index-pack: terminate object buffers with NUL
We have some tricky checks in fsck that rely on a side effect of require_end_of_header(), and would otherwise easily run outside non-NUL-terminated buffers. This is a bit brittle, so let's make sure that only NUL-terminated buffers are passed around to begin with. Jeff "Peff" King contributed the detailed analysis which call paths are involved and pointed out that we also have to patch the get_data() function in unpack-objects.c, which is what Johannes "Dscho" Schindelin implemented. Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com> Analyzed-by: Jeff King <peff@peff.net> Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
parent
7add441984
commit
a1e920a0a7
@ -438,7 +438,7 @@ static void *unpack_entry_data(unsigned long offset, unsigned long size,
|
||||
if (type == OBJ_BLOB && size > big_file_threshold)
|
||||
buf = fixed_buf;
|
||||
else
|
||||
buf = xmalloc(size);
|
||||
buf = xmallocz(size);
|
||||
|
||||
memset(&stream, 0, sizeof(stream));
|
||||
git_inflate_init(&stream);
|
||||
@ -543,7 +543,7 @@ static void *unpack_data(struct object_entry *obj,
|
||||
git_zstream stream;
|
||||
int status;
|
||||
|
||||
data = xmalloc(consume ? 64*1024 : obj->size);
|
||||
data = xmallocz(consume ? 64*1024 : obj->size);
|
||||
inbuf = xmalloc((len < 64*1024) ? len : 64*1024);
|
||||
|
||||
memset(&stream, 0, sizeof(stream));
|
||||
|
@ -91,7 +91,7 @@ static void use(int bytes)
|
||||
static void *get_data(unsigned long size)
|
||||
{
|
||||
git_zstream stream;
|
||||
void *buf = xmalloc(size);
|
||||
void *buf = xmallocz(size);
|
||||
|
||||
memset(&stream, 0, sizeof(stream));
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user