From f265458f6116a0c03200477ae3b839f2a75bf0fa Mon Sep 17 00:00:00 2001 From: Johannes Schindelin Date: Wed, 28 Jan 2009 00:07:46 +0100 Subject: [PATCH 1/2] get_sha1_basic(): fix invalid memory access, found by valgrind When get_sha1_basic() is passed a buffer of len 0, it should not check if buf[len-1] is a curly bracket. Signed-off-by: Johannes Schindelin Signed-off-by: Junio C Hamano --- sha1_name.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sha1_name.c b/sha1_name.c index 75a5a7e96f..c4fdaded01 100644 --- a/sha1_name.c +++ b/sha1_name.c @@ -309,7 +309,7 @@ static int get_sha1_basic(const char *str, int len, unsigned char *sha1) /* basic@{time or number} format to query ref-log */ reflog_len = at = 0; - if (str[len-1] == '}') { + if (len && str[len-1] == '}') { for (at = 0; at < len - 1; at++) { if (str[at] == '@' && str[at+1] == '{') { reflog_len = (len-1) - (at+2); From b8469ad0578d6b84ec92752a5f8df3ca5828af77 Mon Sep 17 00:00:00 2001 From: Johannes Schindelin Date: Wed, 28 Jan 2009 00:07:36 +0100 Subject: [PATCH 2/2] test-path-utils: Fix off by one, found by valgrind When normalizing an absolute path, we might have to add a slash _and_ a NUL to the buffer, so the buffer was one too small. Let's just future proof the code and alloc PATH_MAX + 1 bytes. Signed-off-by: Johannes Schindelin Signed-off-by: Junio C Hamano --- test-path-utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test-path-utils.c b/test-path-utils.c index a0bcb0e210..2c0f5a37e8 100644 --- a/test-path-utils.c +++ b/test-path-utils.c @@ -3,7 +3,7 @@ int main(int argc, char **argv) { if (argc == 3 && !strcmp(argv[1], "normalize_absolute_path")) { - char *buf = xmalloc(strlen(argv[2])+1); + char *buf = xmalloc(PATH_MAX + 1); int rv = normalize_absolute_path(buf, argv[2]); assert(strlen(buf) == rv); puts(buf);