diff options
| author | Junio C Hamano <gitster@pobox.com> | 2008-10-26 22:24:44 -0700 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2008-10-26 22:24:44 -0700 |
| commit | 356af64d84076baaf90b0bf8adb7245771264e5a (patch) | |
| tree | 008ecc6fdb6323d2bac3e09be6dce5b0de5f64cb | |
| parent | 304d058370a9a797c38ec739c6d39fa45d9ed8e5 (diff) | |
| parent | 9fa03c177ff826b439537072338af958fe01c257 (diff) | |
| download | git-356af64d84076baaf90b0bf8adb7245771264e5a.tar.gz | |
Merge branch 'ar/maint-mksnpath' into HEAD
* ar/maint-mksnpath:
Fix potentially dangerous uses of mkpath and git_path
Fix mkpath abuse in dwim_ref and dwim_log of sha1_name.c
Add mksnpath which allows you to specify the output buffer
| -rw-r--r-- | builtin-apply.c | 4 | ||||
| -rw-r--r-- | cache.h | 3 | ||||
| -rw-r--r-- | path.c | 15 | ||||
| -rw-r--r-- | sha1_name.c | 6 |
4 files changed, 24 insertions, 4 deletions
diff --git a/builtin-apply.c b/builtin-apply.c index cfd8fceb90..4c4d1e1774 100644 --- a/builtin-apply.c +++ b/builtin-apply.c @@ -2841,8 +2841,8 @@ static void create_one_file(char *path, unsigned mode, const char *buf, unsigned unsigned int nr = getpid(); for (;;) { - const char *newpath; - newpath = mkpath("%s~%u", path, nr); + char newpath[PATH_MAX]; + mksnpath(newpath, sizeof(newpath), "%s~%u", path, nr); if (!try_create_file(newpath, mode, buf, size)) { if (!rename(newpath, path)) return; @@ -495,6 +495,9 @@ extern int check_repository_format(void); #define DATA_CHANGED 0x0020 #define TYPE_CHANGED 0x0040 +extern char *mksnpath(char *buf, size_t n, const char *fmt, ...) + __attribute__((format (printf, 3, 4))); + /* Return a statically allocated filename matching the sha1 signature */ extern char *mkpath(const char *fmt, ...) __attribute__((format (printf, 1, 2))); extern char *git_path(const char *fmt, ...) __attribute__((format (printf, 1, 2))); @@ -32,6 +32,21 @@ static char *cleanup_path(char *path) return path; } +char *mksnpath(char *buf, size_t n, const char *fmt, ...) +{ + va_list args; + unsigned len; + + va_start(args, fmt); + len = vsnprintf(buf, n, fmt, args); + va_end(args); + if (len >= n) { + snprintf(buf, n, bad_path); + return buf; + } + return cleanup_path(buf); +} + char *mkpath(const char *fmt, ...) { va_list args; diff --git a/sha1_name.c b/sha1_name.c index 41b680915d..159c2ab84f 100644 --- a/sha1_name.c +++ b/sha1_name.c @@ -245,11 +245,13 @@ int dwim_ref(const char *str, int len, unsigned char *sha1, char **ref) *ref = NULL; for (p = ref_rev_parse_rules; *p; p++) { + char fullref[PATH_MAX]; unsigned char sha1_from_ref[20]; unsigned char *this_result; this_result = refs_found ? sha1_from_ref : sha1; - r = resolve_ref(mkpath(*p, len, str), this_result, 1, NULL); + mksnpath(fullref, sizeof(fullref), *p, len, str); + r = resolve_ref(fullref, this_result, 1, NULL); if (r) { if (!refs_found++) *ref = xstrdup(r); @@ -272,7 +274,7 @@ int dwim_log(const char *str, int len, unsigned char *sha1, char **log) char path[PATH_MAX]; const char *ref, *it; - strcpy(path, mkpath(*p, len, str)); + mksnpath(path, sizeof(path), *p, len, str); ref = resolve_ref(path, hash, 1, NULL); if (!ref) continue; |