Permalink
Browse files

Check size of path buffer before writing into it

This prevents a buffer overrun that could otherwise be triggered by
creating a file called '.git' with contents

  gitdir: (something really long)

Signed-off-by: Greg Brockman <gdb@mit.edu>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
  • Loading branch information...
1 parent 2998138 commit 1b0b962d771fb734cbf273f216b487bb58dec7b9 Greg Brockman committed with gitster Jul 20, 2010
Showing with 2 additions and 0 deletions.
  1. +2 −0 setup.c
View
@@ -153,6 +153,8 @@ static int is_git_directory(const char *suspect)
char path[PATH_MAX];
size_t len = strlen(suspect);
+ if (PATH_MAX <= len + strlen("/objects"))
+ die("Too long path: %.*s", 60, suspect);
strcpy(path, suspect);
if (getenv(DB_ENVIRONMENT)) {
if (access(getenv(DB_ENVIRONMENT), X_OK))

0 comments on commit 1b0b962

Please sign in to comment.