diff options
author | Edward Thomson <ethomson@microsoft.com> | 2015-02-11 11:20:05 -0500 |
---|---|---|
committer | Edward Thomson <ethomson@edwardthomson.com> | 2015-02-12 22:54:47 -0500 |
commit | ec3b4d35f636c26d3c9b5703c3b7f87683800af8 (patch) | |
tree | a1d4330c4efaa1b7097f64f4243224e0581a5b2e /src/pack-objects.c | |
parent | 2884cc42de8b20a58cec8488d014a853d47c047e (diff) | |
download | libgit2-ec3b4d35f636c26d3c9b5703c3b7f87683800af8.tar.gz |
Use `size_t` to hold size of arrays
Use `size_t` to hold the size of arrays to ease overflow checking,
lest we check for overflow of a `size_t` then promptly truncate
by packing the length into a smaller type.
Diffstat (limited to 'src/pack-objects.c')
-rw-r--r-- | src/pack-objects.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/pack-objects.c b/src/pack-objects.c index 288077078..9b56234b5 100644 --- a/src/pack-objects.c +++ b/src/pack-objects.c @@ -190,6 +190,7 @@ int git_packbuilder_insert(git_packbuilder *pb, const git_oid *oid, { git_pobject *po; khiter_t pos; + size_t newsize; int ret; assert(pb && oid); @@ -203,7 +204,14 @@ int git_packbuilder_insert(git_packbuilder *pb, const git_oid *oid, if (pb->nr_objects >= pb->nr_alloc) { GITERR_CHECK_ALLOC_ADD(pb->nr_alloc, 1024); GITERR_CHECK_ALLOC_MULTIPLY(pb->nr_alloc + 1024, 3 / 2); - pb->nr_alloc = (pb->nr_alloc + 1024) * 3 / 2; + newsize = (pb->nr_alloc + 1024) * 3 / 2; + + if (!git__is_uint32(newsize)) { + giterr_set(GITERR_NOMEMORY, "Packfile too large to fit in memory."); + return -1; + } + + pb->nr_alloc = (uint32_t)newsize; pb->object_list = git__reallocarray(pb->object_list, pb->nr_alloc, sizeof(*po)); |