Unverified Commit 2054fe50 by Patrick Steinhardt Committed by GitHub

Merge pull request #4781 from nelhage/multiline-loop

config: convert unbounded recursion into a loop
parents db0c6648 a03113e8
...@@ -317,48 +317,43 @@ static int parse_multiline_variable(git_config_parser *reader, git_buf *value, i ...@@ -317,48 +317,43 @@ static int parse_multiline_variable(git_config_parser *reader, git_buf *value, i
{ {
char *line = NULL, *proc_line = NULL; char *line = NULL, *proc_line = NULL;
int quote_count; int quote_count;
bool multiline; bool multiline = true;
/* Check that the next line exists */ while (multiline) {
git_parse_advance_line(&reader->ctx); /* Check that the next line exists */
line = git__strndup(reader->ctx.line, reader->ctx.line_len); git_parse_advance_line(&reader->ctx);
if (line == NULL) line = git__strndup(reader->ctx.line, reader->ctx.line_len);
return -1; if (line == NULL)
return -1;
/* We've reached the end of the file, there is no continuation. /* We've reached the end of the file, there is no continuation.
* (this is not an error). * (this is not an error).
*/ */
if (line[0] == '\0') { if (line[0] == '\0') {
git__free(line); git__free(line);
return 0; return 0;
} }
quote_count = strip_comments(line, !!in_quotes);
/* If it was just a comment, pretend it didn't exist */ quote_count = strip_comments(line, !!in_quotes);
if (line[0] == '\0') {
git__free(line);
return parse_multiline_variable(reader, value, quote_count);
/* TODO: unbounded recursion. This **could** be exploitable */
}
if (unescape_line(&proc_line, &multiline, line, in_quotes) < 0) { /* If it was just a comment, pretend it didn't exist */
git__free(line); if (line[0] == '\0') {
return -1; in_quotes = quote_count;
} continue;
/* add this line to the multiline var */ }
git_buf_puts(value, proc_line); if (unescape_line(&proc_line, &multiline, line, in_quotes) < 0) {
git__free(line); git__free(line);
git__free(proc_line); return -1;
}
/* add this line to the multiline var */
/* git_buf_puts(value, proc_line);
* If we need to continue reading the next line, let's just git__free(line);
* keep putting stuff in the buffer git__free(proc_line);
*/
if (multiline)
return parse_multiline_variable(reader, value, quote_count);
in_quotes = quote_count;
}
return 0; return 0;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment