From b16692faa3c39f8342f40ad14c70480b9126614b Mon Sep 17 00:00:00 2001
From: "Kirill A. Shutemov" <kirill@shutemov.name>
Date: Tue, 12 Jul 2011 20:29:12 +0300
Subject: [PATCH] index: fix potential overflow

mode field of git_index_entry_unmerged is array of unsigned ints. It's
unsafe to cast pointer to an element of the array to long int *. It may
cause overflow in git_strtol32().

Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
---
 src/index.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/index.c b/src/index.c
index dc5024ff7..75471e5f3 100644
--- a/src/index.c
+++ b/src/index.c
@@ -657,10 +657,14 @@ static int read_unmerged(git_index *index, const char *buffer, size_t size)
 		buffer += len;
 
 		for (i = 0; i < 3; i++) {
-			if (git__strtol32((long int *) &lost->mode[i], buffer, &endptr, 8) < GIT_SUCCESS ||
-				!endptr || endptr == buffer || *endptr)
+			long tmp;
+
+			if (git__strtol32(&tmp, buffer, &endptr, 8) < GIT_SUCCESS ||
+				!endptr || endptr == buffer || *endptr || tmp > UINT_MAX)
 				return GIT_ERROR;
 
+			lost->mode[i] = tmp;
+
 			len = (endptr + 1) - buffer;
 			if (size <= len)
 				return git__throw(GIT_ERROR, "Failed to read unmerged entries");