git-commit-vandalism/builtin
Jeff King 5b1ef2cef4 replace unchecked snprintf calls with heap buffers
We'd prefer to avoid unchecked snprintf calls because
truncation can lead to unexpected results.

These are all cases where truncation shouldn't ever happen,
because the input to snprintf is fixed in size. That makes
them candidates for xsnprintf(), but it's simpler still to
just use the heap, and then nobody has to wonder if "100" is
big enough.

We'll use xstrfmt() where possible, and a strbuf when we need
the resulting size or to reuse the same buffer in a loop.

Signed-off-by: Jeff King <peff@peff.net>
2017-03-30 14:59:50 -07:00
..
add.c hold_locked_index(): align error handling with hold_lockfile_for_update() 2016-12-07 11:31:59 -08:00
am.c delete_ref: accept a reflog message argument 2017-02-20 22:04:47 -08:00
annotate.c
apply.c apply: refactor git apply option parsing 2016-09-07 12:29:53 -07:00
archive.c archive: read local configuration 2016-11-22 13:55:20 -08:00
bisect--helper.c
blame.c Merge branch 'rs/blame-code-cleanup' 2017-03-17 13:50:24 -07:00
branch.c Merge branch 'bc/object-id' 2017-03-17 13:50:25 -07:00
bundle.c bundle: use prefix_filename with bundle path 2017-03-21 11:18:41 -07:00
cat-file.c Convert object iteration callbacks to struct object_id 2017-02-22 10:12:15 -08:00
check-attr.c attr: tighten const correctness with git_attr and match_attr 2017-02-01 13:46:53 -08:00
check-ignore.c give "nbuf" strbuf a more meaningful name 2016-02-01 13:43:02 -08:00
check-mailmap.c strbuf: introduce strbuf_getline_{lf,nul}() 2016-01-15 10:12:51 -08:00
check-ref-format.c use xmallocz to avoid size arithmetic 2016-02-22 14:51:09 -08:00
checkout-index.c hold_locked_index(): align error handling with hold_lockfile_for_update() 2016-12-07 11:31:59 -08:00
checkout.c avoid using fixed PATH_MAX buffers for refs 2017-03-30 14:59:50 -07:00
clean.c Merge branch 'nd/clean-preserve-errno-in-warning' 2017-02-27 13:57:16 -08:00
clone.c builtin/clone: convert to struct object_id 2017-02-22 10:12:15 -08:00
column.c column: read lines with strbuf_getline() 2016-01-15 10:35:07 -08:00
commit-tree.c builtin/commit-tree: convert to struct object_id 2016-09-07 12:59:43 -07:00
commit.c builtin/commit: convert to struct object_id 2017-02-20 01:11:26 -08:00
config.c prefix_filename: return newly allocated string 2017-03-21 11:18:41 -07:00
count-objects.c Convert object iteration callbacks to struct object_id 2017-02-22 10:12:15 -08:00
credential.c
describe.c builtin/describe: introduce --broken flag 2017-03-22 10:13:41 -07:00
diff-files.c diff: run arguments through precompose_argv 2016-05-13 14:35:49 -07:00
diff-index.c diff: run arguments through precompose_argv 2016-05-13 14:35:49 -07:00
diff-tree.c Merge branch 'bc/object-id' 2017-03-17 13:50:25 -07:00
diff.c use SWAP macro 2017-01-30 14:17:00 -08:00
difftool.c difftool: handle modified symlinks in dir-diff mode 2017-03-15 12:08:10 -07:00
fast-export.c builtin/fast-export: convert to struct object_id 2017-02-22 10:12:15 -08:00
fetch-pack.c fetch-pack: move code to report unmatched refs to a function 2017-03-02 11:12:53 -08:00
fetch.c fetch: use heap buffer to format reflog 2017-03-30 14:59:50 -07:00
fmt-merge-msg.c builtin/fmt-merge-message: convert to struct object_id 2017-02-22 10:12:15 -08:00
for-each-ref.c tag, branch, for-each-ref: add --ignore-case for sorting and filtering 2016-12-05 14:59:29 -08:00
fsck.c Convert object iteration callbacks to struct object_id 2017-02-22 10:12:15 -08:00
gc.c Merge branch 'cc/split-index-config' 2017-03-17 13:50:23 -07:00
get-tar-commit-id.c usage: do not insist that standard input must come from a file 2015-10-16 15:27:52 -07:00
grep.c Merge branch 'sb/checkout-recurse-submodules' 2017-03-28 14:05:58 -07:00
hash-object.c prefix_filename: return newly allocated string 2017-03-21 11:18:41 -07:00
help.c Merge branch 'js/no-html-bypass-on-windows' into maint 2016-09-08 21:35:55 -07:00
index-pack.c replace unchecked snprintf calls with heap buffers 2017-03-30 14:59:50 -07:00
init-db.c real_pathdup(): fix callsites that wanted it to die on error 2017-03-08 14:38:41 -08:00
interpret-trailers.c Merge branch 'jk/parseopt-string-list' into jk/string-list-static-init 2016-06-13 10:37:48 -07:00
log.c prefix_filename: return newly allocated string 2017-03-21 11:18:41 -07:00
ls-files.c ls-files: move only kept cache entries in prune_cache() 2017-02-13 12:06:10 -08:00
ls-remote.c avoid using fixed PATH_MAX buffers for refs 2017-03-30 14:59:50 -07:00
ls-tree.c ls-tree: convert show_recursive to use the pathspec struct interface 2017-01-08 18:04:17 -08:00
mailinfo.c prefix_filename: return newly allocated string 2017-03-21 11:18:41 -07:00
mailsplit.c mailsplit: support unescaping mboxrd messages 2016-06-06 11:14:43 -07:00
merge-base.c builtin/merge-base: convert to struct object_id 2017-02-22 10:12:16 -08:00
merge-file.c prefix_filename: return newly allocated string 2017-03-21 11:18:41 -07:00
merge-index.c use oid_to_hex_r() for converting struct object_id hashes to hex strings 2017-01-30 14:23:40 -08:00
merge-ours.c
merge-recursive.c i18n: merge-recursive: mark verbose message for translation 2016-09-15 13:17:32 -07:00
merge-tree.c struct name_entry: use struct object_id instead of unsigned char sha1[20] 2016-04-25 14:23:42 -07:00
merge.c Merge branch 'bc/object-id' 2017-03-17 13:50:25 -07:00
mktag.c usage: do not insist that standard input must come from a file 2015-10-16 15:27:52 -07:00
mktree.c use QSORT 2016-09-29 15:42:18 -07:00
mv.c Merge branch 'bw/pathspec-cleanup' 2017-01-18 15:12:15 -08:00
name-rev.c name-rev: replace static buffer with strbuf 2017-03-30 14:59:50 -07:00
notes.c replace unchecked snprintf calls with heap buffers 2017-03-30 14:59:50 -07:00
pack-objects.c Merge branch 'jk/fast-import-cleanup' 2017-03-28 14:05:59 -07:00
pack-redundant.c convert trivial cases to ALLOC_ARRAY 2016-02-22 14:51:09 -08:00
pack-refs.c
patch-id.c Merge branch 'rs/patch-id-use-skip-prefix' 2016-06-03 14:38:03 -07:00
prune-packed.c Convert object iteration callbacks to struct object_id 2017-02-22 10:12:15 -08:00
prune.c Convert object iteration callbacks to struct object_id 2017-02-22 10:12:15 -08:00
pull.c Merge branch 'jc/pull-rebase-ff' into maint 2017-01-17 15:11:05 -08:00
push.c Merge branch 'bw/push-submodule-only' 2017-01-31 13:14:56 -08:00
read-tree.c builtin/read-tree: add --recurse-submodules switch 2017-03-16 14:07:16 -07:00
rebase--helper.c rebase--helper: add a builtin helper for interactive rebases 2017-02-09 14:55:26 -08:00
receive-pack.c receive-pack: print --pack-header directly into argv array 2017-03-30 14:59:50 -07:00
reflog.c refs: convert each_reflog_ent_fn to struct object_id 2017-02-22 10:12:15 -08:00
remote-ext.c pkt-line: rename packet_write() to packet_write_fmt() 2016-10-17 11:36:50 -07:00
remote-fd.c
remote.c Merge branch 'rl/remote-allow-missing-branch-name-merge' into maint 2017-03-21 15:03:28 -07:00
repack.c repack: die on incremental + write-bitmap-index 2016-12-29 13:45:37 -08:00
replace.c avoid using fixed PATH_MAX buffers for refs 2017-03-30 14:59:50 -07:00
rerere.c Sync with 2.6.1 2015-10-05 13:20:08 -07:00
reset.c delete_ref: accept a reflog message argument 2017-02-20 22:04:47 -08:00
rev-list.c use oid_to_hex_r() for converting struct object_id hashes to hex strings 2017-01-30 14:23:40 -08:00
rev-parse.c replace unchecked snprintf calls with heap buffers 2017-03-30 14:59:50 -07:00
revert.c Merge branch 'jk/cherry-pick-0-mainline' 2017-03-17 13:50:28 -07:00
rm.c rm: reuse strbuf for all remove_dir_recursively() calls, again 2017-02-13 14:33:32 -08:00
send-pack.c remote-curl: allow push options 2017-03-22 15:41:21 -07:00
shortlog.c Merge branch 'rs/shortlog-cleanup' 2017-03-24 13:07:37 -07:00
show-branch.c Merge branch 'jk/show-branch-lift-name-len-limit' into maint 2017-03-21 15:03:29 -07:00
show-ref.c show-ref: remove a stale comment 2017-01-23 18:51:56 -08:00
stripspace.c stripspace: respect repository config 2016-11-21 11:00:38 -08:00
submodule--helper.c Merge branch 'sb/checkout-recurse-submodules' 2017-03-28 14:05:58 -07:00
symbolic-ref.c delete_ref: accept a reflog message argument 2017-02-20 22:04:47 -08:00
tag.c avoid using fixed PATH_MAX buffers for refs 2017-03-30 14:59:50 -07:00
unpack-file.c convert trivial sprintf / strcpy calls to xsnprintf 2015-09-25 10:18:18 -07:00
unpack-objects.c unpack-objects: add --max-input-size=<size> option 2016-08-24 12:31:05 -07:00
update-index.c update-index: warn in case of split-index incoherency 2017-03-01 13:24:21 -08:00
update-ref.c update-ref: pass reflog message to delete_ref() 2017-02-20 22:04:47 -08:00
update-server-info.c
upload-archive.c archive: read local configuration 2016-11-22 13:55:20 -08:00
var.c
verify-commit.c
verify-pack.c
verify-tag.c builtin/verify-tag: add --format to verify-tag 2017-01-17 16:10:22 -08:00
worktree.c prefix_filename: return newly allocated string 2017-03-21 11:18:41 -07:00
write-tree.c