diff options
author | Jeff King <peff@peff.net> | 2014-06-19 17:30:26 -0400 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2014-06-19 15:20:56 -0700 |
commit | 45bc131dd3e1eb6edd903957cf9d42f37ad02181 (patch) | |
tree | 85c02d938724708082007c69351a1f938bdc6766 /compat | |
parent | walker_fetch: fix minor memory leak (diff) | |
download | tgif-45bc131dd3e1eb6edd903957cf9d42f37ad02181.tar.xz |
unique_path: fix unlikely heap overflow
When merge-recursive creates a unique filename, it uses a
template like:
path~branch_%d
where the final "_%d" is filled by an incrementing counter
until we find a unique name. We allocate 8 characters for
the counter, but there is no logic to limit the size of the
integer.
Of course, this is extremely unlikely, as you would need a
hundred million collisions to trigger the problem. Even if
an attacker constructed a specialized repo, it is unlikely
that the victim would have the patience to run the merge.
However, we can make it trivially correct (and hopefully
more readable) by using a strbuf.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'compat')
0 files changed, 0 insertions, 0 deletions