From: Seija Kijin <doremylover123@xxxxxxxxx>
Check to make sure len is always less than MAX_PATH,
otherwise an overread will occur, which is
undefined behavior.
Signed-off-by: Seija Kijin <doremylover123@xxxxxxxxx>
---
win32: ensure len does not cause any overreads
Check to make sure len is always less than MAX_PATH, otherwise an
overread will occur, which is undefined behavior.
Signed-off-by: Seija Kijin doremylover123@xxxxxxxxx
Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-git-1404%2FAtariDreams%2Foverread-v1
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-git-1404/AtariDreams/overread-v1
Pull-Request: https://github.com/git/git/pull/1404
compat/win32/dirent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/compat/win32/dirent.c b/compat/win32/dirent.c
index 52420ec7d4d..0c1bdccdd58 100644
--- a/compat/win32/dirent.c
+++ b/compat/win32/dirent.c
@@ -27,7 +27,7 @@ DIR *opendir(const char *name)
DIR *dir;
/* convert name to UTF-16 and check length < MAX_PATH */
- if ((len = xutftowcs_path(pattern, name)) < 0)
+ if ((len = xutftowcs_path(pattern, name)) < 0 || len > MAX_PATH)
return NULL;
/* append optional '/' and wildcard '*' */
base-commit: 7c2ef319c52c4997256f5807564523dfd4acdfc7
--
gitgitgadget
