-
Show log
Commit
-
Hash : f647bbc8
Author :
Date : 2018-10-29T17:25:09
tree: fix mode parsing reading out-of-bounds When parsing a tree entry's mode, we will eagerly parse until we hit a character that is not in the accepted set of octal digits '0' - '7'. If the provided buffer is not a NUL terminated one, we may thus read out-of-bounds. Fix the issue by passing the buffer length to `parse_mode` and paying attention to it. Note that this is not a vulnerability in our usual code paths, as all object data read from the ODB is NUL terminated.
-
Files
- CMakeLists.txt
- README.md
- apply/
- attr/
- blame/
- buf/
- checkout/
- cherrypick/
- clar.c
- clar.h
- clar/
- clar_libgit2.c
- clar_libgit2.h
- clar_libgit2_timer.c
- clar_libgit2_timer.h
- clar_libgit2_trace.c
- clar_libgit2_trace.h
- clone/
- commit/
- config/
- core/
- date/
- delta/
- describe/
- diff/
- fetchhead/
- filter/
- generate.py
- graph/
- index/
- iterator/
- mailmap/
- main.c
- merge/
- message/
- network/
- notes/
- object/
- odb/
- online/
- pack/
- patch/
- path/
- perf/
- precompiled.c
- precompiled.h
- rebase/
- refs/
- remote/
- repo/
- reset/
- resources/
- revert/
- revwalk/
- stash/
- status/
- stress/
- submodule/
- threads/
- trace/
- transport/
- transports/
- valgrind-supp-mac.txt
- win32/
- worktree/
-
Properties
-
Git HTTP https://git.kmx.io/thodg/libgit2.git Git SSH git@git.kmx.io:thodg/libgit2.git Public access ? public Description Users
Tags - v1.5.0
- v1.4.4
- v1.4.3
- v1.4.2
- v1.4.1
- v1.4.0
- v1.3.2
- v1.3.1
- v1.3.0
- v1.2.0
- v1.1.1
- v1.1.0
- v1.0.1
- v1.0.0
- v0.99.0
- v0.8.0
- v0.3.0
- v0.28.5
- v0.28.4
- v0.28.3
- v0.28.2
- v0.28.1
- v0.28.0-rc1
- v0.28.0
- v0.27.9
- v0.27.8
- v0.27.7
- v0.27.6
- v0.27.5
- v0.27.4
- v0.27.3
- v0.27.2
- v0.27.10
- v0.27.1
- v0.27.0-rc3
- v0.27.0-rc2
- v0.27.0-rc1
- v0.27.0
- v0.26.8
- v0.26.7
- v0.26.6
- v0.26.5
- v0.26.4
- v0.26.3
- v0.26.2
- v0.26.1
- v0.26.0-rc2
- v0.26.0-rc1
- v0.26.0
- v0.25.1
- v0.25.0-rc2
- v0.25.0-rc1
- v0.25.0
- v0.24.6
- v0.24.5
- v0.24.4
- v0.24.3
- v0.24.2
- v0.24.1
- v0.24.0-rc1
- v0.24.0
- v0.23.4
- v0.23.3
- v0.23.2
- v0.23.1
- v0.23.0-rc2
- v0.23.0-rc1
- v0.23.0
- v0.22.3
- v0.22.2
- v0.22.1
- v0.22.0-rc2
- v0.22.0-rc1
- v0.22.0
- v0.21.5
- v0.21.4
- v0.21.3
- v0.21.2
- v0.21.1
- v0.21.0-rc2
- v0.21.0-rc1
- v0.21.0
- v0.20.0
- v0.2.0
- v0.19.0
- v0.18.0
- v0.17.0
- v0.16.0
- v0.15.0
- v0.14.0
- v0.13.0
- v0.12.0
- v0.11.0
- v0.10.0
- v0.1.0
-
README.md
-
Writing Clar tests for libgit2
For information on the Clar testing framework and a detailed introduction please visit:
-
Write your modules and tests. Use good, meaningful names.
-
Make sure you actually build the tests by setting:
cmake -DBUILD_CLAR=ON build/ -
Test:
./build/libgit2_clar -
Make sure everything is fine.
-
Send your pull request. That’s it.
-