git/builtin
Eric Sunshine 0c3db67cc8 hash-object --literally: fix buffer overrun with extra-long object type
"hash-object" learned in 5ba9a93 (hash-object: add --literally
option, 2014-09-11) to allow crafting a corrupt/broken object of
unknown type.

When the user-provided type is particularly long, however, it can
overflow the relatively small stack-based character array handed to
write_sha1_file_prepare() by hash_sha1_file() and write_sha1_file(),
leading to stack corruption (and crash).  Introduce a custom helper
to allow arbitrarily long typenames just for "hash-object --literally".

[jc: Eric's original used a strbuf in the more common codepaths, and
I rewrote it to avoid penalizing the non-literally code. Bugs are mine]

Signed-off-by: Eric Sunshine <sunshine@sunshineco.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-05-05 10:14:18 -07:00
..
add.c run-command: introduce CHILD_PROCESS_INIT 2014-08-20 09:53:37 -07:00
annotate.c annotate: use argv_array 2014-07-16 11:10:11 -07:00
apply.c Merge branch 'ta/config-set-2' 2014-09-11 10:33:26 -07:00
archive.c replace {pre,suf}fixcmp() with {starts,ends}_with() 2013-12-05 14:13:21 -08:00
bisect--helper.c Replace deprecated OPT_BOOLEAN by OPT_BOOL 2013-08-05 11:32:19 -07:00
blame.c Merge branch 'sb/blame-msg-i18n' 2014-09-09 12:54:03 -07:00
branch.c Merge branch 'sb/prepare-revision-walk-error-check' 2014-09-09 12:54:03 -07:00
bundle.c
cat-file.c Merge branch 'jk/warn-on-object-refname-ambiguity' 2014-03-25 11:07:36 -07:00
check-attr.c Merge branch 'jc/check-attr-honor-working-tree' into maint 2014-03-18 14:03:03 -07:00
check-ignore.c Merge branch 'dw/check-ignore-sans-index' 2013-09-20 12:37:32 -07:00
check-mailmap.c builtin: add git-check-mailmap command 2013-07-13 10:19:37 -07:00
check-ref-format.c
checkout-index.c entry.c: update cache_changed if refresh_cache is set in checkout_entry() 2014-06-13 11:49:39 -07:00
checkout.c Merge branch 'dt/cache-tree-repair' 2014-09-11 10:33:32 -07:00
clean.c Merge branch 'rs/clean-menu-item-defn' 2014-09-09 12:54:06 -07:00
clone.c Merge branch 'sb/plug-leaks' 2014-09-09 12:54:02 -07:00
column.c replace {pre,suf}fixcmp() with {starts,ends}_with() 2013-12-05 14:13:21 -08:00
commit-tree.c commit_tree: take a pointer/len pair rather than a const strbuf 2014-06-12 10:29:41 -07:00
commit.c Merge branch 'dt/cache-tree-repair' 2014-09-11 10:33:32 -07:00
config.c Merge branch 'mm/config-edit-global' 2014-09-02 13:23:20 -07:00
count-objects.c count-objects: add -H option to humanize sizes 2013-04-10 13:27:26 -07:00
credential.c
describe.c hashmap: add simplified hashmap_get_from_hash() API 2014-07-07 13:56:35 -07:00
diff-files.c convert read_cache_preload() to take struct pathspec 2013-07-15 10:56:08 -07:00
diff-index.c convert read_cache_preload() to take struct pathspec 2013-07-15 10:56:08 -07:00
diff-tree.c diff-tree: avoid lookup_unknown_object 2014-07-28 10:14:34 -07:00
diff.c Merge branch 'tg/diff-no-index-refactor' 2013-12-27 14:58:17 -08:00
fast-export.c Merge branch 'jk/commit-buffer-length' 2014-07-02 12:53:02 -07:00
fetch-pack.c Merge branch 'nd/shallow-clone' 2014-01-17 12:21:20 -08:00
fetch.c fetch: silence git-gc if --quiet is given 2014-08-18 10:14:19 -07:00
fmt-merge-msg.c Merge branch 'jk/xstrfmt' 2014-07-09 11:34:05 -07:00
for-each-ref.c use commit_list_count() to count the members of commit_lists 2014-07-17 13:36:25 -07:00
fsck.c refs.c: add a public is_branch function 2014-07-16 13:06:41 -07:00
gc.c builtin/gc.c: replace git_config() with git_config_get_*() family 2014-08-07 13:33:28 -07:00
get-tar-commit-id.c stop installing git-tar-tree link 2013-12-03 12:35:22 -08:00
grep.c Merge branch 'sk/spawn-less-case-insensitively-from-grep-O-i' into maint 2014-06-25 11:47:49 -07:00
hash-object.c hash-object --literally: fix buffer overrun with extra-long object type 2015-05-05 10:14:18 -07:00
help.c run-command: introduce CHILD_PROCESS_INIT 2014-08-20 09:53:37 -07:00
index-pack.c Merge branch 'maint' 2014-07-21 12:35:39 -07:00
init-db.c Merge branch 'rs/strbuf-getcwd' 2014-09-02 13:28:44 -07:00
log.c Merge branch 'mm/log-branch-desc-plug-leak' 2014-09-09 12:53:59 -07:00
ls-files.c pathspec: pass directory indicator to match_pathspec_item() 2014-02-24 14:37:19 -08:00
ls-remote.c builtin/ls-remote.c: rearrange xcalloc arguments 2014-05-27 14:00:43 -07:00
ls-tree.c pathspec: rename match_pathspec_depth() to match_pathspec() 2014-02-24 14:37:14 -08:00
mailinfo.c Merge branch 'rs/mailinfo-header-cmp' into maint 2014-06-25 11:48:23 -07:00
mailsplit.c mailsplit.c: remove dead code 2014-08-13 09:50:58 -07:00
merge-base.c Merge branch 'bm/merge-base-octopus-dedup' into maint 2014-02-13 13:38:59 -08:00
merge-file.c Replace deprecated OPT_BOOLEAN by OPT_BOOL 2013-08-05 11:32:19 -07:00
merge-index.c Convert "struct cache_entry *" to "const ..." wherever possible 2013-07-09 09:12:48 -07:00
merge-ours.c
merge-recursive.c replace {pre,suf}fixcmp() with {starts,ends}_with() 2013-12-05 14:13:21 -08:00
merge-tree.c merge-tree: handle directory/empty conflict correctly 2013-05-06 22:17:00 -07:00
merge.c run-command: introduce CHILD_PROCESS_INIT 2014-08-20 09:53:37 -07:00
mktag.c
mktree.c builtin/mktree.c: use ALLOC_GROW() in append_to_tree() 2014-03-03 14:54:45 -08:00
mv.c mv: no SP between function name and the first opening parenthese 2014-09-03 15:06:59 -07:00
name-rev.c use xstrfmt to replace xmalloc + strcpy/strcat 2014-06-19 15:20:54 -07:00
notes.c run-command: introduce CHILD_PROCESS_INIT 2014-08-20 09:53:37 -07:00
pack-objects.c Merge branch 'jk/pack-shallow-always-without-bitmap' 2014-08-26 11:16:25 -07:00
pack-redundant.c Fix sizeof usage in get_permutations 2012-12-13 11:13:44 -08:00
pack-refs.c pack-refs: merge code from pack-refs.{c,h} into refs.{c,h} 2013-05-01 15:33:11 -07:00
patch-id.c patch-id: make it stable against hunk reordering 2014-06-10 13:09:24 -07:00
prune-packed.c i18n: mark all progress lines for translation 2014-02-24 09:08:37 -08:00
prune.c Merge branch 'mh/replace-refs-variable-rename' 2014-03-14 14:27:06 -07:00
push.c refactor skip_prefix to return a boolean 2014-06-20 10:44:43 -07:00
read-tree.c read-tree: note about dropping split-index mode or index version 2014-06-13 11:49:41 -07:00
receive-pack.c Merge branch 'rs/ref-transaction-1' 2014-09-11 10:33:31 -07:00
reflog.c refs.c: add new functions reflog_exists and delete_reflog 2014-05-08 14:31:43 -07:00
remote-ext.c run-command: introduce CHILD_PROCESS_INIT 2014-08-20 09:53:37 -07:00
remote-fd.c
remote.c Merge branch 'bg/xcalloc-nmemb-then-size' into maint 2014-07-22 10:25:17 -07:00
repack.c run-command: introduce CHILD_PROCESS_INIT 2014-08-20 09:53:37 -07:00
replace.c Merge branch 'rs/ref-transaction-1' 2014-09-11 10:33:31 -07:00
rerere.c rerere: fix for merge.conflictstyle 2014-04-30 10:30:02 -07:00
reset.c Merge branch 'nd/split-index' 2014-07-16 11:25:40 -07:00
rev-list.c commit: record buffer length in cache 2014-06-13 12:09:38 -07:00
rev-parse.c Merge branch 'rs/strbuf-getcwd' 2014-09-02 13:28:44 -07:00
revert.c parse-options: multi-word argh should use dash to separate words 2014-03-24 10:43:34 -07:00
rm.c read-cache: new API write_locked_index instead of write_index/write_cache 2014-06-13 11:49:10 -07:00
send-pack.c Merge branch 'nd/shallow-clone' 2014-01-17 12:21:20 -08:00
shortlog.c replace {pre,suf}fixcmp() with {starts,ends}_with() 2013-12-05 14:13:21 -08:00
show-branch.c Merge branch 'jk/misc-fixes-maint' 2014-07-28 11:30:41 -07:00
show-ref.c replace {pre,suf}fixcmp() with {starts,ends}_with() 2013-12-05 14:13:21 -08:00
stripspace.c builtin/stripspace.c: fix broken indentation 2013-09-06 13:33:17 -07:00
symbolic-ref.c replace {pre,suf}fixcmp() with {starts,ends}_with() 2013-12-05 14:13:21 -08:00
tag.c Merge branch 'rs/ref-transaction-1' 2014-09-11 10:33:31 -07:00
unpack-file.c
unpack-objects.c Merge branch 'mh/replace-refs-variable-rename' 2014-03-14 14:27:06 -07:00
update-index.c Merge branch 'nd/split-index' 2014-07-16 11:25:40 -07:00
update-ref.c update-ref --stdin: pass transaction around explicitly 2014-09-03 10:04:19 -07:00
update-server-info.c i18n: update-server-info: mark parseopt strings for translation 2012-08-22 10:58:29 -07:00
upload-archive.c replace {pre,suf}fixcmp() with {starts,ends}_with() 2013-12-05 14:13:21 -08:00
var.c
verify-commit.c verify-commit: scriptable commit signature verification 2014-06-23 15:50:31 -07:00
verify-pack.c run-command: introduce CHILD_PROCESS_INIT 2014-08-20 09:53:37 -07:00
verify-tag.c gpg_interface: allow to request status return 2013-02-14 09:30:04 -08:00
write-tree.c i18n: write-tree: mark parseopt strings for translation 2012-08-22 10:58:29 -07:00