diff options
author | Junio C Hamano <gitster@pobox.com> | 2007-09-05 21:58:40 -0700 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2007-09-05 21:58:40 -0700 |
commit | 6b763c424e4ace1678ade5310f3ca3ffbd11af2c (patch) | |
tree | 9d2f03dd6ec094653b82ea06e3f3ad7228ca7f42 /t | |
parent | GIT 1.5.3.1: obsolete git-p4 in RPM spec file. (diff) | |
download | tgif-6b763c424e4ace1678ade5310f3ca3ffbd11af2c.tar.xz |
git-apply: do not read past the end of buffer
When the preimage we are patching is shorter than what the patch
text expects, we tried to match the buffer contents at the
"original" line with the fragment in full, without checking we
have enough data to match in the preimage. This caused the size
of a later memmove() to wrap around and attempt to scribble
almost the entire address space. Not good.
The code that follows the part this patch touches tries to match
the fragment with line offsets. Curiously, that code does not
have the problem --- it guards against reading past the end of
the preimage.
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 't')
-rwxr-xr-x | t/t4123-apply-shrink.sh | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/t/t4123-apply-shrink.sh b/t/t4123-apply-shrink.sh new file mode 100755 index 0000000000..984157f03b --- /dev/null +++ b/t/t4123-apply-shrink.sh @@ -0,0 +1,58 @@ +#!/bin/sh + +test_description='apply a patch that is larger than the preimage' + +. ./test-lib.sh + +cat >F <<\EOF +1 +2 +3 +4 +5 +6 +7 +8 +999999 +A +B +C +D +E +F +G +H +I +J + +EOF + +test_expect_success setup ' + + git add F && + mv F G && + sed -e "s/1/11/" -e "s/999999/9/" -e "s/H/HH/" <G >F && + git diff >patch && + sed -e "/^\$/d" <G >F && + git add F + +' + +test_expect_success 'apply should fail gracefully' ' + + if git apply --index patch + then + echo Oops, should not have succeeded + false + else + status=$? + echo "Status was $status" + if test -f .git/index.lock + then + echo Oops, should not have crashed + false + fi + fi +' + +test_done |