diff options
| author | Junio C Hamano <gitster@pobox.com> | 2013-07-21 22:51:22 -0700 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2013-07-21 22:51:22 -0700 |
| commit | dbed5935940f49e3b400b744b43da95f57c5c6d6 (patch) | |
| tree | 99c5f794f0e160190068566f161130d088aa25ee | |
| parent | 82ec54dc8bbb653faa64638d74129e45aea3326b (diff) | |
| parent | 2fbd4f92fa0d6d59d01cf1b9c800d428cd95143d (diff) | |
| download | git-dbed5935940f49e3b400b744b43da95f57c5c6d6.tar.gz | |
Merge branch 'mh/maint-lockfile-overflow' into maint
* mh/maint-lockfile-overflow:
lockfile: fix buffer overflow in path handling
| -rw-r--r-- | lockfile.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/lockfile.c b/lockfile.c index c6fb77b26f..8fbcb6a98a 100644 --- a/lockfile.c +++ b/lockfile.c @@ -124,15 +124,17 @@ static char *resolve_symlink(char *p, size_t s) static int lock_file(struct lock_file *lk, const char *path, int flags) { - if (strlen(path) >= sizeof(lk->filename)) - return -1; - strcpy(lk->filename, path); /* * subtract 5 from size to make sure there's room for adding * ".lock" for the lock file name */ + static const size_t max_path_len = sizeof(lk->filename) - 5; + + if (strlen(path) >= max_path_len) + return -1; + strcpy(lk->filename, path); if (!(flags & LOCK_NODEREF)) - resolve_symlink(lk->filename, sizeof(lk->filename)-5); + resolve_symlink(lk->filename, max_path_len); strcat(lk->filename, ".lock"); lk->fd = open(lk->filename, O_RDWR | O_CREAT | O_EXCL, 0666); if (0 <= lk->fd) { |