diff options
| author | René Scharfe <l.s.r@web.de> | 2023-07-08 00:47:55 +0300 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2023-07-08 01:30:16 +0300 |
| commit | 3e81b896f769dfdb479363acb00bdc6b076cfd55 (patch) | |
| tree | 97313f778c6f5c790f27df7f467a3c2a6c50a209 /remote-curl.c | |
| parent | fb7d80edcae482f4fa5d4be0227dc3054734e5f3 (diff) | |
pkt-line: add size parameter to packet_length()
hex2chr() takes care not to run over the end of a NUL-terminated string.
It's used in packet_length(), but both callers of that function pass a
four-byte buffer, making NUL-checks unnecessary. packet_length() could
accidentally be used with a pointer to a buffer of unknown size at new
call-sites, though, and the compiler wouldn't complain.
Add a size parameter plus check, and remove the NUL-checks by calling
hexval() directly. This trades three NUL checks against one size check
and the ability to report the use of a short buffer at runtime.
If any of the four bytes is NUL or -- more generally -- not a
hexadecimal digit, then packet_length() still returns a negative value.
Signed-off-by: René Scharfe <l.s.r@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'remote-curl.c')
| -rw-r--r-- | remote-curl.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/remote-curl.c b/remote-curl.c index acf7b2bb40..143318658e 100644 --- a/remote-curl.c +++ b/remote-curl.c @@ -763,7 +763,8 @@ static void check_pktline(struct check_pktline_state *state, const char *ptr, si size -= digits_remaining; if (state->len_filled == 4) { - state->remaining = packet_length(state->len_buf); + state->remaining = packet_length(state->len_buf, + sizeof(state->len_buf)); if (state->remaining < 0) { die(_("remote-curl: bad line length character: %.4s"), state->len_buf); } else if (state->remaining == 2) { |