aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRomain Francoise <romain@orebokech.com>2012-10-28 00:49:55 +0200
committerJeff King <peff@peff.net>2012-10-28 07:50:18 -0400
commit3174bc5ccfea34717a8dac2175c1951239a4985d (patch)
tree401f10be8b7f4bf84dc9ed7c46774fb4f0fbd650
parent7e2010537e96d0a1144520222f20ba1dc3d61441 (diff)
downloadgit-3174bc5ccfea34717a8dac2175c1951239a4985d.tar.gz
git-3174bc5ccfea34717a8dac2175c1951239a4985d.tar.xz
mailmap: avoid out-of-bounds memory access
AddressSanitizer (http://clang.llvm.org/docs/AddressSanitizer.html) complains of a one-byte buffer underflow in parse_name_and_email() while running the test suite. And indeed, if one of the lines in the mailmap begins with '<', we dereference the address just before the beginning of the buffer when looking for whitespace to remove, before checking that we aren't going too far. So reverse the order of the tests to make sure that we don't read outside the buffer. Signed-off-by: Romain Francoise <romain@orebokech.com> Signed-off-by: Jeff King <peff@peff.net>
-rw-r--r--mailmap.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/mailmap.c b/mailmap.c
index 47aa41924..ea4b471ed 100644
--- a/mailmap.c
+++ b/mailmap.c
@@ -118,7 +118,7 @@ static char *parse_name_and_email(char *buffer, char **name,
while (isspace(*nstart) && nstart < left)
++nstart;
nend = left-1;
- while (isspace(*nend) && nend > nstart)
+ while (nend > nstart && isspace(*nend))
--nend;
*name = (nstart < nend ? nstart : NULL);