-
Show log
Commit
-
Hash : bc349045
Author :
Date : 2018-08-09T10:38:10
smart_pkt: fix buffer overflow when parsing "ACK" packets We are being quite lenient when parsing "ACK" packets. First, we didn't correctly verify that we're not overrunning the provided buffer length, which we fix here by using `git__prefixncmp` instead of `git__prefixcmp`. Second, we do not verify that the actual contents make any sense at all, as we simply ignore errors when parsing the ACKs OID and any unknown status strings. This may result in a parsed packet structure with invalid contents, which is being silently passed to the caller. This is being fixed by performing proper input validation and checking of return codes.
-
Files
- CMakeLists.txt
- README.md
- apply/
- attr/
- blame/
- buf/
- checkout/
- cherrypick/
- clar.c
- clar.h
- clar/
- clar_libgit2.c
- clar_libgit2.h
- clar_libgit2_timer.c
- clar_libgit2_timer.h
- clar_libgit2_trace.c
- clar_libgit2_trace.h
- clone/
- commit/
- config/
- core/
- date/
- delta/
- describe/
- diff/
- fetchhead/
- filter/
- generate.py
- graph/
- index/
- iterator/
- mailmap/
- main.c
- merge/
- message/
- network/
- notes/
- object/
- odb/
- online/
- pack/
- patch/
- path/
- perf/
- precompiled.c
- precompiled.h
- rebase/
- refs/
- remote/
- repo/
- reset/
- resources/
- revert/
- revwalk/
- stash/
- status/
- stress/
- submodule/
- threads/
- trace/
- transport/
- transports/
- valgrind-supp-mac.txt
- win32/
- worktree/
-
Properties
-
Git HTTP https://git.kmx.io/thodg/libgit2.git Git SSH git@git.kmx.io:thodg/libgit2.git Public access ? public Description Users
Tags - v1.5.0
- v1.4.4
- v1.4.3
- v1.4.2
- v1.4.1
- v1.4.0
- v1.3.2
- v1.3.1
- v1.3.0
- v1.2.0
- v1.1.1
- v1.1.0
- v1.0.1
- v1.0.0
- v0.99.0
- v0.8.0
- v0.3.0
- v0.28.5
- v0.28.4
- v0.28.3
- v0.28.2
- v0.28.1
- v0.28.0-rc1
- v0.28.0
- v0.27.9
- v0.27.8
- v0.27.7
- v0.27.6
- v0.27.5
- v0.27.4
- v0.27.3
- v0.27.2
- v0.27.10
- v0.27.1
- v0.27.0-rc3
- v0.27.0-rc2
- v0.27.0-rc1
- v0.27.0
- v0.26.8
- v0.26.7
- v0.26.6
- v0.26.5
- v0.26.4
- v0.26.3
- v0.26.2
- v0.26.1
- v0.26.0-rc2
- v0.26.0-rc1
- v0.26.0
- v0.25.1
- v0.25.0-rc2
- v0.25.0-rc1
- v0.25.0
- v0.24.6
- v0.24.5
- v0.24.4
- v0.24.3
- v0.24.2
- v0.24.1
- v0.24.0-rc1
- v0.24.0
- v0.23.4
- v0.23.3
- v0.23.2
- v0.23.1
- v0.23.0-rc2
- v0.23.0-rc1
- v0.23.0
- v0.22.3
- v0.22.2
- v0.22.1
- v0.22.0-rc2
- v0.22.0-rc1
- v0.22.0
- v0.21.5
- v0.21.4
- v0.21.3
- v0.21.2
- v0.21.1
- v0.21.0-rc2
- v0.21.0-rc1
- v0.21.0
- v0.20.0
- v0.2.0
- v0.19.0
- v0.18.0
- v0.17.0
- v0.16.0
- v0.15.0
- v0.14.0
- v0.13.0
- v0.12.0
- v0.11.0
- v0.10.0
- v0.1.0
-
README.md
-
Writing Clar tests for libgit2
For information on the Clar testing framework and a detailed introduction please visit:
-
Write your modules and tests. Use good, meaningful names.
-
Make sure you actually build the tests by setting:
cmake -DBUILD_CLAR=ON build/ -
Test:
./build/libgit2_clar -
Make sure everything is fine.
-
Send your pull request. That’s it.
-