unpack-trees: detect mismatching number of cache-tree/index entries

Same as the preceding commit, we unconditionally dereference the index's cache entries depending on the number of cache-tree entries, which can lead to a segfault when the cache-tree is corrupted. Fix this bug. This also makes t4058 pass with the leak sanitizer enabled. Signed-off-by: Patrick Steinhardt <ps@pks.im> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Patrick Steinhardt <ps@pks.im> 2024-10-07 06:38:21 +0200
committer: Junio C Hamano <gitster@pobox.com> 2024-10-08 00:08:11 +0200
commit: ecb5c4318cd8b5bbb72f943b6128fe946ffcb56e (patch)
tree: ebc6d28a99acd59267d413d1c1f4a6b06847f1e9 /unpack-trees.c
parent: cache-tree: detect mismatching number of index entries (diff)
download: git-ecb5c4318cd8b5bbb72f943b6128fe946ffcb56e.tar.xz
git-ecb5c4318cd8b5bbb72f943b6128fe946ffcb56e.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/unpack-trees.c b/unpack-trees.c
index 21cc197d47..e10a9d1209 100644
--- a/unpack-trees.c
+++ b/unpack-trees.c
@@ -808,6 +808,8 @@ static int traverse_by_cache_tree(int pos, int nr_entries, int nr_names,
 
 	if (!o->merge)
 		BUG("We need cache-tree to do this optimization");
+	if (nr_entries + pos > o->src_index->cache_nr)
+		return error(_("corrupted cache-tree has entries not present in index"));
 
 	/*
 	 * Do what unpack_callback() and unpack_single_entry() normally
author	Patrick Steinhardt <ps@pks.im>	2024-10-07 06:38:21 +0200
committer	Junio C Hamano <gitster@pobox.com>	2024-10-08 00:08:11 +0200
commit	ecb5c4318cd8b5bbb72f943b6128fe946ffcb56e (patch)
tree	ebc6d28a99acd59267d413d1c1f4a6b06847f1e9 /unpack-trees.c
parent	cache-tree: detect mismatching number of index entries (diff)
download	git-ecb5c4318cd8b5bbb72f943b6128fe946ffcb56e.tar.xz git-ecb5c4318cd8b5bbb72f943b6128fe946ffcb56e.zip