aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVegard Nossum <vegard.nossum@oracle.com>2017-03-05 06:44:46 -0500
committerJunio C Hamano <gitster@pobox.com>2017-03-06 12:01:02 -0800
commit07f546cda5d818780821a371f011eb253646ddc3 (patch)
tree2619b0a6e9a6724c3b45e53621396c3b6c70833c
parentc3808ca6982b0ad7ee9b87eca9b50b9a24ec08b0 (diff)
downloadgit-07f546cda5d818780821a371f011eb253646ddc3.tar.gz
git-07f546cda5d818780821a371f011eb253646ddc3.tar.xz
line-log: use COPY_ARRAY to fix mis-sized memcpy
This memcpy meant to get the sizeof a "struct range", not a "range_set", as the former is what our array holds. Rather than swap out the types, let's convert this site to COPY_ARRAY, which avoids the problem entirely (and confirms that the src and dst types match). Note for curiosity's sake that this bug doesn't trigger on I32LP64 systems, but does on ILP32 systems. The mistaken "struct range_set" has two ints and a pointer. That's 16 bytes on LP64, or 12 on ILP32. The correct "struct range" type has two longs, which is also 16 on LP64, but only 8 on ILP32. Likewise an IL32P64 system would experience the bug. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
-rw-r--r--line-log.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/line-log.c b/line-log.c
index 916e72487..df83ede12 100644
--- a/line-log.c
+++ b/line-log.c
@@ -43,9 +43,10 @@ void range_set_release(struct range_set *rs)
static void range_set_copy(struct range_set *dst, struct range_set *src)
{
range_set_init(dst, src->nr);
- memcpy(dst->ranges, src->ranges, src->nr*sizeof(struct range_set));
+ COPY_ARRAY(dst->ranges, src->ranges, src->nr);
dst->nr = src->nr;
}
+
static void range_set_move(struct range_set *dst, struct range_set *src)
{
range_set_release(dst);