-
Show log
Commit
-
Hash : 61165dd4
Author :
Date : 2018-10-18T11:43:30
tree-cache: avoid out-of-bound reads when parsing trees We use the `git__strtol32` function to parse the child and entry count of treecaches from the index, which do not accept a buffer length. As the buffer that is being passed in is untrusted data and may thus be malformed and may not contain a terminating `NUL` byte, we can overrun the buffer and thus perform an out-of-bounds read. Fix the issue by uzing `git__strntol32` instead. (cherry picked from commit 21652ee9de439e042cc2e69b208aa2ef8ce31147)
-
Files
- CMakeLists.txt
- annotated_commit.c
- annotated_commit.h
- apply.c
- apply.h
- array.h
- attr.c
- attr.h
- attr_file.c
- attr_file.h
- attrcache.c
- attrcache.h
- bitvec.h
- blame.c
- blame.h
- blame_git.c
- blame_git.h
- blob.c
- blob.h
- branch.c
- branch.h
- buf_text.c
- buf_text.h
- buffer.c
- buffer.h
- cache.c
- cache.h
- cc-compat.h
- checkout.c
- checkout.h
- cherrypick.c
- clone.c
- clone.h
- commit.c
- commit.h
- commit_list.c
- commit_list.h
- common.h
- config.c
- config.h
- config_cache.c
- config_file.c
- config_file.h
- config_parse.c
- config_parse.h
- crlf.c
- date.c
- delta.c
- delta.h
- describe.c
- diff.c
- diff.h
- diff_driver.c
- diff_driver.h
- diff_file.c
- diff_file.h
- diff_generate.c
- diff_generate.h
- diff_parse.c
- diff_parse.h
- diff_print.c
- diff_stats.c
- diff_tform.c
- diff_tform.h
- diff_xdiff.c
- diff_xdiff.h
- errors.c
- features.h.in
- fetch.c
- fetch.h
- fetchhead.c
- fetchhead.h
- filebuf.c
- filebuf.h
- fileops.c
- fileops.h
- filter.c
- filter.h
- fnmatch.c
- fnmatch.h
- global.c
- global.h
- graph.c
- hash.c
- hash.h
- hash/
- hashsig.c
- ident.c
- idxmap.c
- idxmap.h
- ignore.c
- ignore.h
- index.c
- index.h
- indexer.c
- indexer.h
- integer.h
- iterator.c
- iterator.h
- khash.h
- map.h
- merge.c
- merge.h
- merge_driver.c
- merge_driver.h
- merge_file.c
- message.c
- message.h
- mwindow.c
- mwindow.h
- netops.c
- netops.h
- notes.c
- notes.h
- object.c
- object.h
- object_api.c
- odb.c
- odb.h
- odb_loose.c
- odb_mempack.c
- odb_pack.c
- offmap.c
- offmap.h
- oid.c
- oid.h
- oidarray.c
- oidarray.h
- oidmap.c
- oidmap.h
- pack-objects.c
- pack-objects.h
- pack.c
- pack.h
- parse.c
- parse.h
- patch.c
- patch.h
- patch_generate.c
- patch_generate.h
- patch_parse.c
- patch_parse.h
- path.c
- path.h
- pathspec.c
- pathspec.h
- pool.c
- pool.h
- posix.c
- posix.h
- pqueue.c
- pqueue.h
- proxy.c
- proxy.h
- push.c
- push.h
- rebase.c
- refdb.c
- refdb.h
- refdb_fs.c
- refdb_fs.h
- reflog.c
- reflog.h
- refs.c
- refs.h
- refspec.c
- refspec.h
- remote.c
- remote.h
- repo_template.h
- repository.c
- repository.h
- reset.c
- revert.c
- revparse.c
- revwalk.c
- revwalk.h
- settings.c
- sha1_lookup.c
- sha1_lookup.h
- signature.c
- signature.h
- sortedcache.c
- sortedcache.h
- stash.c
- status.c
- status.h
- stream.h
- streams/
- strmap.c
- strmap.h
- strnlen.h
- submodule.c
- submodule.h
- sysdir.c
- sysdir.h
- tag.c
- tag.h
- thread-utils.c
- thread-utils.h
- trace.c
- trace.h
- trailer.c
- transaction.c
- transaction.h
- transport.c
- transports/
- tree-cache.c
- tree-cache.h
- tree.c
- tree.h
- tsort.c
- unix/
- userdiff.h
- util.c
- util.h
- varint.c
- varint.h
- vector.c
- vector.h
- win32/
- worktree.c
- worktree.h
- xdiff/
- zstream.c
- zstream.h
-
Properties
-
Git HTTP https://git.kmx.io/thodg/libgit2.git Git SSH git@git.kmx.io:thodg/libgit2.git Public access ? public Description Users
Tags - v1.5.0
- v1.4.4
- v1.4.3
- v1.4.2
- v1.4.1
- v1.4.0
- v1.3.2
- v1.3.1
- v1.3.0
- v1.2.0
- v1.1.1
- v1.1.0
- v1.0.1
- v1.0.0
- v0.99.0
- v0.8.0
- v0.3.0
- v0.28.5
- v0.28.4
- v0.28.3
- v0.28.2
- v0.28.1
- v0.28.0-rc1
- v0.28.0
- v0.27.9
- v0.27.8
- v0.27.7
- v0.27.6
- v0.27.5
- v0.27.4
- v0.27.3
- v0.27.2
- v0.27.10
- v0.27.1
- v0.27.0-rc3
- v0.27.0-rc2
- v0.27.0-rc1
- v0.27.0
- v0.26.8
- v0.26.7
- v0.26.6
- v0.26.5
- v0.26.4
- v0.26.3
- v0.26.2
- v0.26.1
- v0.26.0-rc2
- v0.26.0-rc1
- v0.26.0
- v0.25.1
- v0.25.0-rc2
- v0.25.0-rc1
- v0.25.0
- v0.24.6
- v0.24.5
- v0.24.4
- v0.24.3
- v0.24.2
- v0.24.1
- v0.24.0-rc1
- v0.24.0
- v0.23.4
- v0.23.3
- v0.23.2
- v0.23.1
- v0.23.0-rc2
- v0.23.0-rc1
- v0.23.0
- v0.22.3
- v0.22.2
- v0.22.1
- v0.22.0-rc2
- v0.22.0-rc1
- v0.22.0
- v0.21.5
- v0.21.4
- v0.21.3
- v0.21.2
- v0.21.1
- v0.21.0-rc2
- v0.21.0-rc1
- v0.21.0
- v0.20.0
- v0.2.0
- v0.19.0
- v0.18.0
- v0.17.0
- v0.16.0
- v0.15.0
- v0.14.0
- v0.13.0
- v0.12.0
- v0.11.0
- v0.10.0
- v0.1.0