Commit aae89534 by Edward Thomson Committed by GitHub

Merge pull request #3956 from pks-t/pks/object-parsing-hardening

Object parsing hardening
parents a7df4a91 a719ef5e
...@@ -459,10 +459,11 @@ int git_commit__parse(void *_commit, git_odb_object *odb_obj) ...@@ -459,10 +459,11 @@ int git_commit__parse(void *_commit, git_odb_object *odb_obj)
buffer = buffer_start + header_len + 1; buffer = buffer_start + header_len + 1;
/* extract commit message */ /* extract commit message */
if (buffer <= buffer_end) { if (buffer <= buffer_end)
commit->raw_message = git__strndup(buffer, buffer_end - buffer); commit->raw_message = git__strndup(buffer, buffer_end - buffer);
GITERR_CHECK_ALLOC(commit->raw_message); else
} commit->raw_message = git__strdup("");
GITERR_CHECK_ALLOC(commit->raw_message);
return 0; return 0;
......
...@@ -447,7 +447,12 @@ int git_tree__parse(void *_tree, git_odb_object *odb_obj) ...@@ -447,7 +447,12 @@ int git_tree__parse(void *_tree, git_odb_object *odb_obj)
if ((nul = memchr(buffer, 0, buffer_end - buffer)) == NULL) if ((nul = memchr(buffer, 0, buffer_end - buffer)) == NULL)
return tree_error("Failed to parse tree. Object is corrupted", NULL); return tree_error("Failed to parse tree. Object is corrupted", NULL);
filename_len = nul - buffer; if ((filename_len = nul - buffer) == 0)
return tree_error("Failed to parse tree. Can't parse filename", NULL);
if ((buffer_end - (nul + 1)) < GIT_OID_RAWSZ)
return tree_error("Failed to parse tree. Can't parse OID", NULL);
/* Allocate the entry */ /* Allocate the entry */
{ {
entry = git_array_alloc(tree->entries); entry = git_array_alloc(tree->entries);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment