summaryrefslogtreecommitdiff
path: root/http-push.c
diff options
context:
space:
mode:
authorJeff King <peff@peff.net>2015-09-24 17:06:58 -0400
committerJunio C Hamano <gitster@pobox.com>2015-09-25 10:18:18 -0700
commit0cc41428596ec1cd3862918ef781793ef7346ba5 (patch)
treee24056a8c9430b9d9f58dc4e416931a00c396cf9 /http-push.c
parent48bcc1c3cc09db1a6da0ce47460fae6e5f7edd4b (diff)
downloadgit-0cc41428596ec1cd3862918ef781793ef7346ba5.tar.gz
http-push: replace strcat with xsnprintf
We account for these strcats in our initial allocation, but the code is confusing to follow and verify. Let's remember our original allocation length, and then xsnprintf can verify that we don't exceed it. Note that we can't just use xstrfmt here (which would be even cleaner) because the code tries to grow the buffer only when necessary. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'http-push.c')
-rw-r--r--http-push.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/http-push.c b/http-push.c
index 1f3788f634..37baff818f 100644
--- a/http-push.c
+++ b/http-push.c
@@ -786,21 +786,21 @@ xml_start_tag(void *userData, const char *name, const char **atts)
{
struct xml_ctx *ctx = (struct xml_ctx *)userData;
const char *c = strchr(name, ':');
- int new_len;
+ int old_namelen, new_len;
if (c == NULL)
c = name;
else
c++;
- new_len = strlen(ctx->name) + strlen(c) + 2;
+ old_namelen = strlen(ctx->name);
+ new_len = old_namelen + strlen(c) + 2;
if (new_len > ctx->len) {
ctx->name = xrealloc(ctx->name, new_len);
ctx->len = new_len;
}
- strcat(ctx->name, ".");
- strcat(ctx->name, c);
+ xsnprintf(ctx->name + old_namelen, ctx->len - old_namelen, ".%s", c);
free(ctx->cdata);
ctx->cdata = NULL;