From f54fac53786808130c82936e59be16000deba04a Mon Sep 17 00:00:00 2001
From: Jeff King <peff@peff.net>
Date: Mon, 25 Mar 2013 16:17:17 -0400
Subject: check_sha1_signature: check return value from read_istream

It's possible for read_istream to return an error, in which
case we just end up in an infinite loop (aside from EOF, we
do not even look at the result, but just feed it straight
into our running hash).

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---
 sha1_file.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'sha1_file.c')

diff --git a/sha1_file.c b/sha1_file.c
index 16967d3b9a..0b99f336e6 100644
--- a/sha1_file.c
+++ b/sha1_file.c
@@ -1266,6 +1266,10 @@ int check_sha1_signature(const unsigned char *sha1, void *map,
 		char buf[1024 * 16];
 		ssize_t readlen = read_istream(st, buf, sizeof(buf));
 
+		if (readlen < 0) {
+			close_istream(st);
+			return -1;
+		}
 		if (!readlen)
 			break;
 		git_SHA1_Update(&c, buf, readlen);
-- 
cgit v1.2.1