.c
diff options
context:
space:
mode:
authorMichael Haggerty <mhagger@alum.mit.edu>2017-09-08 18:10:10 +0200
committerJunio C Hamano <gitster@pobox.com>2017-09-08 20:16:13 +0200
commit396428152413f431cac18f68a7190827b4acb3b6 (patch)
tree81ac86b68d2343f7818c493af5f7369f7352f310 /notes.c
parentload_subtree(): declare some variables to be `size_t` (diff)
downloadgit-396428152413f431cac18f68a7190827b4acb3b6.tar.xz
git-396428152413f431cac18f68a7190827b4acb3b6.zip
load_subtree(): check that `prefix_len` is in the expected range
This value, which is stashed in the last byte of an object_id hash, gets handed around a lot. So add a sanity check before using it in `load_subtree()`. Signed-off-by: Michael Haggerty <mhagger@alum.mit.edu> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'notes.c')
-rw-r--r--notes.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/notes.c b/notes.c
index 40d9ba6252..27d232f294 100644
--- a/notes.c
+++ b/notes.c
@@ -417,7 +417,10 @@ static void load_subtree(struct notes_tree *t, struct leaf_node *subtree,
oid_to_hex(&subtree->val_oid));
prefix_len = subtree->key_oid.hash[KEY_INDEX];
- assert(prefix_len * 2 >= n);
+ if (prefix_len >= GIT_SHA1_RAWSZ)
+ BUG("prefix_len (%"PRIuMAX") is out of range", (uintmax_t)prefix_len);
+ if (prefix_len * 2 < n)
+ BUG("prefix_len (%"PRIuMAX") is too small", (uintmax_t)prefix_len);
memcpy(object_oid.hash, subtree->key_oid.hash, prefix_len);
while (tree_entry(&desc, &entry)) {
unsigned char type;