Commit 2b32806b by Patrick Steinhardt

commit_list: avoid use of strtol64 without length limit

When quick-parsing a commit, we use `git__strtol64` to parse the
commit's time. The buffer that's passed to `commit_quick_parse` is the
raw data of an ODB object, though, whose data may not be properly
formatted and also does not have to be `NUL` terminated. This may lead
to out-of-bound reads.

Use `git__strntol64` to avoid this problem.

(cherry picked from commit 1a3fa1f5)
parent 53b4c4ae
...@@ -171,7 +171,9 @@ static int commit_quick_parse( ...@@ -171,7 +171,9 @@ static int commit_quick_parse(
buffer--; buffer--;
} }
if ((buffer == committer_start) || (git__strtol64(&commit_time, (char *)(buffer + 1), NULL, 10) < 0)) if ((buffer == committer_start) ||
(git__strntol64(&commit_time, (char *)(buffer + 1),
buffer_end - buffer + 1, NULL, 10) < 0))
return commit_error(commit, "cannot parse commit time"); return commit_error(commit, "cannot parse commit time");
commit->time = commit_time; commit->time = commit_time;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment