Home » Mailing list archives » git » 2008 » July » 16

[PATCH] Fix buffer overflow in prepare_attr_stack

!MAILaRCHIVE_VOTE_RePLACE
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Dmitry Potapov <dpotapov@...>
To: <git@...>
Cc: Johannes Schindelin <Johannes.Schindelin@...>, Dmitry Potapov <dpotapov@...>
Subject: [PATCH] Fix buffer overflow in prepare_attr_stack
Date: Wednesday, July 16, 2008 - 10:54 am

If PATH_MAX on your system is smaller than a path stored in the git repo,
it may cause the buffer overflow in prepare_attr_stack.

Signed-off-by: Dmitry Potapov <dpotapov@gmail.com>
---
 attr.c |   15 +++++++++------
 1 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/attr.c b/attr.c
index 0fb47d3..73b6d6d 100644
--- a/attr.c
+++ b/attr.c
@@ -459,7 +459,9 @@ static void prepare_attr_stack(const char *path, int dirlen)
 {
 	struct attr_stack *elem, *info;
 	int len;
-	char pathbuf[PATH_MAX];
+	struct strbuf pathbuf;
+
+	strbuf_init(&pathbuf, dirlen+2+strlen(GITATTRIBUTES_FILE));
 
 	/*
 	 * At the bottom of the attribute stack is the built-in
@@ -510,13 +512,14 @@ static void prepare_attr_stack(const char *path, int dirlen)
 			len = strlen(attr_stack->origin);
 			if (dirlen <= len)
 				break;
-			memcpy(pathbuf, path, dirlen);
-			memcpy(pathbuf + dirlen, "/", 2);
-			cp = strchr(pathbuf + len + 1, '/');
+			pathbuf.len = 0;
+			strbuf_add(&pathbuf, path, dirlen);
+			strbuf_addch(&pathbuf, '/');
+			cp = strchr(pathbuf.buf + len + 1, '/');
 			strcpy(cp + 1, GITATTRIBUTES_FILE);
-			elem = read_attr(pathbuf, 0);
+			elem = read_attr(pathbuf.buf, 0);
 			*cp = '\0';
-			elem->origin = strdup(pathbuf);
+			elem->origin = strdup(pathbuf.buf);
 			elem->prev = attr_stack;
 			attr_stack = elem;
 			debug_push(elem);
-- 
1.5.6.3.3.gfcafb

--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
[PATCH] Fix buffer overflow in git-grep, Dmitry Potapov, (Wed Jul 16, 6:15 am)
Re: [PATCH] Fix buffer overflow in git-grep, Johannes Schindelin, (Wed Jul 16, 6:35 am)
[PATCH v2] Fix buffer overflow in git-grep, Dmitry Potapov, (Wed Jul 16, 11:33 am)
Re: [PATCH] Fix buffer overflow in git-grep, Dmitry Potapov, (Wed Jul 16, 7:54 am)
Re: [PATCH] Fix buffer overflow in git-grep, Dmitry Potapov, (Wed Jul 16, 10:33 am)
[PATCH] Fix buffer overflow in git diff, Dmitry Potapov, (Wed Jul 16, 10:54 am)
[PATCH] Fix buffer overflow in prepare_attr_stack, Dmitry Potapov, (Wed Jul 16, 10:54 am)
Re: [PATCH] Fix buffer overflow in prepare_attr_stack, Johannes Sixt, (Wed Jul 16, 11:21 am)
[PATCH v2] Fix buffer overflow in prepare_attr_stack, Dmitry Potapov, (Wed Jul 16, 11:39 am)
Re: [PATCH] Fix buffer overflow in git-grep, Johannes Schindelin, (Wed Jul 16, 10:47 am)