diff options
author | Junio C Hamano <gitster@pobox.com> | 2016-10-11 14:21:03 -0700 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2016-10-11 14:21:03 -0700 |
commit | f7f0a87e0a27a1baaf782af7cec18fd23fdf35de (patch) | |
tree | 7985c724684b4224e762e788fdb8c85752d0e83a /streaming.c | |
parent | Merge branch 'rs/git-gui-use-modern-git-merge-syntax' into maint (diff) | |
parent | unpack_sha1_header(): detect malformed object header (diff) | |
download | tgif-f7f0a87e0a27a1baaf782af7cec18fd23fdf35de.tar.xz |
Merge branch 'jc/verify-loose-object-header' into maint
Codepaths that read from an on-disk loose object were too loose in
validating what they are reading is a proper object file and
sometimes read past the data they read from the disk, which has
been corrected. H/t to Gustavo Grieco for reporting.
* jc/verify-loose-object-header:
unpack_sha1_header(): detect malformed object header
streaming: make sure to notice corrupt object
Diffstat (limited to 'streaming.c')
-rw-r--r-- | streaming.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/streaming.c b/streaming.c index 811fcc24d2..90feec9db6 100644 --- a/streaming.c +++ b/streaming.c @@ -337,17 +337,17 @@ static open_method_decl(loose) st->u.loose.mapped = map_sha1_file(sha1, &st->u.loose.mapsize); if (!st->u.loose.mapped) return -1; - if (unpack_sha1_header(&st->z, - st->u.loose.mapped, - st->u.loose.mapsize, - st->u.loose.hdr, - sizeof(st->u.loose.hdr)) < 0) { + if ((unpack_sha1_header(&st->z, + st->u.loose.mapped, + st->u.loose.mapsize, + st->u.loose.hdr, + sizeof(st->u.loose.hdr)) < 0) || + (parse_sha1_header(st->u.loose.hdr, &st->size) < 0)) { git_inflate_end(&st->z); munmap(st->u.loose.mapped, st->u.loose.mapsize); return -1; } - parse_sha1_header(st->u.loose.hdr, &st->size); st->u.loose.hdr_used = strlen(st->u.loose.hdr) + 1; st->u.loose.hdr_avail = st->z.total_out; st->z_state = z_used; |