aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2007-04-09 21:13:58 -0700
committerJunio C Hamano <junkio@cox.net>2007-04-09 22:30:05 -0700
commit5d5cea67af386cfd53428f1eb404841eca8e9062 (patch)
treef7bc8cf645fe62bd0fc24ff77e4c1fe9fb50bf46
parent844c11ae259bd33b971b9ca389b3f9619427e9a8 (diff)
downloadgit-5d5cea67af386cfd53428f1eb404841eca8e9062.tar.gz
git-5d5cea67af386cfd53428f1eb404841eca8e9062.tar.xz
Avoid overflowing name buffer in deep directory structures
This just makes sure that when we do a read_directory(), we check that the filename fits in the buffer we allocated (with a bit of slop) Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Junio C Hamano <junkio@cox.net>
-rw-r--r--dir.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/dir.c b/dir.c
index 7426fde33..4f5a2241e 100644
--- a/dir.c
+++ b/dir.c
@@ -353,6 +353,9 @@ static int read_directory_recursive(struct dir_struct *dir, const char *path, co
!strcmp(de->d_name + 1, "git")))
continue;
len = strlen(de->d_name);
+ /* Ignore overly long pathnames! */
+ if (len + baselen + 8 > sizeof(fullname))
+ continue;
memcpy(fullname + baselen, de->d_name, len+1);
if (simplify_away(fullname, baselen + len, simplify))
continue;