-
Show log
Commit
-
Hash : 608cb07d
Author :
Date : 2019-10-19T16:48:11
patch_parse: fix out-of-bounds read with No-NL lines We've got two locations where we copy lines into the patch. The first one is when copying normal " ", "-" or "+" lines, while the second location gets executed when we copy "\ No newline at end of file" lines. While the first one correctly uses `git__strndup` to copy only until the newline, the other one doesn't. Thus, if the line occurs at the end of the patch and if there is no terminating NUL character, then it may result in an out-of-bounds read. Fix the issue by using `git__strndup`, as was already done in the other location. Furthermore, add allocation checks to both locations to detect out-of-memory situations.
-
Files
- CMakeLists.txt
- README.md
- apply/
- attr/
- blame/
- buf/
- checkout/
- cherrypick/
- clar.c
- clar.h
- clar/
- clar_libgit2.c
- clar_libgit2.h
- clar_libgit2_timer.c
- clar_libgit2_timer.h
- clar_libgit2_trace.c
- clar_libgit2_trace.h
- clone/
- commit/
- config/
- core/
- date/
- delta/
- describe/
- diff/
- fetchhead/
- filter/
- generate.py
- graph/
- index/
- iterator/
- mailmap/
- main.c
- merge/
- message/
- network/
- notes/
- object/
- odb/
- online/
- pack/
- patch/
- path/
- perf/
- precompiled.c
- precompiled.h
- rebase/
- refs/
- remote/
- repo/
- reset/
- resources/
- revert/
- revwalk/
- stash/
- status/
- stream/
- stress/
- submodule/
- threads/
- trace/
- transport/
- transports/
- valgrind-supp-mac.txt
- win32/
- worktree/
-
Properties
-
Git HTTP https://git.kmx.io/thodg/libgit2.git Git SSH git@git.kmx.io:thodg/libgit2.git Public access ? public Description Users
Tags - v1.5.0
- v1.4.4
- v1.4.3
- v1.4.2
- v1.4.1
- v1.4.0
- v1.3.2
- v1.3.1
- v1.3.0
- v1.2.0
- v1.1.1
- v1.1.0
- v1.0.1
- v1.0.0
- v0.99.0
- v0.8.0
- v0.3.0
- v0.28.5
- v0.28.4
- v0.28.3
- v0.28.2
- v0.28.1
- v0.28.0-rc1
- v0.28.0
- v0.27.9
- v0.27.8
- v0.27.7
- v0.27.6
- v0.27.5
- v0.27.4
- v0.27.3
- v0.27.2
- v0.27.10
- v0.27.1
- v0.27.0-rc3
- v0.27.0-rc2
- v0.27.0-rc1
- v0.27.0
- v0.26.8
- v0.26.7
- v0.26.6
- v0.26.5
- v0.26.4
- v0.26.3
- v0.26.2
- v0.26.1
- v0.26.0-rc2
- v0.26.0-rc1
- v0.26.0
- v0.25.1
- v0.25.0-rc2
- v0.25.0-rc1
- v0.25.0
- v0.24.6
- v0.24.5
- v0.24.4
- v0.24.3
- v0.24.2
- v0.24.1
- v0.24.0-rc1
- v0.24.0
- v0.23.4
- v0.23.3
- v0.23.2
- v0.23.1
- v0.23.0-rc2
- v0.23.0-rc1
- v0.23.0
- v0.22.3
- v0.22.2
- v0.22.1
- v0.22.0-rc2
- v0.22.0-rc1
- v0.22.0
- v0.21.5
- v0.21.4
- v0.21.3
- v0.21.2
- v0.21.1
- v0.21.0-rc2
- v0.21.0-rc1
- v0.21.0
- v0.20.0
- v0.2.0
- v0.19.0
- v0.18.0
- v0.17.0
- v0.16.0
- v0.15.0
- v0.14.0
- v0.13.0
- v0.12.0
- v0.11.0
- v0.10.0
- v0.1.0
-
README.md
-
Writing Clar tests for libgit2
For information on the Clar testing framework and a detailed introduction please visit:
-
Write your modules and tests. Use good, meaningful names.
-
Make sure you actually build the tests by setting:
cmake -DBUILD_CLAR=ON build/ -
Test:
./build/libgit2_clar -
Make sure everything is fine.
-
Send your pull request. That’s it.
-