Files · da0e03ce0298dd0fc409ac4abf06fbad0d20e60a · lvzhengyang / git2

index: avoid out-of-bounds read when reading reuc entry stage · da0e03ce

We use `git__strtol64` to parse file modes of the index entries, which
does not limit the parsed buffer length. As the index can be essentially
treated as "untrusted" in that the data stems from the file system, it
may be misformatted and may not contain terminating `NUL` bytes. This
may lead to out-of-bounds reads when trying to parse index entries with
such malformatted modes.

Fix the issue by using `git__strntol64` instead.

(cherry picked from commit 600ceadd)

committed Oct 26, 2018

da0e03ce

Name	Last commit	Last update
.github		Loading commit data...
ci		Loading commit data...
cmake/Modules		Loading commit data...
deps		Loading commit data...
docs		Loading commit data...
examples		Loading commit data...
include		Loading commit data...
script		Loading commit data...
src		Loading commit data...
tests		Loading commit data...
.HEADER		Loading commit data...
.editorconfig		Loading commit data...
.gitattributes		Loading commit data...
.gitignore		Loading commit data...
.mailmap		Loading commit data...
AUTHORS		Loading commit data...
CHANGELOG.md		Loading commit data...
CMakeLists.txt		Loading commit data...
CODE_OF_CONDUCT.md		Loading commit data...
CONTRIBUTING.md		Loading commit data...
CONVENTIONS.md		Loading commit data...
COPYING		Loading commit data...
PROJECTS.md		Loading commit data...
README.md		Loading commit data...
THREADING.md		Loading commit data...
api.docurium		Loading commit data...
azure-pipelines.yml		Loading commit data...
git.git-authors		Loading commit data...
libgit2.pc.in		Loading commit data...
libgit2_clar.supp		Loading commit data...

README.md