aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeff King <peff@peff.net>2014-07-24 00:43:23 -0400
committerJunio C Hamano <gitster@pobox.com>2014-07-24 13:57:50 -0700
commit31bb6d37f992128eca3707d4f58ec61425742e81 (patch)
treeda51f74412cb4b7134de71c6d44f1dddb7843f34
parent649409b7bccdcd6d6e5273b2b7340cea05f77736 (diff)
downloadgit-31bb6d37f992128eca3707d4f58ec61425742e81.tar.gz
git-31bb6d37f992128eca3707d4f58ec61425742e81.tar.xz
apply: avoid possible bogus pointer
When parsing "index" lines from a git-diff, we look for a space followed by the mode. If we don't have a space, then we set our pointer to the end-of-line. However, we don't double-check that our end-of-line pointer is valid (e.g., if we got a truncated diff input), which could lead to some wrap-around pointer arithmetic. In most cases this would probably get caught by our "40 < len" check later in the function, but to be on the safe side, let's just use strchrnul to treat end-of-string the same as end-of-line. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
-rw-r--r--builtin/apply.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/builtin/apply.c b/builtin/apply.c
index 87439fad1..5b7a3066a 100644
--- a/builtin/apply.c
+++ b/builtin/apply.c
@@ -1073,7 +1073,7 @@ static int gitdiff_index(const char *line, struct patch *patch)
line = ptr + 2;
ptr = strchr(line, ' ');
- eol = strchr(line, '\n');
+ eol = strchrnul(line, '\n');
if (!ptr || eol < ptr)
ptr = eol;