pp_header(): work around possible memory corruption

add_user_info() possibly adds way more than just the commit header line. In fact, it sometimes needs so much more space that there is a buffer overrun, leading to an ugly crash. For example, the date is printed in its own line, and usually takes up more space than the equivalent Unix epoch. So, for good measure, add 80 characters (a full line) to the allocated space, in addition to the header line length. Signed-off-by: Johannes Schindelin <Johannes.Schindelin@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
gitster · Jun 17, 2007 · 4cd008a · 4cd008a
1 parent c927e6c
commit 4cd008a
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/commit.c b/commit.c
@@ -997,7 +997,7 @@ static void pp_header(enum cmit_fmt fmt,
 			len = linelen;
 			if (fmt == CMIT_FMT_EMAIL)
 				len = bound_rfc2047(linelen, encoding);
-			ALLOC_GROW(*buf_p, *ofs_p + len, *space_p);
+			ALLOC_GROW(*buf_p, *ofs_p + len + 80, *space_p);
 			dst = *buf_p + *ofs_p;
 			*ofs_p += add_user_info("Author", fmt, dst,
 						line + 7, dmode, encoding);
@@ -1008,7 +1008,7 @@ static void pp_header(enum cmit_fmt fmt,
 			len = linelen;
 			if (fmt == CMIT_FMT_EMAIL)
 				len = bound_rfc2047(linelen, encoding);
-			ALLOC_GROW(*buf_p, *ofs_p + len, *space_p);
+			ALLOC_GROW(*buf_p, *ofs_p + len + 80, *space_p);
 			dst = *buf_p + *ofs_p;
 			*ofs_p += add_user_info("Commit", fmt, dst,
 						line + 10, dmode, encoding);