From 9de27ad0c453f98844cc91ce4e39d338b1fb8338 Mon Sep 17 00:00:00 2001
From: Sakari Jokinen <sakariij@gmail.com>
Date: Fri, 25 Feb 2011 19:05:29 +0200
Subject: [PATCH] Check for valid range of attributes for tree entry

---
 include/git2/tree.h |  2 +-
 src/tree.c          | 22 ++++++++++++++++++----
 2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/include/git2/tree.h b/include/git2/tree.h
index 70040f058..a3c601291 100644
--- a/include/git2/tree.h
+++ b/include/git2/tree.h
@@ -215,7 +215,7 @@ GIT_EXTERN(void) git_tree_entry_set_name(git_tree_entry *entry, const char *name
  * @param entry Entry object which will be modified
  * @param oid new attributes for the entry
  */
-GIT_EXTERN(void) git_tree_entry_set_attributes(git_tree_entry *entry, int attr);
+GIT_EXTERN(int) git_tree_entry_set_attributes(git_tree_entry *entry, int attr);
 
 /** @} */
 GIT_END_DECL
diff --git a/src/tree.c b/src/tree.c
index 30938f258..16824f9d2 100644
--- a/src/tree.c
+++ b/src/tree.c
@@ -31,6 +31,8 @@
 #include "git2/object.h"
 
 #define DEFAULT_TREE_SIZE 16
+#define MAX_FILEMODE 0777777
+#define MAX_FILEMODE_BYTES 6
 
 int entry_search_cmp(const void *key, const void *array_member)
 {
@@ -40,6 +42,10 @@ int entry_search_cmp(const void *key, const void *array_member)
 	return strcmp(filename, entry->filename);
 }
 
+static int valid_attributes(const int attributes) {
+	return attributes >= 0 && attributes <= MAX_FILEMODE; 
+}
+
 int entry_sort_cmp(const void *a, const void *b)
 {
 	const git_tree_entry *entry_a = *(const git_tree_entry **)(a);
@@ -101,12 +107,17 @@ const git_oid *git_tree_id(git_tree *c)
 	return git_object_id((git_object *)c);
 }
 
-void git_tree_entry_set_attributes(git_tree_entry *entry, int attr)
+int git_tree_entry_set_attributes(git_tree_entry *entry, int attr)
 {
 	assert(entry && entry->owner);
+	
+	if (!valid_attributes(attr)) {
+		return GIT_ERROR;
+	}
 
 	entry->attr = attr;
 	entry->owner->object.modified = 1;
+	return GIT_SUCCESS;
 }
 
 void git_tree_entry_set_name(git_tree_entry *entry, const char *name)
@@ -190,6 +201,9 @@ int git_tree_add_entry(git_tree_entry **entry_out, git_tree *tree, const git_oid
 	git_tree_entry *entry;
 
 	assert(tree && id && filename);
+	if (!valid_attributes(attributes)) {
+	  return GIT_ERROR;
+	}
 
 	if ((entry = git__malloc(sizeof(git_tree_entry))) == NULL)
 		return GIT_ENOMEM;
@@ -249,7 +263,7 @@ int git_tree_remove_entry_byname(git_tree *tree, const char *filename)
 int git_tree__writeback(git_tree *tree, git_odb_source *src)
 {
 	size_t i;
-	char filemode[8];
+	char filemode[MAX_FILEMODE_BYTES + 1 + 1];
 
 	assert(tree && src);
 
@@ -263,8 +277,8 @@ int git_tree__writeback(git_tree *tree, git_odb_source *src)
 
 		entry = git_vector_get(&tree->entries, i);
 	
-		sprintf(filemode, "%o ", entry->attr);
-
+		snprintf(filemode, sizeof(filemode), "%o ", entry->attr);
+		  
 		git__source_write(src, filemode, strlen(filemode));
 		git__source_write(src, entry->filename, strlen(entry->filename) + 1);
 		git__source_write(src, entry->oid.id, GIT_OID_RAWSZ);