Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge branch 'jk/format-person-part-buffer-limit'

Avoid buffer overflow in format_person_part() function
  • Loading branch information...
commit 9972c8ea49ea95a841fd35fe847bc1062abe5a44 2 parents 407abba + c9b4e9e
@gitster gitster authored
Showing with 4 additions and 2 deletions.
  1. +4 −2 pretty.c
View
6 pretty.c
@@ -550,8 +550,10 @@ static size_t format_person_part(struct strbuf *sb, char part,
mail_end = s.mail_end;
if (part == 'N' || part == 'E') { /* mailmap lookup */
- strlcpy(person_name, name_start, name_end - name_start + 1);
- strlcpy(person_mail, mail_start, mail_end - mail_start + 1);
+ snprintf(person_name, sizeof(person_name), "%.*s",
+ (int)(name_end - name_start), name_start);
+ snprintf(person_mail, sizeof(person_mail), "%.*s",
+ (int)(mail_end - mail_start), mail_start);
mailmap_name(person_mail, sizeof(person_mail), person_name, sizeof(person_name));
name_start = person_name;
name_end = name_start + strlen(person_name);
Please sign in to comment.
Something went wrong with that request. Please try again.