Welcome to mirror list, hosted at ThFree Co, Russian Federation.

git.kernel.org/pub/scm/git/git.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJim Meyering <jim@meyering.net>2007-02-27 02:11:35 +0300
committerJunio C Hamano <junkio@cox.net>2007-02-27 12:03:37 +0300
commitee24ee55c28e46b502e4e2d219feced5a5d67e6b (patch)
tree02f9355fc287fc355f51cfdd51fa52bfcd890b04 /builtin-mailinfo.c
parent34fc5cefa7068492d5103b40dca1b55f69986eb8 (diff)
diff --cc: integer overflow given a 2GB-or-larger file
Few of us use git to compare or even version-control 2GB files, but when we do, we'll want it to work. Reading a recent patch, I noticed two lines like this: int len = st.st_size; Instead of "int", that should be "size_t". Otherwise, in the non-symlink case, with 64-bit size_t, if the file's size is 2GB, the following xmalloc will fail: result = xmalloc(len + 1); trying to allocate 2^64 - 2^31 + 1 bytes (assuming sign-extension in the int-to-size_t promotion). And even if it didn't fail, the subsequent "result[len] = 0;" would be equivalent to an unpleasant "result[-2147483648] = 0;" The other nearby "int"-declared size variable, sz, should also be of type size_t, for the same reason. If sz ever wraps around and becomes negative, xread will corrupt memory _before_ the "result" buffer. Signed-off-by: Jim Meyering <jim@meyering.net> Signed-off-by: Junio C Hamano <junkio@cox.net>
Diffstat (limited to 'builtin-mailinfo.c')
0 files changed, 0 insertions, 0 deletions