From 70c49050d4a16a7e2990e4d3c91d9d12f62e631e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Scharfe?= Date: Sat, 24 Jun 2017 16:09:39 +0200 Subject: sha1_file: guard against invalid loose subdirectory numbers Loose object subdirectories have hexadecimal names based on the first byte of the hash of contained objects, thus their numerical representation can range from 0 (0x00) to 255 (0xff). Change the type of the corresponding variable in for_each_file_in_obj_subdir() and associated callback functions to unsigned int and add a range check. Suggested-by: Jeff King Signed-off-by: Rene Scharfe Signed-off-by: Junio C Hamano --- sha1_file.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'sha1_file.c') diff --git a/sha1_file.c b/sha1_file.c index 98ce85acf9..77050a3801 100644 --- a/sha1_file.c +++ b/sha1_file.c @@ -3735,7 +3735,7 @@ void assert_sha1_type(const unsigned char *sha1, enum object_type expect) typename(expect)); } -int for_each_file_in_obj_subdir(int subdir_nr, +int for_each_file_in_obj_subdir(unsigned int subdir_nr, struct strbuf *path, each_loose_object_fn obj_cb, each_loose_cruft_fn cruft_cb, @@ -3747,6 +3747,9 @@ int for_each_file_in_obj_subdir(int subdir_nr, struct dirent *de; int r = 0; + if (subdir_nr > 0xff) + BUG("invalid loose object subdirectory: %x", subdir_nr); + origlen = path->len; strbuf_complete(path, '/'); strbuf_addf(path, "%02x", subdir_nr); -- cgit v1.2.3