Skip to content
Permalink
Browse files

index: error out on unreasonable prefix-compressed path lengths

When computing the complete path length from the encoded
prefix-compressed path, we end up just allocating the complete path
without ever checking what the encoded path length actually is. This can
easily lead to a denial of service by just encoding an unreasonable long
path name inside of the index. Git already enforces a maximum path
length of 4096 bytes. As we also have that enforcement ready in some
places, just make sure that the resulting path is smaller than
GIT_PATH_MAX.

Reported-by: Krishna Ram Prakash R <krp@gtux.in>
Reported-by: Vivek Parikh <viv0411.parikh@gmail.com>
  • Loading branch information...
pks-t committed Mar 8, 2018
1 parent 3207ddb commit 3db1af1f370295ad5355b8f64b865a2a357bcac0
Showing with 4 additions and 0 deletions.
  1. +4 −0 src/index.c
@@ -2379,6 +2379,10 @@ static int read_entry(

GITERR_CHECK_ALLOC_ADD(&path_len, prefix_len, suffix_len);
GITERR_CHECK_ALLOC_ADD(&path_len, path_len, 1);

if (path_len > GIT_PATH_MAX)
return index_error_invalid("unreasonable path length");

tmp_path = git__malloc(path_len);
GITERR_CHECK_ALLOC(tmp_path);

0 comments on commit 3db1af1

Please sign in to comment.
You can’t perform that action at this time.