thodg/libgit2

Browse

Commit 78fae47878111dd9833345fa622bafb51e5d69b5

Carlos Martín Nieto 2011-06-06T14:19:47

pkt: make sure we really only read the length A pkt-line's length are described in its first four bytes in ASCII hex. Copy this substring to another string before feeding it to git__strtol32. Otherwise, it will read the whole hash. Signed-off-by: Carlos Martín Nieto <carlos@cmartin.tk> 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

diff --git a/src/pkt.c b/src/pkt.c
index bf460e5..782b885 100644
--- a/src/pkt.c
+++ b/src/pkt.c
@@ -61,14 +61,27 @@ int git_pkt_parse_line(git_pkt **head, const char *line, const char **out)
 {
 	int error = GIT_SUCCESS;
 	long int len;
+	const int num_len = 4;
+	char *num;
 	const char *num_end;
 	git_pkt *pkt;
 
-	error = git__strtol32(&len, line, &num_end, 16);
-	if (error < GIT_SUCCESS)
+	num = git__strndup(line, num_len);
+	if (num == NULL)
+		return GIT_ENOMEM;
+
+	error = git__strtol32(&len, num, &num_end, 16);
+	if (error < GIT_SUCCESS) {
+		free(num);
 		return error;
+	}
+	if (num_end - num != num_len) {
+		free(num);
+		return git__throw(GIT_EOBJCORRUPTED, "Wrong pkt length");
+	}
+	free(num);
 
-	line = num_end;
+	line += num_len;
 	/*
 	 * TODO: How do we deal with empty lines? Try again? with the next
 	 * line?
kmx.io     mail     discord kmxgit v0.4.0