The old code does not do boundary check so any paths longer than
PATH_MAX can cause buffer overflow. Replace it with strbuf to handle
paths of arbitrary length.
Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@xxxxxxxxx>
---
To get this topic going again. These two patches kill PATH_MAX in
entry.c and builtin/checkout-index.c
entry.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/entry.c b/entry.c
index acc892f..d955af5 100644
--- a/entry.c
+++ b/entry.c
@@ -237,16 +237,18 @@ static int check_path(const char *path, int len, struct stat *st, int skiplen)
int checkout_entry(struct cache_entry *ce,
const struct checkout *state, char *topath)
{
- static char path[PATH_MAX + 1];
+ static struct strbuf path_buf = STRBUF_INIT;
+ char *path;
struct stat st;
- int len = state->base_dir_len;
+ int len;
if (topath)
return write_entry(ce, topath, state, 1);
- memcpy(path, state->base_dir, len);
- strcpy(path + len, ce->name);
- len += ce_namelen(ce);
+ strbuf_reset(&path_buf);
+ strbuf_addf(&path_buf, "%.*s%s", state->base_dir_len, state->base_dir, ce->name);
+ path = path_buf.buf;
+ len = path_buf.len;
if (!check_path(path, len, &st, state->base_dir_len)) {
unsigned changed = ce_match_stat(ce, &st, CE_MATCH_IGNORE_VALID|CE_MATCH_IGNORE_SKIP_WORKTREE);
--
1.8.2.83.gc99314b
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html