summaryrefslogtreecommitdiff
path: root/sha1_file.c
diff options
context:
space:
mode:
authorRené Scharfe <l.s.r@web.de>2017-06-24 16:09:39 +0200
committerJunio C Hamano <gitster@pobox.com>2017-06-24 11:09:52 -0700
commit70c49050d4a16a7e2990e4d3c91d9d12f62e631e (patch)
tree0de8a7ca24f711dfe2f982eb94a5dbe346b2bbe2 /sha1_file.c
parent0375f472d484041f9b1e5550b57d69286b3322e7 (diff)
downloadgit-rs/sha1-name-readdir-optim.tar.gz
sha1_file: guard against invalid loose subdirectory numbersrs/sha1-name-readdir-optim
Loose object subdirectories have hexadecimal names based on the first byte of the hash of contained objects, thus their numerical representation can range from 0 (0x00) to 255 (0xff). Change the type of the corresponding variable in for_each_file_in_obj_subdir() and associated callback functions to unsigned int and add a range check. Suggested-by: Jeff King <peff@peff.net> Signed-off-by: Rene Scharfe <l.s.r@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'sha1_file.c')
-rw-r--r--sha1_file.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/sha1_file.c b/sha1_file.c
index 98ce85acf9..77050a3801 100644
--- a/sha1_file.c
+++ b/sha1_file.c
@@ -3735,7 +3735,7 @@ void assert_sha1_type(const unsigned char *sha1, enum object_type expect)
typename(expect));
}
-int for_each_file_in_obj_subdir(int subdir_nr,
+int for_each_file_in_obj_subdir(unsigned int subdir_nr,
struct strbuf *path,
each_loose_object_fn obj_cb,
each_loose_cruft_fn cruft_cb,
@@ -3747,6 +3747,9 @@ int for_each_file_in_obj_subdir(int subdir_nr,
struct dirent *de;
int r = 0;
+ if (subdir_nr > 0xff)
+ BUG("invalid loose object subdirectory: %x", subdir_nr);
+
origlen = path->len;
strbuf_complete(path, '/');
strbuf_addf(path, "%02x", subdir_nr);