Each packet line in the Git protocol is prefixed by a four-byte length of how much data will follow, which we parse in `git_pkt_parse_line`. The transmitted length can either be equal to zero in case of a flush packet or has to be at least of length four, as it also includes the encoded length itself. Not checking this may result in a buffer overflow as we directly pass the length to functions which accept a `size_t` length as parameter. Fix the issue by verifying that non-flush packets have at least a length of `PKT_LEN_SIZE`.
Name |
Last commit
|
Last update |
---|---|---|
cmake/Modules | Loading commit data... | |
deps | Loading commit data... | |
docs | Loading commit data... | |
examples | Loading commit data... | |
include | Loading commit data... | |
script | Loading commit data... | |
src | Loading commit data... | |
tests | Loading commit data... | |
.HEADER | Loading commit data... | |
.editorconfig | Loading commit data... | |
.gitattributes | Loading commit data... | |
.gitignore | Loading commit data... | |
.mailmap | Loading commit data... | |
.travis.yml | Loading commit data... | |
AUTHORS | Loading commit data... | |
CHANGELOG.md | Loading commit data... | |
CMakeLists.txt | Loading commit data... | |
CODE_OF_CONDUCT.md | Loading commit data... | |
CONTRIBUTING.md | Loading commit data... | |
CONVENTIONS.md | Loading commit data... | |
COPYING | Loading commit data... | |
Makefile.embed | Loading commit data... | |
PROJECTS.md | Loading commit data... | |
README.md | Loading commit data... | |
THREADING.md | Loading commit data... | |
api.docurium | Loading commit data... | |
appveyor.yml | Loading commit data... | |
git.git-authors | Loading commit data... | |
libgit2.pc.in | Loading commit data... | |
libgit2_clar.supp | Loading commit data... |