Merge branch 'jk/pack-idx-corruption-safety'

The code to read the pack data using the offsets stored in the pack idx file has been made more carefully check the validity of the data in the idx. * jk/pack-idx-corruption-safety: sha1_file.c: mark strings for translation use_pack: handle signed off_t overflow nth_packed_object_offset: bounds-check extended offset t5313: test bounds-checks of corrupted/malicious pack/idx files
author: Junio C Hamano <gitster@pobox.com> 2016-03-04 13:45:46 -0800
committer: Junio C Hamano <gitster@pobox.com> 2016-03-04 13:45:47 -0800
commit: 090de6b289ff2d9fc1c82ef85069bd6cba296d63 (patch)
tree: 3b609b0a9989a67abcc8449f80e6626d48f73509 /builtin/index-pack.c
parent: bc0ffd41b92c8539fc7dbe27f256d8bae6b28d05 (diff)
parent: 7465feba513a8bd3d47f27630ccc9ab7e82d916c (diff)
download: git-090de6b289ff2d9fc1c82ef85069bd6cba296d63.tar.gz
git-090de6b289ff2d9fc1c82ef85069bd6cba296d63.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/builtin/index-pack.c b/builtin/index-pack.c
index 193908a61..45245199a 100644
--- a/builtin/index-pack.c
+++ b/builtin/index-pack.c
@@ -1514,6 +1514,7 @@ static void read_v2_anomalous_offsets(struct packed_git *p,
 		if (!(off & 0x80000000))
 			continue;
 		off = off & 0x7fffffff;
+		check_pack_index_ptr(p, &idx2[off * 2]);
 		if (idx2[off * 2])
 			continue;
 		/*
author	Junio C Hamano <gitster@pobox.com>	2016-03-04 13:45:46 -0800
committer	Junio C Hamano <gitster@pobox.com>	2016-03-04 13:45:47 -0800
commit	090de6b289ff2d9fc1c82ef85069bd6cba296d63 (patch)
tree	3b609b0a9989a67abcc8449f80e6626d48f73509 /builtin/index-pack.c
parent	bc0ffd41b92c8539fc7dbe27f256d8bae6b28d05 (diff)
parent	7465feba513a8bd3d47f27630ccc9ab7e82d916c (diff)
download	git-090de6b289ff2d9fc1c82ef85069bd6cba296d63.tar.gz git-090de6b289ff2d9fc1c82ef85069bd6cba296d63.tar.xz