proxmox-mirrors/libgit2
1
0
Fork 0
mirror of https://git.proxmox.com/git/libgit2 synced 2025-05-29 22:00:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

tree: ensure the entry filename fits in 16 bits

Browse Source 
Return an error in case the length is too big. Also take this
opportunity to have a single allocating function for the size and
overflow logic.
This commit is contained in:
Carlos Martín Nieto 2015-11-30 17:32:18 +01:00
parent ee42bb0e3d
commit 95ae3520c5
1 changed files with 30 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
src/tree.c
View File

@ -82,24 +82,47 @@ int git_tree_entry_icmp(const git_tree_entry *e1, const git_tree_entry *e2)
} }
/** /**
* Allocate a tree entry, borrowing the filename from the tree which * Allocate either from the pool or from the system allocator
* owns it. This is useful when reading trees, so we don't allocate a
* ton of small strings but can use the pool.
*/ */
static git_tree_entry *alloc_entry_pooled(git_pool *pool, const char *filename, size_t filename_len) static git_tree_entry *alloc_entry_base(git_pool *pool, const char *filename, size_t filename_len)
{ {
git_tree_entry *entry = NULL; git_tree_entry *entry = NULL;
size_t tree_len; size_t tree_len;
if (filename_len > UINT16_MAX) {
giterr_set(GITERR_INVALID, "tree entry is over UINT16_MAX in length");
return NULL;
}
if (GIT_ADD_SIZET_OVERFLOW(&tree_len, sizeof(git_tree_entry), filename_len) || if (GIT_ADD_SIZET_OVERFLOW(&tree_len, sizeof(git_tree_entry), filename_len) ||
GIT_ADD_SIZET_OVERFLOW(&tree_len, tree_len, 1) || GIT_ADD_SIZET_OVERFLOW(&tree_len, tree_len, 1))
!(entry = git_pool_malloc(pool, tree_len))) return NULL;
entry = pool ? git_pool_malloc(pool, tree_len) :
git__malloc(tree_len);
if (!entry)
return NULL; return NULL;
memset(entry, 0x0, sizeof(git_tree_entry)); memset(entry, 0x0, sizeof(git_tree_entry));
memcpy(entry->filename, filename, filename_len); memcpy(entry->filename, filename, filename_len);
entry->filename[filename_len] = 0; entry->filename[filename_len] = 0;
entry->filename_len = filename_len; entry->filename_len = filename_len;
return entry;
}
/**
* Allocate a tree entry, using the poolin the tree which owns
* it. This is useful when reading trees, so we don't allocate a ton
* of small strings but can use the pool.
*/
static git_tree_entry *alloc_entry_pooled(git_pool *pool, const char *filename, size_t filename_len)
{
git_tree_entry *entry = NULL;
if (!(entry = alloc_entry_base(pool, filename, filename_len)))
return NULL;
entry->pooled = true; entry->pooled = true;
return entry; return entry;
@ -107,20 +130,7 @@ static git_tree_entry *alloc_entry_pooled(git_pool *pool, const char *filename,
static git_tree_entry *alloc_entry(const char *filename) static git_tree_entry *alloc_entry(const char *filename)
{ {
git_tree_entry *entry = NULL; return alloc_entry_base(NULL, filename, strlen(filename));
size_t filename_len = strlen(filename), tree_len;
if (GIT_ADD_SIZET_OVERFLOW(&tree_len, sizeof(git_tree_entry), filename_len) ||
GIT_ADD_SIZET_OVERFLOW(&tree_len, tree_len, 1) ||
!(entry = git__malloc(tree_len)))
return NULL;
memset(entry, 0x0, sizeof(git_tree_entry));
memcpy(entry->filename, filename, filename_len);
entry->filename[filename_len] = 0;
entry->filename_len = filename_len;
return entry;
} }
struct tree_key_search { struct tree_key_search {