diff options
| author | nulltoken <emeric.fermas@gmail.com> | 2011-01-20 19:51:34 +0100 |
|---|---|---|
| committer | Vicent Marti <tanoku@gmail.com> | 2011-01-20 13:03:49 -0800 |
| commit | e16c2f6a4cfff50907699d73daad2c10565ec686 (patch) | |
| tree | f940c4b8616494daf623de59a883e7353ecc6e31 /src/fileops.c | |
| parent | e08b246cecac9cb713de3429aed0ab9e5c37327d (diff) | |
| download | libgit2-e16c2f6a4cfff50907699d73daad2c10565ec686.tar.gz | |
Small enhancements to git_prettify_dir_path().
- Secured buffer ahead reading.
- Guard against potential multiple dot path traversal (cf http://cwe.mitre.org/data/definitions/33.html)
Diffstat (limited to 'src/fileops.c')
| -rw-r--r-- | src/fileops.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/fileops.c b/src/fileops.c index 1c480e727..5953f26f6 100644 --- a/src/fileops.c +++ b/src/fileops.c @@ -413,9 +413,13 @@ int git_prettify_dir_path(char *buffer_out, const char *path) current++; /* Handle the double-dot upward directory navigation */ - if (*current == '.') { + if (current < buffer_end && *current == '.') { current++; + /* Guard against potential multiple dot path traversal (cf http://cwe.mitre.org/data/definitions/33.html) */ + if (*current == '.') + return GIT_ERROR; + *buffer_out ='\0'; len = retrieve_previous_path_component_start(buffer_out_start); if (len < GIT_SUCCESS) @@ -424,7 +428,7 @@ int git_prettify_dir_path(char *buffer_out, const char *path) buffer_out = (char *)buffer_out_start + len; } - if (*current == '/') + if (current < buffer_end && *current == '/') current++; continue; |