diff options
| author | Edward Thomson <ethomson@edwardthomson.com> | 2019-05-20 06:38:51 -0700 |
|---|---|---|
| committer | Edward Thomson <ethomson@edwardthomson.com> | 2019-06-24 15:00:40 +0100 |
| commit | b205f5386aafd9236d13ecf124044fa89a3fd349 (patch) | |
| tree | a7fce9bcc64fa696f09690b0327ab6638adb0a07 | |
| parent | 7e49deba90c96fed5779c0c6af2192070db11606 (diff) | |
| download | libgit2-b205f5386aafd9236d13ecf124044fa89a3fd349.tar.gz | |
iterator: sanity-check path length and safely cast
| -rw-r--r-- | src/iterator.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/iterator.c b/src/iterator.c index d00b8aa62..12b2822a0 100644 --- a/src/iterator.c +++ b/src/iterator.c @@ -1303,7 +1303,12 @@ static int filesystem_iterator_entry_init( sizeof(filesystem_iterator_entry), path_len); GIT_ERROR_CHECK_ALLOC_ADD(&entry_size, entry_size, 2); - entry = git_pool_malloc(&frame->entry_pool, entry_size); + if (entry_size > UINT32_MAX) { + git_error_set(GIT_ERROR_REPOSITORY, "file path too long"); + return -1; + } + + entry = git_pool_malloc(&frame->entry_pool, (uint32_t)entry_size); GIT_ERROR_CHECK_ALLOC(entry); entry->path_len = path_len; |