When merging two commit graphs, ensure that we don't attempt to merge
two graphs which, when combined, have more total commits than the 32-bit
unsigned maximum.
Signed-off-by: Taylor Blau <me@xxxxxxxxxxxx>
---
commit-graph.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/commit-graph.c b/commit-graph.c
index 8010e0763e..c679d1d633 100644
--- a/commit-graph.c
+++ b/commit-graph.c
@@ -2178,6 +2178,11 @@ static void merge_commit_graph(struct write_commit_graph_context *ctx,
uint32_t i;
uint32_t offset = g->num_commits_in_base;
+ if (unsigned_add_overflows(ctx->commits.nr, g->num_commits))
+ die(_("cannot merge graph %s, too many commits: %"PRIuMAX),
+ oid_to_hex(&g->oid),
+ (uintmax_t)st_add(ctx->commits.nr, g->num_commits));
+
ALLOC_GROW(ctx->commits.list, ctx->commits.nr + g->num_commits, ctx->commits.alloc);
for (i = 0; i < g->num_commits; i++) {
--
2.41.0.347.g7b976b8871f
