Commit 67606321850286a3a613541da555fd6642abaccd
2018-06-21T21:40:51
fix path length accounting in got_object_open_by_path()
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
diff --git a/lib/object.c b/lib/object.c
index 365f923..530f08f 100644
--- a/lib/object.c
+++ b/lib/object.c
@@ -1407,6 +1407,7 @@ got_object_open_by_path(struct got_object **obj, struct got_repository *repo,
struct got_tree_object *tree = NULL;
struct got_tree_entry *te = NULL;
char *seg, *s, *s0 = NULL;
+ size_t len = strlen(path);
*obj = NULL;
@@ -1435,18 +1436,20 @@ got_object_open_by_path(struct got_object **obj, struct got_repository *repo,
err = got_error_from_errno();
goto done;
}
- err = got_canonpath(path, s0, strlen(s0) + 1);
+ err = got_canonpath(path, s0, len + 1);
if (err)
goto done;
s = s0;
s++; /* skip leading '/' */
+ len--;
seg = s;
- while (*s) {
+ while (len > 0) {
struct got_tree_object *next_tree;
if (*s != '/') {
s++;
+ len--;
if (*s)
continue;
}
@@ -1460,8 +1463,12 @@ got_object_open_by_path(struct got_object **obj, struct got_repository *repo,
goto done;
}
+ if (len == 0)
+ break;
+
seg = s + 1;
s++;
+ len--;
if (*s) {
err = got_object_open_as_tree(&next_tree, repo,
te->id);