| commit | c252785982c268e5c969900c677322744d09f52e | |
| author | Jeff King <peff@peff.net> | |
| Sat, 23 Aug 2014 05:32:37 +0000 (23 01:32 -0400) | ||
| committer | Junio C Hamano <gitster@pobox.com> | |
| Mon, 25 Aug 2014 19:20:57 +0000 (25 12:20 -0700) | ||
| tree | 23f0fdc47e95e924827fc3039351f09a482f1eca | treesnapshot (tar.gz zip) |
| parent | 3c078b9c860c7c1dbe8782aa1f79877354cbc602 | commitdiff |
fast-import: fix buffer overflow in dump_tags
When creating a new annotated tag, we sprintf the refname
into a static-sized buffer. If we have an absurdly long
tagname, like:
git init repo &&
cd repo &&
git commit --allow-empty -m foo &&
git tag -m message mytag &&
git fast-export mytag |
perl -lpe '/^tag/ and s/mytag/"a" x 8192/e' |
git fast-import <input
we'll overflow the buffer. We can fix it by using a strbuf.
Signed-off-by: Jeff King <peff@peff.net>
Reviewed-by: Michael Haggerty <mhagger@alum.mit.edu>
Reviewed-by: Ronnie Sahlberg <sahlberg@google.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
When creating a new annotated tag, we sprintf the refname
into a static-sized buffer. If we have an absurdly long
tagname, like:
git init repo &&
cd repo &&
git commit --allow-empty -m foo &&
git tag -m message mytag &&
git fast-export mytag |
perl -lpe '/^tag/ and s/mytag/"a" x 8192/e' |
git fast-import <input
we'll overflow the buffer. We can fix it by using a strbuf.
Signed-off-by: Jeff King <peff@peff.net>
Reviewed-by: Michael Haggerty <mhagger@alum.mit.edu>
Reviewed-by: Ronnie Sahlberg <sahlberg@google.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| fast-import.c | diffblobblamehistory |