tree: validate filename and OID length when parsing object

When parsing tree entries from raw object data, we do not verify that the tree entry actually has a filename as well as a valid object ID. Fix this by asserting that the filename length is non-zero as well as asserting that there are at least `GIT_OID_RAWSZ` bytes left when parsing the OID.
author: Patrick Steinhardt <ps@pks.im> 2016-10-07 09:18:55 +0200
committer: Carlos Martín Nieto <cmn@dwim.me> 2016-11-03 09:20:55 +0100
commit: dfc2c713433b3a932e4d8b648738e3b63086baec (patch)
tree: cf4e384db19634556598621959bcde0490ff4059
parent: 8e268168ecfdcc8efe36b58b514d1b93ea3f47f8 (diff)
download: libgit2-dfc2c713433b3a932e4d8b648738e3b63086baec.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/src/tree.c b/src/tree.c
index 3874e45f4..7cc415a09 100644
--- a/src/tree.c
+++ b/src/tree.c
@@ -447,7 +447,12 @@ int git_tree__parse(void *_tree, git_odb_object *odb_obj)
 		if ((nul = memchr(buffer, 0, buffer_end - buffer)) == NULL)
 			return tree_error("Failed to parse tree. Object is corrupted", NULL);
 
-		filename_len = nul - buffer;
+		if ((filename_len = nul - buffer) == 0)
+			return tree_error("Failed to parse tree. Can't parse filename", NULL);
+
+		if ((buffer_end - (nul + 1)) < GIT_OID_RAWSZ)
+			return tree_error("Failed to parse tree. Can't parse OID", NULL);
+
 		/* Allocate the entry */
 		{
 			entry = git_array_alloc(tree->entries);
author	Patrick Steinhardt <ps@pks.im>	2016-10-07 09:18:55 +0200
committer	Carlos Martín Nieto <cmn@dwim.me>	2016-11-03 09:20:55 +0100
commit	dfc2c713433b3a932e4d8b648738e3b63086baec (patch)
tree	cf4e384db19634556598621959bcde0490ff4059
parent	8e268168ecfdcc8efe36b58b514d1b93ea3f47f8 (diff)
download	libgit2-dfc2c713433b3a932e4d8b648738e3b63086baec.tar.gz