diff options
author | Russell Belfer <rb@github.com> | 2013-04-29 19:51:24 +0400 |
---|---|---|
committer | Russell Belfer <rb@github.com> | 2013-04-29 19:51:24 +0400 |
commit | 8564a0224abe09beaacb2d2e7a54b16f8fcea7d1 (patch) | |
tree | 77b4e91881dc52461aac489eeefc3c4ef701dda6 /src/oid.c | |
parent | 0c72248b9171acee7480a77edee89fa20fabdae8 (diff) |
Fix fragile git_oid_ncmp
git_oid_ncmp was making some assumptions about the length of
the data - this shifts the check to the top of the loop so it
will work more robustly, limits the max, and adds some tests
to verify the functionality.
Diffstat (limited to 'src/oid.c')
-rw-r--r-- | src/oid.c | 7 |
1 files changed, 5 insertions, 2 deletions
@@ -176,13 +176,16 @@ int git_oid_ncmp(const git_oid *oid_a, const git_oid *oid_b, size_t len) const unsigned char *a = oid_a->id; const unsigned char *b = oid_b->id; - do { + if (len > GIT_OID_HEXSZ) + len = GIT_OID_HEXSZ; + + while (len > 1) { if (*a != *b) return 1; a++; b++; len -= 2; - } while (len > 1); + }; if (len) if ((*a ^ *b) & 0xf0) |