-
Show log
Commit
-
Hash : 6ddd286e
Author :
Date : 2018-03-08T12:00:27
index: fix out-of-bounds read with invalid index entry prefix length The index format in version 4 has prefix-compressed entries, where every index entry can compress its path by using a path prefix of the previous entry. Since implmenting support for this index format version in commit 5625d86b9 (index: support index v4, 2016-05-17), though, we do not correctly verify that the prefix length that we want to reuse is actually smaller or equal to the amount of characters than the length of the previous index entry's path. This can lead to a an integer underflow and subsequently to an out-of-bounds read. Fix this by verifying that the prefix is actually smaller than the previous entry's path length. Reported-by: Krishna Ram Prakash R <krp@gtux.in> Reported-by: Vivek Parikh <viv0411.parikh@gmail.com>
-
Files
- annotated_commit.c
- annotated_commit.h
- apply.c
- apply.h
- array.h
- attr.c
- attr.h
- attr_file.c
- attr_file.h
- attrcache.c
- attrcache.h
- bitvec.h
- blame.c
- blame.h
- blame_git.c
- blame_git.h
- blob.c
- blob.h
- branch.c
- branch.h
- buf_text.c
- buf_text.h
- buffer.c
- buffer.h
- cache.c
- cache.h
- cc-compat.h
- checkout.c
- checkout.h
- cherrypick.c
- clone.c
- clone.h
- commit.c
- commit.h
- commit_list.c
- commit_list.h
- common.h
- config.c
- config.h
- config_cache.c
- config_file.c
- config_file.h
- crlf.c
- curl_stream.c
- curl_stream.h
- date.c
- delta.c
- delta.h
- describe.c
- diff.c
- diff.h
- diff_driver.c
- diff_driver.h
- diff_file.c
- diff_file.h
- diff_generate.c
- diff_generate.h
- diff_parse.c
- diff_parse.h
- diff_print.c
- diff_stats.c
- diff_tform.c
- diff_tform.h
- diff_xdiff.c
- diff_xdiff.h
- errors.c
- fetch.c
- fetch.h
- fetchhead.c
- fetchhead.h
- filebuf.c
- filebuf.h
- fileops.c
- fileops.h
- filter.c
- filter.h
- fnmatch.c
- fnmatch.h
- global.c
- global.h
- graph.c
- hash.c
- hash.h
- hash/
- hashsig.c
- ident.c
- idxmap.c
- idxmap.h
- ignore.c
- ignore.h
- index.c
- index.h
- indexer.c
- indexer.h
- integer.h
- iterator.c
- iterator.h
- khash.h
- map.h
- merge.c
- merge.h
- merge_driver.c
- merge_driver.h
- merge_file.c
- message.c
- message.h
- mwindow.c
- mwindow.h
- netops.c
- netops.h
- notes.c
- notes.h
- object.c
- object.h
- object_api.c
- odb.c
- odb.h
- odb_loose.c
- odb_mempack.c
- odb_pack.c
- offmap.c
- offmap.h
- oid.c
- oid.h
- oidarray.c
- oidarray.h
- oidmap.c
- oidmap.h
- openssl_stream.c
- openssl_stream.h
- pack-objects.c
- pack-objects.h
- pack.c
- pack.h
- patch.c
- patch.h
- patch_generate.c
- patch_generate.h
- patch_parse.c
- patch_parse.h
- path.c
- path.h
- pathspec.c
- pathspec.h
- pool.c
- pool.h
- posix.c
- posix.h
- pqueue.c
- pqueue.h
- proxy.c
- proxy.h
- push.c
- push.h
- rebase.c
- refdb.c
- refdb.h
- refdb_fs.c
- refdb_fs.h
- reflog.c
- reflog.h
- refs.c
- refs.h
- refspec.c
- refspec.h
- remote.c
- remote.h
- repo_template.h
- repository.c
- repository.h
- reset.c
- revert.c
- revparse.c
- revwalk.c
- revwalk.h
- settings.c
- sha1_lookup.c
- sha1_lookup.h
- signature.c
- signature.h
- socket_stream.c
- socket_stream.h
- sortedcache.c
- sortedcache.h
- stash.c
- status.c
- status.h
- stransport_stream.c
- stransport_stream.h
- stream.h
- strmap.c
- strmap.h
- strnlen.h
- submodule.c
- submodule.h
- sysdir.c
- sysdir.h
- tag.c
- tag.h
- thread-utils.c
- thread-utils.h
- tls_stream.c
- tls_stream.h
- trace.c
- trace.h
- transaction.c
- transaction.h
- transport.c
- transports/
- tree-cache.c
- tree-cache.h
- tree.c
- tree.h
- tsort.c
- unix/
- userdiff.h
- util.c
- util.h
- varint.c
- varint.h
- vector.c
- vector.h
- win32/
- worktree.c
- worktree.h
- xdiff/
- zstream.c
- zstream.h
-
Properties
-
Git HTTP https://git.kmx.io/thodg/libgit2.git Git SSH git@git.kmx.io:thodg/libgit2.git Public access ? public Description Users
Tags - v1.5.0
- v1.4.4
- v1.4.3
- v1.4.2
- v1.4.1
- v1.4.0
- v1.3.2
- v1.3.1
- v1.3.0
- v1.2.0
- v1.1.1
- v1.1.0
- v1.0.1
- v1.0.0
- v0.99.0
- v0.8.0
- v0.3.0
- v0.28.5
- v0.28.4
- v0.28.3
- v0.28.2
- v0.28.1
- v0.28.0-rc1
- v0.28.0
- v0.27.9
- v0.27.8
- v0.27.7
- v0.27.6
- v0.27.5
- v0.27.4
- v0.27.3
- v0.27.2
- v0.27.10
- v0.27.1
- v0.27.0-rc3
- v0.27.0-rc2
- v0.27.0-rc1
- v0.27.0
- v0.26.8
- v0.26.7
- v0.26.6
- v0.26.5
- v0.26.4
- v0.26.3
- v0.26.2
- v0.26.1
- v0.26.0-rc2
- v0.26.0-rc1
- v0.26.0
- v0.25.1
- v0.25.0-rc2
- v0.25.0-rc1
- v0.25.0
- v0.24.6
- v0.24.5
- v0.24.4
- v0.24.3
- v0.24.2
- v0.24.1
- v0.24.0-rc1
- v0.24.0
- v0.23.4
- v0.23.3
- v0.23.2
- v0.23.1
- v0.23.0-rc2
- v0.23.0-rc1
- v0.23.0
- v0.22.3
- v0.22.2
- v0.22.1
- v0.22.0-rc2
- v0.22.0-rc1
- v0.22.0
- v0.21.5
- v0.21.4
- v0.21.3
- v0.21.2
- v0.21.1
- v0.21.0-rc2
- v0.21.0-rc1
- v0.21.0
- v0.20.0
- v0.2.0
- v0.19.0
- v0.18.0
- v0.17.0
- v0.16.0
- v0.15.0
- v0.14.0
- v0.13.0
- v0.12.0
- v0.11.0
- v0.10.0
- v0.1.0