summaryrefslogtreecommitdiff
path: root/fsck.c
diff options
context:
space:
mode:
authorJeff King <peff@peff.net>2014-12-08 00:48:13 -0500
committerJunio C Hamano <gitster@pobox.com>2014-12-09 11:54:25 -0800
commit7add441984063d2c34fa8de252b8ceb803e7981a (patch)
tree33d1406102d6d660c798dfd4ac79b23badc655b7 /fsck.c
parentf99b7af661f89865f918e52223a3bdaf312a0de0 (diff)
downloadgit-7add441984063d2c34fa8de252b8ceb803e7981a.tar.gz
fsck: properly bound "invalid tag name" error message
When we detect an invalid tag-name header in a tag object, like, "tag foo bar\n", we feed the pointer starting at "foo bar" to a printf "%s" formatter. This shows the name, as we want, but then it keeps printing the rest of the tag buffer, rather than stopping at the end of the line. Our tests did not notice because they look only for the matching line, but the bug is that we print much more than we wanted to. So we also adjust the test to be more exact. Note that when fscking tags with "index-pack --strict", this is even worse. index-pack does not add a trailing NUL-terminator after the object, so we may actually read past the buffer and print uninitialized memory. Running t5302 with valgrind does notice the bug for that reason. Signed-off-by: Jeff King <peff@peff.net> Acked-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'fsck.c')
-rw-r--r--fsck.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/fsck.c b/fsck.c
index 2fffa434a5..88c92e82d1 100644
--- a/fsck.c
+++ b/fsck.c
@@ -423,7 +423,8 @@ static int fsck_tag_buffer(struct tag *tag, const char *data,
}
strbuf_addf(&sb, "refs/tags/%.*s", (int)(eol - buffer), buffer);
if (check_refname_format(sb.buf, 0))
- error_func(&tag->object, FSCK_WARN, "invalid 'tag' name: %s", buffer);
+ error_func(&tag->object, FSCK_WARN, "invalid 'tag' name: %.*s",
+ (int)(eol - buffer), buffer);
buffer = eol + 1;
if (!skip_prefix(buffer, "tagger ", &buffer))