Commit c146374ce8efb6585a507484bf8f90f2c27a51fb
2020-06-08T12:54:26
revparse: detect out-of-memory cases when parsing curly brace contents When extracting curly braces (e.g. the "upstream" part in "HEAD@{upstream}"), we put the curly braces' contents into a `git_buf` structure, but don't check the return value of `git_buf_putc`. So when we run out-of-memory, we'll use a partially filled buffer without noticing. Let's fix this issue by checking `git_buf_putc`'s return value.
diff --git a/src/revparse.c b/src/revparse.c
index c627de6..9b73d33 100644
--- a/src/revparse.c
+++ b/src/revparse.c
@@ -537,7 +537,8 @@ static int extract_curly_braces_content(git_buf *buf, const char *spec, size_t *
if (spec[*pos] == '\0')
return GIT_EINVALIDSPEC;
- git_buf_putc(buf, spec[(*pos)++]);
+ if (git_buf_putc(buf, spec[(*pos)++]) < 0)
+ return -1;
}
(*pos)++;