thodg/libgit2

Browse

Commit 89bd4ddb33aa04a7f89223a7f0fd4f8123a3463d

Edward Thomson 2019-01-21T11:32:53

diff_generate: validate oid file size Index entries are 32 bit unsigned ints, not `size_t`s. 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

diff --git a/src/diff_generate.c b/src/diff_generate.c
index 065cc72..5579dc2 100644
--- a/src/diff_generate.c
+++ b/src/diff_generate.c
@@ -564,14 +564,14 @@ int git_diff__oid_for_file(
 {
 	git_index_entry entry;
 
-	if (!git__is_sizet(size)) {
+	if (size < 0 || size > UINT32_MAX) {
 		git_error_set(GIT_ERROR_NOMEMORY, "file size overflow (for 32-bits) on '%s'", path);
 		return -1;
 	}
 
 	memset(&entry, 0, sizeof(entry));
 	entry.mode = mode;
-	entry.file_size = (size_t)size;
+	entry.file_size = (uint32_t)size;
 	entry.path = (char *)path;
 
 	return git_diff__oid_for_entry(out, diff, &entry, mode, NULL);
kmx.io     mail     discord kmxgit v0.4.0