File git-setup-overflow.diff of Package git

From: Greg Brockman <gdb@MIT.EDU>
Date: Tue, 20 Jul 2010 04:46:21 +0000 (-0400)
Subject: Check size of path buffer before writing into it
X-Git-Tag: v1.7.1.2~4
X-Git-Url: http://git.kernel.org/?p=git%2Fgit.git;a=commitdiff_plain;h=3c9d0414ed2db0167e6c828b547be8fc9f88fccc;hp=c173dad58787a7f11a526dbcdaa5a2fe9ff1c87f

Check size of path buffer before writing into it

This prevents a buffer overrun that could otherwise be triggered by
creating a file called '.git' with contents

  gitdir: (something really long)

Signed-off-by: Greg Brockman <gdb@mit.edu>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---

diff --git a/setup.c b/setup.c
index 0e4cfe6..3bb0461 100644
--- a/setup.c
+++ b/setup.c
@@ -170,6 +170,8 @@ static int is_git_directory(const char *suspect)
 	char path[PATH_MAX];
 	size_t len = strlen(suspect);
 
+	if (PATH_MAX <= len + strlen("/objects"))
+		die("Too long path: %.*s", 60, suspect);
 	strcpy(path, suspect);
 	if (getenv(DB_ENVIRONMENT)) {
 		if (access(getenv(DB_ENVIRONMENT), X_OK))