summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCarlos Martín Nieto <cmn@dwim.me>2015-11-30 17:32:18 +0100
committerCarlos Martín Nieto <cmn@dwim.me>2015-11-30 17:32:18 +0100
commit95ae3520c5c9f76a435f63cc2d5e18d7ba0ba171 (patch)
tree846ea705bd23507e237517f5cc7f6d9b0a97329b
parentee42bb0e3d6534b8ac4d48df90b1bb85323972ea (diff)
downloadlibgit2-95ae3520c5c9f76a435f63cc2d5e18d7ba0ba171.tar.gz
tree: ensure the entry filename fits in 16 bitscmn/tree-parse-speed
Return an error in case the length is too big. Also take this opportunity to have a single allocating function for the size and overflow logic.
-rw-r--r--src/tree.c42
1 files changed, 26 insertions, 16 deletions
diff --git a/src/tree.c b/src/tree.c
index d269a5333..0a32868cd 100644
--- a/src/tree.c
+++ b/src/tree.c
@@ -82,47 +82,57 @@ int git_tree_entry_icmp(const git_tree_entry *e1, const git_tree_entry *e2)
}
/**
- * Allocate a tree entry, borrowing the filename from the tree which
- * owns it. This is useful when reading trees, so we don't allocate a
- * ton of small strings but can use the pool.
+ * Allocate either from the pool or from the system allocator
*/
-static git_tree_entry *alloc_entry_pooled(git_pool *pool, const char *filename, size_t filename_len)
+static git_tree_entry *alloc_entry_base(git_pool *pool, const char *filename, size_t filename_len)
{
git_tree_entry *entry = NULL;
size_t tree_len;
+ if (filename_len > UINT16_MAX) {
+ giterr_set(GITERR_INVALID, "tree entry is over UINT16_MAX in length");
+ return NULL;
+ }
+
if (GIT_ADD_SIZET_OVERFLOW(&tree_len, sizeof(git_tree_entry), filename_len) ||
- GIT_ADD_SIZET_OVERFLOW(&tree_len, tree_len, 1) ||
- !(entry = git_pool_malloc(pool, tree_len)))
+ GIT_ADD_SIZET_OVERFLOW(&tree_len, tree_len, 1))
+ return NULL;
+
+ entry = pool ? git_pool_malloc(pool, tree_len) :
+ git__malloc(tree_len);
+ if (!entry)
return NULL;
memset(entry, 0x0, sizeof(git_tree_entry));
memcpy(entry->filename, filename, filename_len);
entry->filename[filename_len] = 0;
entry->filename_len = filename_len;
- entry->pooled = true;
return entry;
}
-static git_tree_entry *alloc_entry(const char *filename)
+/**
+ * Allocate a tree entry, using the poolin the tree which owns
+ * it. This is useful when reading trees, so we don't allocate a ton
+ * of small strings but can use the pool.
+ */
+static git_tree_entry *alloc_entry_pooled(git_pool *pool, const char *filename, size_t filename_len)
{
git_tree_entry *entry = NULL;
- size_t filename_len = strlen(filename), tree_len;
- if (GIT_ADD_SIZET_OVERFLOW(&tree_len, sizeof(git_tree_entry), filename_len) ||
- GIT_ADD_SIZET_OVERFLOW(&tree_len, tree_len, 1) ||
- !(entry = git__malloc(tree_len)))
+ if (!(entry = alloc_entry_base(pool, filename, filename_len)))
return NULL;
- memset(entry, 0x0, sizeof(git_tree_entry));
- memcpy(entry->filename, filename, filename_len);
- entry->filename[filename_len] = 0;
- entry->filename_len = filename_len;
+ entry->pooled = true;
return entry;
}
+static git_tree_entry *alloc_entry(const char *filename)
+{
+ return alloc_entry_base(NULL, filename, strlen(filename));
+}
+
struct tree_key_search {
const char *filename;
uint16_t filename_len;