-
Show log
Commit
-
Hash : 600ceadd
Author :
Date : 2018-10-18T11:29:06
index: avoid out-of-bounds read when reading reuc entry stage We use `git__strtol64` to parse file modes of the index entries, which does not limit the parsed buffer length. As the index can be essentially treated as "untrusted" in that the data stems from the file system, it may be misformatted and may not contain terminating `NUL` bytes. This may lead to out-of-bounds reads when trying to parse index entries with such malformatted modes. Fix the issue by using `git__strntol64` instead.
-
Files
- CMakeLists.txt
- alloc.c
- alloc.h
- annotated_commit.c
- annotated_commit.h
- apply.c
- apply.h
- array.h
- attr.c
- attr.h
- attr_file.c
- attr_file.h
- attrcache.c
- attrcache.h
- bitvec.h
- blame.c
- blame.h
- blame_git.c
- blame_git.h
- blob.c
- blob.h
- branch.c
- branch.h
- buf_text.c
- buf_text.h
- buffer.c
- buffer.h
- cache.c
- cache.h
- cc-compat.h
- checkout.c
- checkout.h
- cherrypick.c
- clone.c
- clone.h
- commit.c
- commit.h
- commit_list.c
- commit_list.h
- common.h
- config.c
- config.h
- config_backend.h
- config_cache.c
- config_entries.c
- config_entries.h
- config_file.c
- config_mem.c
- config_parse.c
- config_parse.h
- crlf.c
- date.c
- delta.c
- delta.h
- describe.c
- diff.c
- diff.h
- diff_driver.c
- diff_driver.h
- diff_file.c
- diff_file.h
- diff_generate.c
- diff_generate.h
- diff_parse.c
- diff_parse.h
- diff_print.c
- diff_stats.c
- diff_tform.c
- diff_tform.h
- diff_xdiff.c
- diff_xdiff.h
- errors.c
- features.h.in
- fetch.c
- fetch.h
- fetchhead.c
- fetchhead.h
- filebuf.c
- filebuf.h
- fileops.c
- fileops.h
- filter.c
- filter.h
- fnmatch.c
- fnmatch.h
- global.c
- global.h
- graph.c
- hash.c
- hash.h
- hash/
- hashsig.c
- ident.c
- idxmap.c
- idxmap.h
- ignore.c
- ignore.h
- index.c
- index.h
- indexer.c
- indexer.h
- integer.h
- iterator.c
- iterator.h
- khash.h
- mailmap.c
- mailmap.h
- map.h
- merge.c
- merge.h
- merge_driver.c
- merge_driver.h
- merge_file.c
- message.c
- message.h
- mwindow.c
- mwindow.h
- netops.c
- netops.h
- notes.c
- notes.h
- object.c
- object.h
- object_api.c
- odb.c
- odb.h
- odb_loose.c
- odb_mempack.c
- odb_pack.c
- offmap.c
- offmap.h
- oid.c
- oid.h
- oidarray.c
- oidarray.h
- oidmap.c
- oidmap.h
- pack-objects.c
- pack-objects.h
- pack.c
- pack.h
- parse.c
- parse.h
- patch.c
- patch.h
- patch_generate.c
- patch_generate.h
- patch_parse.c
- patch_parse.h
- path.c
- path.h
- pathspec.c
- pathspec.h
- pool.c
- pool.h
- posix.c
- posix.h
- pqueue.c
- pqueue.h
- proxy.c
- proxy.h
- push.c
- push.h
- rebase.c
- refdb.c
- refdb.h
- refdb_fs.c
- refdb_fs.h
- reflog.c
- reflog.h
- refs.c
- refs.h
- refspec.c
- refspec.h
- remote.c
- remote.h
- repo_template.h
- repository.c
- repository.h
- reset.c
- revert.c
- revparse.c
- revwalk.c
- revwalk.h
- settings.c
- sha1_lookup.c
- sha1_lookup.h
- signature.c
- signature.h
- sortedcache.c
- sortedcache.h
- stash.c
- status.c
- status.h
- stdalloc.c
- stdalloc.h
- stream.h
- streams/
- strmap.c
- strmap.h
- strnlen.h
- submodule.c
- submodule.h
- sysdir.c
- sysdir.h
- tag.c
- tag.h
- thread-utils.c
- thread-utils.h
- trace.c
- trace.h
- trailer.c
- transaction.c
- transaction.h
- transport.c
- transports/
- tree-cache.c
- tree-cache.h
- tree.c
- tree.h
- tsort.c
- unix/
- userdiff.h
- util.c
- util.h
- varint.c
- varint.h
- vector.c
- vector.h
- win32/
- worktree.c
- worktree.h
- xdiff/
- zstream.c
- zstream.h
-
Properties
-
Git HTTP https://git.kmx.io/thodg/libgit2.git Git SSH git@git.kmx.io:thodg/libgit2.git Public access ? public Description Users
Tags - v1.5.0
- v1.4.4
- v1.4.3
- v1.4.2
- v1.4.1
- v1.4.0
- v1.3.2
- v1.3.1
- v1.3.0
- v1.2.0
- v1.1.1
- v1.1.0
- v1.0.1
- v1.0.0
- v0.99.0
- v0.8.0
- v0.3.0
- v0.28.5
- v0.28.4
- v0.28.3
- v0.28.2
- v0.28.1
- v0.28.0-rc1
- v0.28.0
- v0.27.9
- v0.27.8
- v0.27.7
- v0.27.6
- v0.27.5
- v0.27.4
- v0.27.3
- v0.27.2
- v0.27.10
- v0.27.1
- v0.27.0-rc3
- v0.27.0-rc2
- v0.27.0-rc1
- v0.27.0
- v0.26.8
- v0.26.7
- v0.26.6
- v0.26.5
- v0.26.4
- v0.26.3
- v0.26.2
- v0.26.1
- v0.26.0-rc2
- v0.26.0-rc1
- v0.26.0
- v0.25.1
- v0.25.0-rc2
- v0.25.0-rc1
- v0.25.0
- v0.24.6
- v0.24.5
- v0.24.4
- v0.24.3
- v0.24.2
- v0.24.1
- v0.24.0-rc1
- v0.24.0
- v0.23.4
- v0.23.3
- v0.23.2
- v0.23.1
- v0.23.0-rc2
- v0.23.0-rc1
- v0.23.0
- v0.22.3
- v0.22.2
- v0.22.1
- v0.22.0-rc2
- v0.22.0-rc1
- v0.22.0
- v0.21.5
- v0.21.4
- v0.21.3
- v0.21.2
- v0.21.1
- v0.21.0-rc2
- v0.21.0-rc1
- v0.21.0
- v0.20.0
- v0.2.0
- v0.19.0
- v0.18.0
- v0.17.0
- v0.16.0
- v0.15.0
- v0.14.0
- v0.13.0
- v0.12.0
- v0.11.0
- v0.10.0
- v0.1.0