We write the name of the pack filename into a fixed-size
buffer using snprintf(), but do not check the return value.
As a result, a very long object directory could cause us to
quietly truncate the pack filename (leading to a corrupted
repository, as the packfile would be missing its .pack
extension).
We can use odb_pack_name() to fix this (and make the code
simpler, too).
Signed-off-by: Jeff King <peff@xxxxxxxx>
---
builtin/index-pack.c | 10 +++-------
1 file changed, 3 insertions(+), 7 deletions(-)
diff --git a/builtin/index-pack.c b/builtin/index-pack.c
index 187c0550c..b6e7ac331 100644
--- a/builtin/index-pack.c
+++ b/builtin/index-pack.c
@@ -1384,13 +1384,9 @@ static void finalize_file(const char *final_name, const char *curr_name,
unsigned char *sha1, const char *ext)
{
if (final_name != curr_name) {
- char name[PATH_MAX];
- if (!final_name) {
- snprintf(name, sizeof(name), "%s/pack/pack-%s.%s",
- get_object_directory(), sha1_to_hex(sha1),
- ext);
- final_name = name;
- }
+ struct strbuf buf = STRBUF_INIT;
+ if (!final_name)
+ final_name = odb_pack_name(&buf, sha1, ext);
if (finalize_object_file(curr_name, final_name))
die(_("cannot store %s file"), ext);
} else if (from_stdin)
--
2.12.0.613.g6e7c52a0d