git-commit-vandalism/compat
Jeff King 50a6c8efa2 use st_add and st_mult for allocation size computation
If our size computation overflows size_t, we may allocate a
much smaller buffer than we expected and overflow it. It's
probably impossible to trigger an overflow in most of these
sites in practice, but it is easy enough convert their
additions and multiplications into overflow-checking
variants. This may be fixing real bugs, and it makes
auditing the code easier.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2016-02-22 14:51:09 -08:00
..
nedmalloc prefer memcpy to strcpy 2015-10-05 11:08:05 -07:00
poll poll: honor the timeout on Win32 2015-09-14 12:53:48 -07:00
regex Silence GCC's "cast of pointer to integer of a different size" warning 2015-10-26 13:24:03 -07:00
vcbuild Merge branch 'ks/tree-diff-nway' 2014-06-03 12:06:40 -07:00
win32 use st_add and st_mult for allocation size computation 2016-02-22 14:51:09 -08:00
apple-common-crypto.h sha1: allow limiting the size of the data passed to SHA1_Update() 2015-11-05 10:35:11 -08:00
basename.c compat/basename.c: provide a dirname() compatibility function 2016-01-12 10:40:54 -08:00
bswap.h bswap: add NO_UNALIGNED_LOADS define 2016-01-04 09:51:33 -08:00
fopen.c
gmtime.c date: recognize bogus FreeBSD gmtime output 2014-04-01 14:39:04 -07:00
hstrerror.c compat/hstrerror: convert sprintf to snprintf 2015-09-25 10:18:18 -07:00
inet_ntop.c compat/inet_ntop: fix off-by-one in inet_ntop4 2015-09-25 10:18:18 -07:00
inet_pton.c Drop system includes from inet_pton/inet_ntop compatibility wrappers 2012-02-05 16:32:33 -08:00
memmem.c
mingw.c use st_add and st_mult for allocation size computation 2016-02-22 14:51:09 -08:00
mingw.h Merge branch 'js/dirname-basename' into maint 2016-02-05 14:54:17 -08:00
mkdir.c compat: some mkdir() do not like a slash at the end 2012-08-24 09:48:51 -07:00
mkdtemp.c
mmap.c wrapper.c: add xpread() similar to xread() 2014-04-10 12:18:55 -07:00
msvc.c
msvc.h MSVC: fix stat definition hell 2013-09-11 11:08:52 -07:00
obstack.c
obstack.h obstack: fix spelling of similar 2013-04-12 12:23:20 -07:00
pread.c
precompose_utf8.c probe_utf8_pathname_composition: use internal strbuf 2015-10-05 11:06:49 -07:00
precompose_utf8.h probe_utf8_pathname_composition: use internal strbuf 2015-10-05 11:06:49 -07:00
qsort.c use st_add and st_mult for allocation size computation 2016-02-22 14:51:09 -08:00
setenv.c use st_add and st_mult for allocation size computation 2016-02-22 14:51:09 -08:00
sha1-chunked.c sha1: allow limiting the size of the data passed to SHA1_Update() 2015-11-05 10:35:11 -08:00
sha1-chunked.h sha1: allow limiting the size of the data passed to SHA1_Update() 2015-11-05 10:35:11 -08:00
snprintf.c compat/snprintf: don't look at va_list twice 2011-12-12 09:09:35 -08:00
stat.c compat: convert modes to use portable file type values 2014-12-04 11:58:36 -08:00
strcasestr.c
strlcpy.c
strtoimax.c
strtoumax.c
terminal.c mingw: rename WIN32 cpp macro to GIT_WINDOWS_NATIVE 2013-05-08 12:14:35 -07:00
terminal.h add generic terminal prompt function 2011-12-12 16:09:38 -08:00
unsetenv.c Revert "compat/unsetenv.c: Fix a sparse warning" 2013-07-21 15:09:56 -07:00
win32.h mingw: rename WIN32 cpp macro to GIT_WINDOWS_NATIVE 2013-05-08 12:14:35 -07:00
win32mmap.c compat/win32mmap.c: Fix some sparse warnings 2013-04-28 12:27:08 -07:00
winansi.c convert trivial sprintf / strcpy calls to xsnprintf 2015-09-25 10:18:18 -07:00