diff options
| author | Jeff King <peff@peff.net> | 2015-01-28 12:57:35 -0500 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2015-01-28 12:42:44 -0800 |
| commit | 66ec904b4e5779c2ffd68d3bb8071cc15b2287c7 (patch) | |
| tree | 8836ceeb5e3f7e2c2c69d087110451f23f3ce733 | |
| parent | 8b87cfd000c7c98f58279cff698f6e8c7892c059 (diff) | |
| download | git-jk/status-read-branch-name-fix.tar.gz | |
read_and_strip_branch: fix typo'd address-of operatorjk/status-read-branch-name-fix
When we are chomping newlines from the end of a strbuf, we
must check "sb.len != 0" before accessing "sb.buf[sb.len - 1]".
However, this code mistakenly checks "&sb.len", which is
always true (it is a part of an auto struct, so the address
is always non-zero). This could lead to us accessing memory
outside the strbuf when we read an empty file.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| -rw-r--r-- | wt-status.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/wt-status.c b/wt-status.c index aa53436118..a30ca97fc8 100644 --- a/wt-status.c +++ b/wt-status.c @@ -975,7 +975,7 @@ static char *read_and_strip_branch(const char *path) if (strbuf_read_file(&sb, git_path("%s", path), 0) <= 0) goto got_nothing; - while (&sb.len && sb.buf[sb.len - 1] == '\n') + while (sb.len && sb.buf[sb.len - 1] == '\n') strbuf_setlen(&sb, sb.len - 1); if (!sb.len) goto got_nothing; |