kernel
/
git
mirror of https://git.kernel.org/pub/scm/git/git.git
1
0
Fork 0
Code Releases Activity
Browse Source

packfile: fix off-by-one error in decoding logic 

shift count being exactly at 7-bit smaller than the long is OK; on
32-bit architecture, shift count starts at 4 and goes through 11, 18
and 25, at which point the guard triggers one iteration too early.

Reported-by: Marc Strapetz <marc.strapetz@syntevo.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
maint
Junio C Hamano 3 years ago
parent
34de5b8eac
commit
a5c97b0164
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      packfile.c

2
packfile.c
Unescape View File

@ -1067,7 +1067,7 @@ unsigned long unpack_object_header_buffer(const unsigned char *buf, @@ -1067,7 +1067,7 @@ unsigned long unpack_object_header_buffer(const unsigned char *buf,
size = c & 15;
shift = 4;
while (c & 0x80) {
if (len <= used || (bitsizeof(long) - 7) <= shift) {
if (len <= used || (bitsizeof(long) - 7) < shift) {
error("bad object header");
size = used = 0;
break;

Write Preview
Loading…
Cancel
Save