diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2007-04-09 21:13:58 -0700 |
---|---|---|
committer | Junio C Hamano <junkio@cox.net> | 2007-04-09 22:30:05 -0700 |
commit | 5d5cea67af386cfd53428f1eb404841eca8e9062 (patch) | |
tree | f7bc8cf645fe62bd0fc24ff77e4c1fe9fb50bf46 | |
parent | 844c11ae259bd33b971b9ca389b3f9619427e9a8 (diff) | |
download | git-5d5cea67af386cfd53428f1eb404841eca8e9062.tar.gz git-5d5cea67af386cfd53428f1eb404841eca8e9062.tar.xz |
Avoid overflowing name buffer in deep directory structures
This just makes sure that when we do a read_directory(), we check
that the filename fits in the buffer we allocated (with a bit of
slop)
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Junio C Hamano <junkio@cox.net>
-rw-r--r-- | dir.c | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -353,6 +353,9 @@ static int read_directory_recursive(struct dir_struct *dir, const char *path, co !strcmp(de->d_name + 1, "git"))) continue; len = strlen(de->d_name); + /* Ignore overly long pathnames! */ + if (len + baselen + 8 > sizeof(fullname)) + continue; memcpy(fullname + baselen, de->d_name, len+1); if (simplify_away(fullname, baselen + len, simplify)) continue; |