diff options
author | Jeff King <peff@peff.net> | 2023-10-10 00:05:27 +0300 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2023-10-10 01:55:01 +0300 |
commit | 0924869b4e27ff9db63e2d85b892244e058fecc3 (patch) | |
tree | f0e527cbee545a672e619a54595fa4bd56557adb /midx.h | |
parent | c9b9fefc13ccce7ed248488c982d1da38b0905c7 (diff) |
midx: check size of object offset chunk
The object offset chunk has one fixed-size entry for each object in the
midx. But since we don't check its size, we may access out-of-bounds
memory if we see a corrupt or malicious midx file.
Sine the entries are fixed-size, the total length can be known up-front,
and we can just check it while parsing the chunk (this is similar to
what we do when opening pack idx files, which contain a similar offset
table).
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'midx.h')
0 files changed, 0 insertions, 0 deletions