summaryrefslogtreecommitdiff
path: root/diffcore-pickaxe.c
diff options
context:
space:
mode:
authorJunio C Hamano <gitster@pobox.com>2016-09-26 16:09:19 -0700
committerJunio C Hamano <gitster@pobox.com>2016-09-26 16:09:19 -0700
commit6a67695268562f67babdb7d5195c8a43cc4015fa (patch)
treeb5bbacc08e466f6de62cf2e9fd450d71ef0ea6c7 /diffcore-pickaxe.c
parent31b83f361bd962e9c5f96bf7714051d77f592af2 (diff)
parentb7d36ffca02c23f545d6e098d78180e6e72dfd8d (diff)
downloadgit-6a67695268562f67babdb7d5195c8a43cc4015fa.tar.gz
Merge branch 'js/regexec-buf'
Some codepaths in "git diff" used regexec(3) on a buffer that was mmap(2)ed, which may not have a terminating NUL, leading to a read beyond the end of the mapped region. This was fixed by introducing a regexec_buf() helper that takes a <ptr,len> pair with REG_STARTEND extension. * js/regexec-buf: regex: use regexec_buf() regex: add regexec_buf() that can work on a non NUL-terminated string regex: -G<pattern> feeds a non NUL-terminated string to regexec() and fails
Diffstat (limited to 'diffcore-pickaxe.c')
-rw-r--r--diffcore-pickaxe.c18
1 files changed, 8 insertions, 10 deletions
diff --git a/diffcore-pickaxe.c b/diffcore-pickaxe.c
index 55067cab6c..9795ca1c15 100644
--- a/diffcore-pickaxe.c
+++ b/diffcore-pickaxe.c
@@ -23,7 +23,6 @@ static void diffgrep_consume(void *priv, char *line, unsigned long len)
{
struct diffgrep_cb *data = priv;
regmatch_t regmatch;
- int hold;
if (line[0] != '+' && line[0] != '-')
return;
@@ -33,11 +32,8 @@ static void diffgrep_consume(void *priv, char *line, unsigned long len)
* caller early.
*/
return;
- /* Yuck -- line ought to be "const char *"! */
- hold = line[len];
- line[len] = '\0';
- data->hit = !regexec(data->regexp, line + 1, 1, &regmatch, 0);
- line[len] = hold;
+ data->hit = !regexec_buf(data->regexp, line + 1, len - 1, 1,
+ &regmatch, 0);
}
static int diff_grep(mmfile_t *one, mmfile_t *two,
@@ -50,9 +46,11 @@ static int diff_grep(mmfile_t *one, mmfile_t *two,
xdemitconf_t xecfg;
if (!one)
- return !regexec(regexp, two->ptr, 1, &regmatch, 0);
+ return !regexec_buf(regexp, two->ptr, two->size,
+ 1, &regmatch, 0);
if (!two)
- return !regexec(regexp, one->ptr, 1, &regmatch, 0);
+ return !regexec_buf(regexp, one->ptr, one->size,
+ 1, &regmatch, 0);
/*
* We have both sides; need to run textual diff and see if
@@ -83,8 +81,8 @@ static unsigned int contains(mmfile_t *mf, regex_t *regexp, kwset_t kws)
regmatch_t regmatch;
int flags = 0;
- assert(data[sz] == '\0');
- while (*data && !regexec(regexp, data, 1, &regmatch, flags)) {
+ while (*data &&
+ !regexec_buf(regexp, data, sz, 1, &regmatch, flags)) {
flags |= REG_NOTBOL;
data += regmatch.rm_eo;
if (*data && regmatch.rm_so == regmatch.rm_eo)