From: Jeff King <peff@peff.net>
To: Thomas Jarosch <thomas.jarosch@intra2net.com>
Cc: Junio C Hamano <gitster@pobox.com>,
Nguyen Thai Ngoc Duy <pclouds@gmail.com>,
Johannes Sixt <j.sixt@viscovery.net>,
git@vger.kernel.org
Subject: Re: [PATCH] setup_revisions(): do not access outside argv
Date: Fri, 22 May 2009 04:02:58 -0400 [thread overview]
Message-ID: <20090522080258.GD1409@coredump.intra.peff.net> (raw)
In-Reply-To: <20090522075620.GC1409@coredump.intra.peff.net>
On Fri, May 22, 2009 at 03:56:20AM -0400, Jeff King wrote:
> Yeah, it is fine because it just passes the result to prep_temp_blob,
> which respects the length. I don't know if it is worth making it more
> safe (arguably it should just be using strbuf_readlink anyway, but that
> does introduce an extra malloc).
And here is the strbuf_readlink version, which actually does make the
source shorter and easier to read.
-- >8 --
Subject: [PATCH] convert bare readlink to strbuf_readlink
This particular readlink call never NUL-terminated its
result, making it a potential source of bugs (though there
is no bug now, as it currently always respects the length
field). Let's just switch it to strbuf_readlink which is
shorter and less error-prone.
Signed-off-by: Jeff King <peff@peff.net>
---
diff.c | 10 +++-------
1 files changed, 3 insertions(+), 7 deletions(-)
diff --git a/diff.c b/diff.c
index f06876b..ffbe5c4 100644
--- a/diff.c
+++ b/diff.c
@@ -2014,14 +2014,10 @@ static struct diff_tempfile *prepare_temp_file(const char *name,
die("stat(%s): %s", name, strerror(errno));
}
if (S_ISLNK(st.st_mode)) {
- int ret;
- char buf[PATH_MAX + 1]; /* ought to be SYMLINK_MAX */
- ret = readlink(name, buf, sizeof(buf));
- if (ret < 0)
+ struct strbuf sb = STRBUF_INIT;
+ if (strbuf_readlink(&sb, name, st.st_size) < 0)
die("readlink(%s)", name);
- if (ret == sizeof(buf))
- die("symlink too long: %s", name);
- prep_temp_blob(name, temp, buf, ret,
+ prep_temp_blob(name, temp, sb.buf, sb.len,
(one->sha1_valid ?
one->sha1 : null_sha1),
(one->sha1_valid ?
--
1.6.3.1.179.gec578.dirty
next prev parent reply other threads:[~2009-05-22 8:03 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-20 8:08 [PATCH] setup_revisions(): do not access outside argv Nguyễn Thái Ngọc Duy
2009-05-20 8:15 ` Johannes Sixt
2009-05-20 8:23 ` Nguyen Thai Ngoc Duy
2009-05-21 1:58 ` Junio C Hamano
2009-05-21 2:38 ` Miles Bader
2009-05-21 2:41 ` Nguyen Thai Ngoc Duy
2009-05-21 4:18 ` Jeff King
2009-05-21 18:02 ` Thomas Jarosch
2009-05-22 7:56 ` Jeff King
2009-05-22 8:02 ` Jeff King [this message]
2009-05-22 14:23 ` Thomas Jarosch
2009-05-22 15:33 ` Brandon Casey
2009-05-22 15:34 ` Jeff King
2009-05-25 10:46 ` [PATCH] convert bare readlink to strbuf_readlink Jeff King
2009-05-25 22:23 ` Junio C Hamano
[not found] ` <20090602195605.6117@nanako3.lavabit.com>
2009-06-02 13:57 ` [PATCH] setup_revisions(): do not access outside argv Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090522080258.GD1409@coredump.intra.peff.net \
--to=peff@peff.net \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=j.sixt@viscovery.net \
--cc=pclouds@gmail.com \
--cc=thomas.jarosch@intra2net.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).